xref: /openbmc/linux/net/core/secure_seq.c (revision 8a10bc9d) 
1 #include <linux/kernel.h>
2 #include <linux/init.h>
3 #include <linux/cryptohash.h>
4 #include <linux/module.h>
5 #include <linux/cache.h>
6 #include <linux/random.h>
7 #include <linux/hrtimer.h>
8 #include <linux/ktime.h>
9 #include <linux/string.h>
10 #include <linux/net.h>
11 
12 #include <net/secure_seq.h>
13 
14 #if IS_ENABLED(CONFIG_IPV6) || IS_ENABLED(CONFIG_INET)
15 #define NET_SECRET_SIZE (MD5_MESSAGE_BYTES / 4)
16 
17 static u32 net_secret[NET_SECRET_SIZE] ____cacheline_aligned;
18 
19 static __always_inline void net_secret_init(void)
20 {
21 	net_get_random_once(net_secret, sizeof(net_secret));
22 }
23 #endif
24 
25 #ifdef CONFIG_INET
26 static u32 seq_scale(u32 seq)
27 {
28 	/*
29 	 *	As close as possible to RFC 793, which
30 	 *	suggests using a 250 kHz clock.
31 	 *	Further reading shows this assumes 2 Mb/s networks.
32 	 *	For 10 Mb/s Ethernet, a 1 MHz clock is appropriate.
33 	 *	For 10 Gb/s Ethernet, a 1 GHz clock should be ok, but
34 	 *	we also need to limit the resolution so that the u32 seq
35 	 *	overlaps less than one time per MSL (2 minutes).
36 	 *	Choosing a clock of 64 ns period is OK. (period of 274 s)
37 	 */
38 	return seq + (ktime_to_ns(ktime_get_real()) >> 6);
39 }
40 #endif
41 
42 #if IS_ENABLED(CONFIG_IPV6)
43 __u32 secure_tcpv6_sequence_number(const __be32 *saddr, const __be32 *daddr,
44 				   __be16 sport, __be16 dport)
45 {
46 	u32 secret[MD5_MESSAGE_BYTES / 4];
47 	u32 hash[MD5_DIGEST_WORDS];
48 	u32 i;
49 
50 	net_secret_init();
51 	memcpy(hash, saddr, 16);
52 	for (i = 0; i < 4; i++)
53 		secret[i] = net_secret[i] + (__force u32)daddr[i];
54 	secret[4] = net_secret[4] +
55 		(((__force u16)sport << 16) + (__force u16)dport);
56 	for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
57 		secret[i] = net_secret[i];
58 
59 	md5_transform(hash, secret);
60 
61 	return seq_scale(hash[0]);
62 }
63 EXPORT_SYMBOL(secure_tcpv6_sequence_number);
64 
65 u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
66 			       __be16 dport)
67 {
68 	u32 secret[MD5_MESSAGE_BYTES / 4];
69 	u32 hash[MD5_DIGEST_WORDS];
70 	u32 i;
71 
72 	net_secret_init();
73 	memcpy(hash, saddr, 16);
74 	for (i = 0; i < 4; i++)
75 		secret[i] = net_secret[i] + (__force u32) daddr[i];
76 	secret[4] = net_secret[4] + (__force u32)dport;
77 	for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
78 		secret[i] = net_secret[i];
79 
80 	md5_transform(hash, secret);
81 
82 	return hash[0];
83 }
84 EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
85 #endif
86 
87 #ifdef CONFIG_INET
88 __u32 secure_ip_id(__be32 daddr)
89 {
90 	u32 hash[MD5_DIGEST_WORDS];
91 
92 	net_secret_init();
93 	hash[0] = (__force __u32) daddr;
94 	hash[1] = net_secret[13];
95 	hash[2] = net_secret[14];
96 	hash[3] = net_secret[15];
97 
98 	md5_transform(hash, net_secret);
99 
100 	return hash[0];
101 }
102 
103 __u32 secure_ipv6_id(const __be32 daddr[4])
104 {
105 	__u32 hash[4];
106 
107 	net_secret_init();
108 	memcpy(hash, daddr, 16);
109 	md5_transform(hash, net_secret);
110 
111 	return hash[0];
112 }
113 
114 __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
115 				 __be16 sport, __be16 dport)
116 {
117 	u32 hash[MD5_DIGEST_WORDS];
118 
119 	net_secret_init();
120 	hash[0] = (__force u32)saddr;
121 	hash[1] = (__force u32)daddr;
122 	hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
123 	hash[3] = net_secret[15];
124 
125 	md5_transform(hash, net_secret);
126 
127 	return seq_scale(hash[0]);
128 }
129 
130 u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
131 {
132 	u32 hash[MD5_DIGEST_WORDS];
133 
134 	net_secret_init();
135 	hash[0] = (__force u32)saddr;
136 	hash[1] = (__force u32)daddr;
137 	hash[2] = (__force u32)dport ^ net_secret[14];
138 	hash[3] = net_secret[15];
139 
140 	md5_transform(hash, net_secret);
141 
142 	return hash[0];
143 }
144 EXPORT_SYMBOL_GPL(secure_ipv4_port_ephemeral);
145 #endif
146 
147 #if IS_ENABLED(CONFIG_IP_DCCP)
148 u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
149 				__be16 sport, __be16 dport)
150 {
151 	u32 hash[MD5_DIGEST_WORDS];
152 	u64 seq;
153 
154 	net_secret_init();
155 	hash[0] = (__force u32)saddr;
156 	hash[1] = (__force u32)daddr;
157 	hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
158 	hash[3] = net_secret[15];
159 
160 	md5_transform(hash, net_secret);
161 
162 	seq = hash[0] | (((u64)hash[1]) << 32);
163 	seq += ktime_to_ns(ktime_get_real());
164 	seq &= (1ull << 48) - 1;
165 
166 	return seq;
167 }
168 EXPORT_SYMBOL(secure_dccp_sequence_number);
169 
170 #if IS_ENABLED(CONFIG_IPV6)
171 u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
172 				  __be16 sport, __be16 dport)
173 {
174 	u32 secret[MD5_MESSAGE_BYTES / 4];
175 	u32 hash[MD5_DIGEST_WORDS];
176 	u64 seq;
177 	u32 i;
178 
179 	net_secret_init();
180 	memcpy(hash, saddr, 16);
181 	for (i = 0; i < 4; i++)
182 		secret[i] = net_secret[i] + daddr[i];
183 	secret[4] = net_secret[4] +
184 		(((__force u16)sport << 16) + (__force u16)dport);
185 	for (i = 5; i < MD5_MESSAGE_BYTES / 4; i++)
186 		secret[i] = net_secret[i];
187 
188 	md5_transform(hash, secret);
189 
190 	seq = hash[0] | (((u64)hash[1]) << 32);
191 	seq += ktime_to_ns(ktime_get_real());
192 	seq &= (1ull << 48) - 1;
193 
194 	return seq;
195 }
196 EXPORT_SYMBOL(secure_dccpv6_sequence_number);
197 #endif
198 #endif
199