mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/ipv6/ila
History
Arnd Bergmann 47537bceb7 ila_xlat: add missing hash secret initialization 
commit 0db47e3d32 upstream.

While discussing the possible merits of clang warning about unused initialized
functions, I found one function that was clearly meant to be called but
never actually is.

__ila_hash_secret_init() initializes the hash value for the ila locator,
apparently this is intended to prevent hash collision attacks, but this ends
up being a read-only zero constant since there is no caller. I could find
no indication of why it was never called, the earliest patch submission
for the module already was like this. If my interpretation is right, we
certainly want to backport the patch to stable kernels as well.

I considered adding it to the ila_xlat_init callback, but for best effect
the random data is read as late as possible, just before it is first used.
The underlying net_get_random_once() is already highly optimized to avoid
overhead when called frequently.

Fixes: 7f00feaf10 ("ila: Add generic ILA translation facility")
Link: https://www.spinics.net/lists/kernel/msg2527243.html
Signed-off-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2017-06-24 07:11:12 +02:00
..
Makefile
ila.h ila: Perform only one translation in forwarding path 2016-06-08 00:40:34 -07:00
ila_common.c kcm: Use stream parser 2016-08-17 19:36:23 -04:00
ila_lwt.c net: Specify the owning module for lwtunnel ops 2017-02-04 09:47:11 +01:00
ila_xlat.c ila_xlat: add missing hash secret initialization 2017-06-24 07:11:12 +02:00