xref: /openbmc/linux/net/core/secure_seq.c (revision 8730046c) 
1 #include <linux/kernel.h>
2 #include <linux/init.h>
3 #include <linux/cryptohash.h>
4 #include <linux/module.h>
5 #include <linux/cache.h>
6 #include <linux/random.h>
7 #include <linux/hrtimer.h>
8 #include <linux/ktime.h>
9 #include <linux/string.h>
10 #include <linux/net.h>
11 
12 #include <net/secure_seq.h>
13 
14 #if IS_ENABLED(CONFIG_IPV6) || IS_ENABLED(CONFIG_INET)
15 #include <net/tcp.h>
16 #define NET_SECRET_SIZE (MD5_MESSAGE_BYTES / 4)
17 
18 static u32 net_secret[NET_SECRET_SIZE] ____cacheline_aligned;
19 
20 static __always_inline void net_secret_init(void)
21 {
22 	net_get_random_once(net_secret, sizeof(net_secret));
23 }
24 #endif
25 
26 #ifdef CONFIG_INET
27 static u32 seq_scale(u32 seq)
28 {
29 	/*
30 	 *	As close as possible to RFC 793, which
31 	 *	suggests using a 250 kHz clock.
32 	 *	Further reading shows this assumes 2 Mb/s networks.
33 	 *	For 10 Mb/s Ethernet, a 1 MHz clock is appropriate.
34 	 *	For 10 Gb/s Ethernet, a 1 GHz clock should be ok, but
35 	 *	we also need to limit the resolution so that the u32 seq
36 	 *	overlaps less than one time per MSL (2 minutes).
37 	 *	Choosing a clock of 64 ns period is OK. (period of 274 s)
38 	 */
39 	return seq + (ktime_get_real_ns() >> 6);
40 }
41 #endif
42 
43 #if IS_ENABLED(CONFIG_IPV6)
44 u32 secure_tcpv6_sequence_number(const __be32 *saddr, const __be32 *daddr,
45 				 __be16 sport, __be16 dport, u32 *tsoff)
46 {
47 	u32 secret[MD5_MESSAGE_BYTES / 4];
48 	u32 hash[MD5_DIGEST_WORDS];
49 	u32 i;
50 
51 	net_secret_init();
52 	memcpy(hash, saddr, 16);
53 	for (i = 0; i < 4; i++)
54 		secret[i] = net_secret[i] + (__force u32)daddr[i];
55 	secret[4] = net_secret[4] +
56 		(((__force u16)sport << 16) + (__force u16)dport);
57 	for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
58 		secret[i] = net_secret[i];
59 
60 	md5_transform(hash, secret);
61 
62 	*tsoff = sysctl_tcp_timestamps == 1 ? hash[1] : 0;
63 	return seq_scale(hash[0]);
64 }
65 EXPORT_SYMBOL(secure_tcpv6_sequence_number);
66 
67 u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
68 			       __be16 dport)
69 {
70 	u32 secret[MD5_MESSAGE_BYTES / 4];
71 	u32 hash[MD5_DIGEST_WORDS];
72 	u32 i;
73 
74 	net_secret_init();
75 	memcpy(hash, saddr, 16);
76 	for (i = 0; i < 4; i++)
77 		secret[i] = net_secret[i] + (__force u32) daddr[i];
78 	secret[4] = net_secret[4] + (__force u32)dport;
79 	for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
80 		secret[i] = net_secret[i];
81 
82 	md5_transform(hash, secret);
83 
84 	return hash[0];
85 }
86 EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
87 #endif
88 
89 #ifdef CONFIG_INET
90 
91 u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
92 			       __be16 sport, __be16 dport, u32 *tsoff)
93 {
94 	u32 hash[MD5_DIGEST_WORDS];
95 
96 	net_secret_init();
97 	hash[0] = (__force u32)saddr;
98 	hash[1] = (__force u32)daddr;
99 	hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
100 	hash[3] = net_secret[15];
101 
102 	md5_transform(hash, net_secret);
103 
104 	*tsoff = sysctl_tcp_timestamps == 1 ? hash[1] : 0;
105 	return seq_scale(hash[0]);
106 }
107 
108 u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
109 {
110 	u32 hash[MD5_DIGEST_WORDS];
111 
112 	net_secret_init();
113 	hash[0] = (__force u32)saddr;
114 	hash[1] = (__force u32)daddr;
115 	hash[2] = (__force u32)dport ^ net_secret[14];
116 	hash[3] = net_secret[15];
117 
118 	md5_transform(hash, net_secret);
119 
120 	return hash[0];
121 }
122 EXPORT_SYMBOL_GPL(secure_ipv4_port_ephemeral);
123 #endif
124 
125 #if IS_ENABLED(CONFIG_IP_DCCP)
126 u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
127 				__be16 sport, __be16 dport)
128 {
129 	u32 hash[MD5_DIGEST_WORDS];
130 	u64 seq;
131 
132 	net_secret_init();
133 	hash[0] = (__force u32)saddr;
134 	hash[1] = (__force u32)daddr;
135 	hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
136 	hash[3] = net_secret[15];
137 
138 	md5_transform(hash, net_secret);
139 
140 	seq = hash[0] | (((u64)hash[1]) << 32);
141 	seq += ktime_get_real_ns();
142 	seq &= (1ull << 48) - 1;
143 
144 	return seq;
145 }
146 EXPORT_SYMBOL(secure_dccp_sequence_number);
147 
148 #if IS_ENABLED(CONFIG_IPV6)
149 u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
150 				  __be16 sport, __be16 dport)
151 {
152 	u32 secret[MD5_MESSAGE_BYTES / 4];
153 	u32 hash[MD5_DIGEST_WORDS];
154 	u64 seq;
155 	u32 i;
156 
157 	net_secret_init();
158 	memcpy(hash, saddr, 16);
159 	for (i = 0; i < 4; i++)
160 		secret[i] = net_secret[i] + (__force u32)daddr[i];
161 	secret[4] = net_secret[4] +
162 		(((__force u16)sport << 16) + (__force u16)dport);
163 	for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
164 		secret[i] = net_secret[i];
165 
166 	md5_transform(hash, secret);
167 
168 	seq = hash[0] | (((u64)hash[1]) << 32);
169 	seq += ktime_get_real_ns();
170 	seq &= (1ull << 48) - 1;
171 
172 	return seq;
173 }
174 EXPORT_SYMBOL(secure_dccpv6_sequence_number);
175 #endif
176 #endif
177