Home Explore Help
Register Sign In
phyus
/
linux-vybrid_public
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 968d21c2cf
Branches Tags
linux-vybrid_pu...
/
net
/
ipv4
/
tcp_fastopen.c

tcp_fastopen.c 2.2 KB
History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 
  1. #include <linux/err.h>
    2. 

  2. #include <linux/init.h>
    3. 

  3. #include <linux/kernel.h>
    4. 

  4. #include <linux/list.h>
    5. 

  5. #include <linux/tcp.h>
    6. 

  6. #include <linux/rcupdate.h>
    7. 

  7. #include <linux/rculist.h>
    8. 

  8. #include <net/inetpeer.h>
    9. 

  9. #include <net/tcp.h>
    10. 

  10. 

  11. int sysctl_tcp_fastopen __read_mostly;
    12. 

  12. 

  13. struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
    14. 

  14. 

  15. static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
    16. 

  16. 

  17. static void tcp_fastopen_ctx_free(struct rcu_head *head)
    18. 

  18. {
    19. 

  19. 	struct tcp_fastopen_context *ctx =
    20. 

  20. 	    container_of(head, struct tcp_fastopen_context, rcu);
    21. 

  21. 	crypto_free_cipher(ctx->tfm);
    22. 

  22. 	kfree(ctx);
    23. 

  23. }
    24. 

  24. 

  25. int tcp_fastopen_reset_cipher(void *key, unsigned int len)
    26. 

  26. {
    27. 

  27. 	int err;
    28. 

  28. 	struct tcp_fastopen_context *ctx, *octx;
    29. 

  29. 

  30. 	ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
    31. 

  31. 	if (!ctx)
    32. 

  32. 		return -ENOMEM;
    33. 

  33. 	ctx->tfm = crypto_alloc_cipher("aes", 0, 0);
    34. 

  34. 

  35. 	if (IS_ERR(ctx->tfm)) {
    36. 

  36. 		err = PTR_ERR(ctx->tfm);
    37. 

  37. error:		kfree(ctx);
    38. 

  38. 		pr_err("TCP: TFO aes cipher alloc error: %d\n", err);
    39. 

  39. 		return err;
    40. 

  40. 	}
    41. 

  41. 	err = crypto_cipher_setkey(ctx->tfm, key, len);
    42. 

  42. 	if (err) {
    43. 

  43. 		pr_err("TCP: TFO cipher key error: %d\n", err);
    44. 

  44. 		crypto_free_cipher(ctx->tfm);
    45. 

  45. 		goto error;
    46. 

  46. 	}
    47. 

  47. 	memcpy(ctx->key, key, len);
    48. 

  48. 

  49. 	spin_lock(&tcp_fastopen_ctx_lock);
    50. 

  50. 

  51. 	octx = rcu_dereference_protected(tcp_fastopen_ctx,
    52. 

  52. 				lockdep_is_held(&tcp_fastopen_ctx_lock));
    53. 

  53. 	rcu_assign_pointer(tcp_fastopen_ctx, ctx);
    54. 

  54. 	spin_unlock(&tcp_fastopen_ctx_lock);
    55. 

  55. 

  56. 	if (octx)
    57. 

  57. 		call_rcu(&octx->rcu, tcp_fastopen_ctx_free);
    58. 

  58. 	return err;
    59. 

  59. }
    60. 

  60. 

  61. /* Computes the fastopen cookie for the peer.
    62. 

  62.  * The peer address is a 128 bits long (pad with zeros for IPv4).
    63. 

  63.  *
    64. 

  64.  * The caller must check foc->len to determine if a valid cookie
    65. 

  65.  * has been generated successfully.
    66. 

  66. */
    67. 

  67. void tcp_fastopen_cookie_gen(__be32 addr, struct tcp_fastopen_cookie *foc)
    68. 

  68. {
    69. 

  69. 	__be32 peer_addr[4] = { addr, 0, 0, 0 };
    70. 

  70. 	struct tcp_fastopen_context *ctx;
    71. 

  71. 

  72. 	rcu_read_lock();
    73. 

  73. 	ctx = rcu_dereference(tcp_fastopen_ctx);
    74. 

  74. 	if (ctx) {
    75. 

  75. 		crypto_cipher_encrypt_one(ctx->tfm,
    76. 

  76. 					  foc->val,
    77. 

  77. 					  (__u8 *)peer_addr);
    78. 

  78. 		foc->len = TCP_FASTOPEN_COOKIE_SIZE;
    79. 

  79. 	}
    80. 

  80. 	rcu_read_unlock();
    81. 

  81. }
    82. 

  82. 

  83. static int __init tcp_fastopen_init(void)
    84. 

  84. {
    85. 

  85. 	__u8 key[TCP_FASTOPEN_KEY_LENGTH];
    86. 

  86. 

  87. 	get_random_bytes(key, sizeof(key));
    88. 

  88. 	tcp_fastopen_reset_cipher(key, sizeof(key));
    89. 

  89. 	return 0;
    90. 

  90. }
    91. 

  91. 

  92. late_initcall(tcp_fastopen_init);
    93.