git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Eric Dumazet <edumazet@google.com>
	Sun, 29 Aug 2021 22:16:14 +0000 (15:16 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 2 Nov 2021 17:26:44 +0000 (18:26 +0100)
commit	c6d0d68d6da68159948cad3d808d61bb291a0283
tree	1e5ed07880c75a11ccef3da01ef78a85701df1e0	tree \| snapshot
parent	ad829847ad59af8e26a1f1c345716099abbc7a58	commit \| diff

ipv6: make exception cache less predictible

commit a00df2caffed3883c341d5685f830434312e4a43 upstream.

Even after commit 4785305c05b2 ("ipv6: use siphash in rt6_exception_hash()"),
an attacker can still use brute force to learn some secrets from a victim
linux host.

One way to defeat these attacks is to make the max depth of the hash
table bucket a random value.

Before this patch, each bucket of the hash table used to store exceptions
could contain 6 items under attack.

After the patch, each bucket would contains a random number of items,
between 6 and 10. The attacker can no longer infer secrets.

This is slightly increasing memory size used by the hash table,
we do not expect this to be a problem.

Following patch is dealing with the same issue in IPv4.

Fixes: 35732d01fe31 ("ipv6: introduce a hash table to store dst cache")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Keyu Man <kman001@ucr.edu>
Cc: Wei Wang <weiwan@google.com>
Cc: Martin KaFai Lau <kafai@fb.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
[OP: adjusted context for 4.19 stable]
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>