Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 54b2b50c20
Branches Tags
linux-vybrid_pu...
/
net
/
ipv4
/
tcp_fastopen.c

tcp_fastopen.c 2.4 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596 
  1. #include <linux/err.h>
    2. 

  2. #include <linux/init.h>
    3. 

  3. #include <linux/kernel.h>
    4. 

  4. #include <linux/list.h>
    5. 

  5. #include <linux/tcp.h>
    6. 

  6. #include <linux/rcupdate.h>
    7. 

  7. #include <linux/rculist.h>
    8. 

  8. #include <net/inetpeer.h>
    9. 

  9. #include <net/tcp.h>
    10. 

  10. 

  11. int sysctl_tcp_fastopen __read_mostly = TFO_CLIENT_ENABLE;
    12. 

  12. 

  13. struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
    14. 

  14. 

  15. static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
    16. 

  16. 

  17. void tcp_fastopen_init_key_once(bool publish)
    18. 

  18. {
    19. 

  19. 	static u8 key[TCP_FASTOPEN_KEY_LENGTH];
    20. 

  20. 

  21. 	/* tcp_fastopen_reset_cipher publishes the new context
    22. 

  22. 	 * atomically, so we allow this race happening here.
    23. 

  23. 	 *
    24. 

  24. 	 * All call sites of tcp_fastopen_cookie_gen also check
    25. 

  25. 	 * for a valid cookie, so this is an acceptable risk.
    26. 

  26. 	 */
    27. 

  27. 	if (net_get_random_once(key, sizeof(key)) && publish)
    28. 

  28. 		tcp_fastopen_reset_cipher(key, sizeof(key));
    29. 

  29. }
    30. 

  30. 

  31. static void tcp_fastopen_ctx_free(struct rcu_head *head)
    32. 

  32. {
    33. 

  33. 	struct tcp_fastopen_context *ctx =
    34. 

  34. 	    container_of(head, struct tcp_fastopen_context, rcu);
    35. 

  35. 	crypto_free_cipher(ctx->tfm);
    36. 

  36. 	kfree(ctx);
    37. 

  37. }
    38. 

  38. 

  39. int tcp_fastopen_reset_cipher(void *key, unsigned int len)
    40. 

  40. {
    41. 

  41. 	int err;
    42. 

  42. 	struct tcp_fastopen_context *ctx, *octx;
    43. 

  43. 

  44. 	ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
    45. 

  45. 	if (!ctx)
    46. 

  46. 		return -ENOMEM;
    47. 

  47. 	ctx->tfm = crypto_alloc_cipher("aes", 0, 0);
    48. 

  48. 

  49. 	if (IS_ERR(ctx->tfm)) {
    50. 

  50. 		err = PTR_ERR(ctx->tfm);
    51. 

  51. error:		kfree(ctx);
    52. 

  52. 		pr_err("TCP: TFO aes cipher alloc error: %d\n", err);
    53. 

  53. 		return err;
    54. 

  54. 	}
    55. 

  55. 	err = crypto_cipher_setkey(ctx->tfm, key, len);
    56. 

  56. 	if (err) {
    57. 

  57. 		pr_err("TCP: TFO cipher key error: %d\n", err);
    58. 

  58. 		crypto_free_cipher(ctx->tfm);
    59. 

  59. 		goto error;
    60. 

  60. 	}
    61. 

  61. 	memcpy(ctx->key, key, len);
    62. 

  62. 

  63. 	spin_lock(&tcp_fastopen_ctx_lock);
    64. 

  64. 

  65. 	octx = rcu_dereference_protected(tcp_fastopen_ctx,
    66. 

  66. 				lockdep_is_held(&tcp_fastopen_ctx_lock));
    67. 

  67. 	rcu_assign_pointer(tcp_fastopen_ctx, ctx);
    68. 

  68. 	spin_unlock(&tcp_fastopen_ctx_lock);
    69. 

  69. 

  70. 	if (octx)
    71. 

  71. 		call_rcu(&octx->rcu, tcp_fastopen_ctx_free);
    72. 

  72. 	return err;
    73. 

  73. }
    74. 

  74. 

  75. /* Computes the fastopen cookie for the IP path.
    76. 

  76.  * The path is a 128 bits long (pad with zeros for IPv4).
    77. 

  77.  *
    78. 

  78.  * The caller must check foc->len to determine if a valid cookie
    79. 

  79.  * has been generated successfully.
    80. 

  80. */
    81. 

  81. void tcp_fastopen_cookie_gen(__be32 src, __be32 dst,
    82. 

  82. 			     struct tcp_fastopen_cookie *foc)
    83. 

  83. {
    84. 

  84. 	__be32 path[4] = { src, dst, 0, 0 };
    85. 

  85. 	struct tcp_fastopen_context *ctx;
    86. 

  86. 

  87. 	tcp_fastopen_init_key_once(true);
    88. 

  88. 

  89. 	rcu_read_lock();
    90. 

  90. 	ctx = rcu_dereference(tcp_fastopen_ctx);
    91. 

  91. 	if (ctx) {
    92. 

  92. 		crypto_cipher_encrypt_one(ctx->tfm, foc->val, (__u8 *)path);
    93. 

  93. 		foc->len = TCP_FASTOPEN_COOKIE_SIZE;
    94. 

  94. 	}
    95. 

  95. 	rcu_read_unlock();
    96. 

  96. }
    97.