提交 b09b845c 编写于 作者: A Al Viro 提交者: David S. Miller

[RANDOM]: Annotate random.h IP helpers.

Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 714e85be
...@@ -1466,8 +1466,8 @@ static __init int seqgen_init(void) ...@@ -1466,8 +1466,8 @@ static __init int seqgen_init(void)
late_initcall(seqgen_init); late_initcall(seqgen_init);
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
__u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr, __u32 secure_tcpv6_sequence_number(__be32 *saddr, __be32 *daddr,
__u16 sport, __u16 dport) __be16 sport, __be16 dport)
{ {
struct timeval tv; struct timeval tv;
__u32 seq; __u32 seq;
...@@ -1479,10 +1479,10 @@ __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr, ...@@ -1479,10 +1479,10 @@ __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr,
*/ */
memcpy(hash, saddr, 16); memcpy(hash, saddr, 16);
hash[4]=(sport << 16) + dport; hash[4]=((__force u16)sport << 16) + (__force u16)dport;
memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7); memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7);
seq = twothirdsMD4Transform(daddr, hash) & HASH_MASK; seq = twothirdsMD4Transform((const __u32 *)daddr, hash) & HASH_MASK;
seq += keyptr->count; seq += keyptr->count;
do_gettimeofday(&tv); do_gettimeofday(&tv);
...@@ -1496,7 +1496,7 @@ EXPORT_SYMBOL(secure_tcpv6_sequence_number); ...@@ -1496,7 +1496,7 @@ EXPORT_SYMBOL(secure_tcpv6_sequence_number);
/* The code below is shamelessly stolen from secure_tcp_sequence_number(). /* The code below is shamelessly stolen from secure_tcp_sequence_number().
* All blames to Andrey V. Savochkin <saw@msu.ru>. * All blames to Andrey V. Savochkin <saw@msu.ru>.
*/ */
__u32 secure_ip_id(__u32 daddr) __u32 secure_ip_id(__be32 daddr)
{ {
struct keydata *keyptr; struct keydata *keyptr;
__u32 hash[4]; __u32 hash[4];
...@@ -1508,7 +1508,7 @@ __u32 secure_ip_id(__u32 daddr) ...@@ -1508,7 +1508,7 @@ __u32 secure_ip_id(__u32 daddr)
* The dest ip address is placed in the starting vector, * The dest ip address is placed in the starting vector,
* which is then hashed with random data. * which is then hashed with random data.
*/ */
hash[0] = daddr; hash[0] = (__force __u32)daddr;
hash[1] = keyptr->secret[9]; hash[1] = keyptr->secret[9];
hash[2] = keyptr->secret[10]; hash[2] = keyptr->secret[10];
hash[3] = keyptr->secret[11]; hash[3] = keyptr->secret[11];
...@@ -1518,8 +1518,8 @@ __u32 secure_ip_id(__u32 daddr) ...@@ -1518,8 +1518,8 @@ __u32 secure_ip_id(__u32 daddr)
#ifdef CONFIG_INET #ifdef CONFIG_INET
__u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr, __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
__u16 sport, __u16 dport) __be16 sport, __be16 dport)
{ {
struct timeval tv; struct timeval tv;
__u32 seq; __u32 seq;
...@@ -1532,9 +1532,9 @@ __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr, ...@@ -1532,9 +1532,9 @@ __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
* Note that the words are placed into the starting vector, which is * Note that the words are placed into the starting vector, which is
* then mixed with a partial MD4 over random data. * then mixed with a partial MD4 over random data.
*/ */
hash[0]=saddr; hash[0]=(__force u32)saddr;
hash[1]=daddr; hash[1]=(__force u32)daddr;
hash[2]=(sport << 16) + dport; hash[2]=((__force u16)sport << 16) + (__force u16)dport;
hash[3]=keyptr->secret[11]; hash[3]=keyptr->secret[11];
seq = half_md4_transform(hash, keyptr->secret) & HASH_MASK; seq = half_md4_transform(hash, keyptr->secret) & HASH_MASK;
...@@ -1559,7 +1559,7 @@ __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr, ...@@ -1559,7 +1559,7 @@ __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr,
EXPORT_SYMBOL(secure_tcp_sequence_number); EXPORT_SYMBOL(secure_tcp_sequence_number);
/* Generate secure starting point for ephemeral IPV4 transport port search */ /* Generate secure starting point for ephemeral IPV4 transport port search */
u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport) u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport)
{ {
struct keydata *keyptr = get_keyptr(); struct keydata *keyptr = get_keyptr();
u32 hash[4]; u32 hash[4];
...@@ -1568,25 +1568,25 @@ u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport) ...@@ -1568,25 +1568,25 @@ u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport)
* Pick a unique starting offset for each ephemeral port search * Pick a unique starting offset for each ephemeral port search
* (saddr, daddr, dport) and 48bits of random data. * (saddr, daddr, dport) and 48bits of random data.
