Commit c397f586 authored by Yuchung Cheng's avatar Yuchung Cheng Committed by Kleber Sacilotto de Souza

tcp: fix Fast Open key endianness

BugLink: https://bugs.launchpad.net/bugs/1790884

[ Upstream commit c860e997 ]

Fast Open key could be stored in different endian based on the CPU.
Previously hosts in different endianness in a server farm using
the same key config (sysctl value) would produce different cookies.
This patch fixes it by always storing it as little endian to keep
same API for LE hosts.
Reported-by: default avatarDaniele Iamartino <danielei@google.com>
Signed-off-by: default avatarYuchung Cheng <ycheng@google.com>
Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Signed-off-by: default avatarNeal Cardwell <ncardwell@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarStefan Bader <stefan.bader@canonical.com>
Signed-off-by: default avatarKleber Sacilotto de Souza <kleber.souza@canonical.com>
parent 7d90b984
...@@ -213,8 +213,9 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, ...@@ -213,8 +213,9 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write,
{ {
struct ctl_table tbl = { .maxlen = (TCP_FASTOPEN_KEY_LENGTH * 2 + 10) }; struct ctl_table tbl = { .maxlen = (TCP_FASTOPEN_KEY_LENGTH * 2 + 10) };
struct tcp_fastopen_context *ctxt; struct tcp_fastopen_context *ctxt;
int ret;
u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */ u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */
__le32 key[4];
int ret, i;
tbl.data = kmalloc(tbl.maxlen, GFP_KERNEL); tbl.data = kmalloc(tbl.maxlen, GFP_KERNEL);
if (!tbl.data) if (!tbl.data)
...@@ -223,11 +224,14 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, ...@@ -223,11 +224,14 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write,
rcu_read_lock(); rcu_read_lock();
ctxt = rcu_dereference(tcp_fastopen_ctx); ctxt = rcu_dereference(tcp_fastopen_ctx);
if (ctxt) if (ctxt)
memcpy(user_key, ctxt->key, TCP_FASTOPEN_KEY_LENGTH); memcpy(key, ctxt->key, TCP_FASTOPEN_KEY_LENGTH);
else else
memset(user_key, 0, sizeof(user_key)); memset(key, 0, sizeof(key));
rcu_read_unlock(); rcu_read_unlock();
for (i = 0; i < ARRAY_SIZE(key); i++)
user_key[i] = le32_to_cpu(key[i]);
snprintf(tbl.data, tbl.maxlen, "%08x-%08x-%08x-%08x", snprintf(tbl.data, tbl.maxlen, "%08x-%08x-%08x-%08x",
user_key[0], user_key[1], user_key[2], user_key[3]); user_key[0], user_key[1], user_key[2], user_key[3]);
ret = proc_dostring(&tbl, write, buffer, lenp, ppos); ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
...@@ -243,7 +247,11 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, ...@@ -243,7 +247,11 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write,
* first invocation of tcp_fastopen_cookie_gen * first invocation of tcp_fastopen_cookie_gen
*/ */
tcp_fastopen_init_key_once(false); tcp_fastopen_init_key_once(false);
tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH);
for (i = 0; i < ARRAY_SIZE(user_key); i++)
key[i] = cpu_to_le32(user_key[i]);
tcp_fastopen_reset_cipher(key, TCP_FASTOPEN_KEY_LENGTH);
} }
bad_key: bad_key:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment