diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2017-03-16 15:28:16 +0100 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2017-03-19 15:34:46 +0100 |
| commit | fc6856b5b9dc056e7a54436f1f7eb0b9a6f68895 (patch) | |
| tree | e9cf000911d62752d98fce7b10d612264c281818 /src/compat | |
| parent | timers: elide enable check (diff) | |
| download | wireguard-monolithic-historical-fc6856b5b9dc056e7a54436f1f7eb0b9a6f68895.tar.xz wireguard-monolithic-historical-fc6856b5b9dc056e7a54436f1f7eb0b9a6f68895.zip | |
hashtables: get_random_int is now more secure, so expose directly
On 4.11, get_random_u32 now either uses chacha or rdrand, rather than
the horrible former MD5 construction, so we feel more comfortable
exposing RNG output directly.
On older kernels, we fall back to something a bit disgusting.
Diffstat (limited to 'src/compat')
| -rw-r--r-- | src/compat/compat.h | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/src/compat/compat.h b/src/compat/compat.h index 141cad7..4e6010f 100644 --- a/src/compat/compat.h +++ b/src/compat/compat.h @@ -171,6 +171,25 @@ static inline void skb_reset_tc(struct sk_buff *skb) } #endif +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 11, 0) +#include <linux/siphash.h> +static inline u32 get_random_u32(void) +{ + static siphash_key_t key; + static u32 counter = 0; +#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0) + static bool has_seeded = false; + if (unlikely(!has_seeded)) { + get_random_bytes(&key, sizeof(key)); + has_seeded = true; + } +#else + get_random_once(&key, sizeof(key)); +#endif + return siphash_2u32(counter++, get_random_int(), &key); +} +#endif + /* https://lkml.org/lkml/2015/6/12/415 */ #include <linux/netdevice.h> static inline struct net_device *netdev_pub(void *dev) |