*/ */
hash[0] = saddr; hash[0] = (__force u32)saddr;
hash[1] = daddr; hash[1] = (__force u32)daddr;
hash[2] = dport ^ keyptr->secret[10]; hash[2] = (__force u32)dport ^ keyptr->secret[10];
hash[3] = keyptr->secret[11]; hash[3] = keyptr->secret[11];
return half_md4_transform(hash, keyptr->secret); return half_md4_transform(hash, keyptr->secret);
} }
#if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE) #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, __u16 dport) u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, __be16 dport)
{ {
struct keydata *keyptr = get_keyptr(); struct keydata *keyptr = get_keyptr();
u32 hash[12]; u32 hash[12];
memcpy(hash, saddr, 16); memcpy(hash, saddr, 16);
hash[4] = dport; hash[4] = (__force u32)dport;
memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7); memcpy(&hash[5],keyptr->secret,sizeof(__u32) * 7);
return twothirdsMD4Transform(daddr, hash); return twothirdsMD4Transform((const __u32 *)daddr, hash);
} }
#endif #endif
...@@ -1595,17 +1595,17 @@ u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, __u16 dpo ...@@ -1595,17 +1595,17 @@ u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, __u16 dpo
* bit's 32-47 increase every key exchange * bit's 32-47 increase every key exchange
* 0-31 hash(source, dest) * 0-31 hash(source, dest)
*/ */
u64 secure_dccp_sequence_number(__u32 saddr, __u32 daddr, u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
__u16 sport, __u16 dport) __be16 sport, __be16 dport)
{ {
struct timeval tv; struct timeval tv;
u64 seq; u64 seq;
__u32 hash[4]; __u32 hash[4];
struct keydata *keyptr = get_keyptr(); struct keydata *keyptr = get_keyptr();
hash[0] = saddr; hash[0] = (__force u32)saddr;
hash[1] = daddr; hash[1] = (__force u32)daddr;
hash[2] = (sport << 16) + dport; hash[2] = ((__force u16)sport << 16) + (__force u16)dport;
hash[3] = keyptr->secret[11]; hash[3] = keyptr->secret[11];
seq = half_md4_transform(hash, keyptr->secret); seq = half_md4_transform(hash, keyptr->secret);
...@@ -1641,7 +1641,7 @@ unsigned int get_random_int(void) ...@@ -1641,7 +1641,7 @@ unsigned int get_random_int(void)
* drain on it), and uses halfMD4Transform within the second. We * drain on it), and uses halfMD4Transform within the second. We
* also mix it with jiffies and the PID: * also mix it with jiffies and the PID:
*/ */
return secure_ip_id(current->pid + jiffies); return secure_ip_id((__force __be32)(current->pid + jiffies));
} }
/* /*
......
...@@ -51,16 +51,16 @@ extern void add_interrupt_randomness(int irq); ...@@ -51,16 +51,16 @@ extern void add_interrupt_randomness(int irq);
extern void get_random_bytes(void *buf, int nbytes); extern void get_random_bytes(void *buf, int nbytes);
void generate_random_uuid(unsigned char uuid_out[16]); void generate_random_uuid(unsigned char uuid_out[16]);
extern __u32 secure_ip_id(__u32 daddr); extern __u32 secure_ip_id(__be32 daddr);
extern u32 secure_ipv4_port_ephemeral(__u32 saddr, __u32 daddr, __u16 dport); extern u32 secure_ipv4_port_ephemeral(__be32 saddr, __be32 daddr, __be16 dport);
extern u32 secure_ipv6_port_ephemeral(const __u32 *saddr, const __u32 *daddr, extern u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr,
__u16 dport); __be16 dport);
extern __u32 secure_tcp_sequence_number(__u32 saddr, __u32 daddr, extern __u32 secure_tcp_sequence_number(__be32 saddr, __be32 daddr,
__u16 sport, __u16 dport); __be16 sport, __be16 dport);
extern __u32 secure_tcpv6_sequence_number(__u32 *saddr, __u32 *daddr, extern __u32 secure_tcpv6_sequence_number(__be32 *saddr, __be32 *daddr,
__u16 sport, __u16 dport); __be16 sport, __be16 dport);
extern u64 secure_dccp_sequence_number(__u32 saddr, __u32 daddr, extern u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
__u16 sport, __u16 dport); __be16 sport, __be16 dport);
#ifndef MODULE #ifndef MODULE
extern struct file_operations random_fops, urandom_fops; extern struct file_operations random_fops, urandom_fops;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册