• Eric Dumazet's avatar
    ipv6: make exception cache less predictible · a00df2ca
    Eric Dumazet authored
    Even after commit 4785305c ("ipv6: use siphash in rt6_exception_hash()"),
    an attacker can still use brute force to learn some secrets from a victim
    linux host.
    
    One way to defeat these attacks is to make the max depth of the hash
    table bucket a random value.
    
    Before this patch, each bucket of the hash table used to store exceptions
    could contain 6 items under attack.
    
    After the patch, each bucket would contains a random number of items,
    between 6 and 10. The attacker can no longer infer secrets.
    
    This is slightly increasing memory size used by the hash table,
    we do not expect this to be a problem.
    
    Following patch is dealing with the same issue in IPv4.
    
    Fixes: 35732d01 ("ipv6: introduce a hash table to store dst cache")
    Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
    Reported-by: default avatarKeyu Man <kman001@ucr.edu>
    Cc: Wei Wang <weiwan@google.com>
    Cc: Martin KaFai Lau <kafai@fb.com>
    Reviewed-by: default avatarDavid Ahern <dsahern@kernel.org>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    a00df2ca
route.c 166 KB