~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

TOMOYO Linux Cross Reference
Linux/net/ipv4/tcp_fastopen.c

Version: ~ [ linux-5.5-rc1 ] ~ [ linux-5.4.2 ] ~ [ linux-5.3.15 ] ~ [ linux-5.2.21 ] ~ [ linux-5.1.21 ] ~ [ linux-5.0.21 ] ~ [ linux-4.20.17 ] ~ [ linux-4.19.88 ] ~ [ linux-4.18.20 ] ~ [ linux-4.17.19 ] ~ [ linux-4.16.18 ] ~ [ linux-4.15.18 ] ~ [ linux-4.14.158 ] ~ [ linux-4.13.16 ] ~ [ linux-4.12.14 ] ~ [ linux-4.11.12 ] ~ [ linux-4.10.17 ] ~ [ linux-4.9.206 ] ~ [ linux-4.8.17 ] ~ [ linux-4.7.10 ] ~ [ linux-4.6.7 ] ~ [ linux-4.5.7 ] ~ [ linux-4.4.206 ] ~ [ linux-4.3.6 ] ~ [ linux-4.2.8 ] ~ [ linux-4.1.52 ] ~ [ linux-4.0.9 ] ~ [ linux-3.19.8 ] ~ [ linux-3.18.140 ] ~ [ linux-3.17.8 ] ~ [ linux-3.16.78 ] ~ [ linux-3.15.10 ] ~ [ linux-3.14.79 ] ~ [ linux-3.13.11 ] ~ [ linux-3.12.74 ] ~ [ linux-3.11.10 ] ~ [ linux-3.10.108 ] ~ [ linux-3.9.11 ] ~ [ linux-3.8.13 ] ~ [ linux-3.7.10 ] ~ [ linux-3.6.11 ] ~ [ linux-3.5.7 ] ~ [ linux-3.4.113 ] ~ [ linux-3.3.8 ] ~ [ linux-3.2.102 ] ~ [ linux-3.1.10 ] ~ [ linux-3.0.101 ] ~ [ linux-2.6.32.71 ] ~ [ linux-2.6.0 ] ~ [ linux-2.4.37.11 ] ~ [ unix-v6-master ] ~ [ ccs-tools-1.8.5 ] ~ [ policy-sample ] ~
Architecture: ~ [ i386 ] ~ [ alpha ] ~ [ m68k ] ~ [ mips ] ~ [ ppc ] ~ [ sparc ] ~ [ sparc64 ] ~

  1 #include <linux/err.h>
  2 #include <linux/init.h>
  3 #include <linux/kernel.h>
  4 #include <linux/list.h>
  5 #include <linux/tcp.h>
  6 #include <linux/rcupdate.h>
  7 #include <linux/rculist.h>
  8 #include <net/inetpeer.h>
  9 #include <net/tcp.h>
 10 
 11 int sysctl_tcp_fastopen __read_mostly;
 12 
 13 struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
 14 
 15 static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
 16 
 17 static void tcp_fastopen_ctx_free(struct rcu_head *head)
 18 {
 19         struct tcp_fastopen_context *ctx =
 20             container_of(head, struct tcp_fastopen_context, rcu);
 21         crypto_free_cipher(ctx->tfm);
 22         kfree(ctx);
 23 }
 24 
 25 int tcp_fastopen_reset_cipher(void *key, unsigned int len)
 26 {
 27         int err;
 28         struct tcp_fastopen_context *ctx, *octx;
 29 
 30         ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
 31         if (!ctx)
 32                 return -ENOMEM;
 33         ctx->tfm = crypto_alloc_cipher("aes", 0, 0);
 34 
 35         if (IS_ERR(ctx->tfm)) {
 36                 err = PTR_ERR(ctx->tfm);
 37 error:          kfree(ctx);
 38                 pr_err("TCP: TFO aes cipher alloc error: %d\n", err);
 39                 return err;
 40         }
 41         err = crypto_cipher_setkey(ctx->tfm, key, len);
 42         if (err) {
 43                 pr_err("TCP: TFO cipher key error: %d\n", err);
 44                 crypto_free_cipher(ctx->tfm);
 45                 goto error;
 46         }
 47         memcpy(ctx->key, key, len);
 48 
 49         spin_lock(&tcp_fastopen_ctx_lock);
 50 
 51         octx = rcu_dereference_protected(tcp_fastopen_ctx,
 52                                 lockdep_is_held(&tcp_fastopen_ctx_lock));
 53         rcu_assign_pointer(tcp_fastopen_ctx, ctx);
 54         spin_unlock(&tcp_fastopen_ctx_lock);
 55 
 56         if (octx)
 57                 call_rcu(&octx->rcu, tcp_fastopen_ctx_free);
 58         return err;
 59 }
 60 
 61 /* Computes the fastopen cookie for the peer.
 62  * The peer address is a 128 bits long (pad with zeros for IPv4).
 63  *
 64  * The caller must check foc->len to determine if a valid cookie
 65  * has been generated successfully.
 66 */
 67 void tcp_fastopen_cookie_gen(__be32 addr, struct tcp_fastopen_cookie *foc)
 68 {
 69         __be32 peer_addr[4] = { addr, 0, 0, 0 };
 70         struct tcp_fastopen_context *ctx;
 71 
 72         rcu_read_lock();
 73         ctx = rcu_dereference(tcp_fastopen_ctx);
 74         if (ctx) {
 75                 crypto_cipher_encrypt_one(ctx->tfm,
 76                                           foc->val,
 77                                           (__u8 *)peer_addr);
 78                 foc->len = TCP_FASTOPEN_COOKIE_SIZE;
 79         }
 80         rcu_read_unlock();
 81 }
 82 
 83 static int __init tcp_fastopen_init(void)
 84 {
 85         __u8 key[TCP_FASTOPEN_KEY_LENGTH];
 86 
 87         get_random_bytes(key, sizeof(key));
 88         tcp_fastopen_reset_cipher(key, sizeof(key));
 89         return 0;
 90 }
 91 
 92 late_initcall(tcp_fastopen_init);
 93 

~ [ source navigation ] ~ [ diff markup ] ~ [ identifier search ] ~

kernel.org | git.kernel.org | LWN.net | Project Home | Wiki (Japanese) | Wiki (English) | SVN repository | Mail admin

Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.

osdn.jp