ipv4: harden fnhe_hashfun()

Lets make this hash function a bit secure, as ICMP attacks are still
in the wild.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/net/ip_fib.h b/include/net/ip_fib.h
index f30fd554127e645a17248888e5324f7d002ae1e9..dc9d2a27c3158115b927b3f4b93e5bd98799d749 100644 (file)
--- a/include/net/ip_fib.h
+++ b/include/net/ip_fib.h
@@ -65,7 +65,8 @@ struct fnhe_hash_bucket {
        struct fib_nh_exception __rcu   *chain;
 };
 
-#define FNHE_HASH_SIZE         2048
+#define FNHE_HASH_SHIFT                11
+#define FNHE_HASH_SIZE         (1 << FNHE_HASH_SHIFT)
 #define FNHE_RECLAIM_DEPTH     5
 
 struct fib_nh {

diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 44b0cbdd76f1438c05a6963c9781377b7129bb1e..234a43e233dcf0b64252817deea8d8d969de6ccb 100644 (file)
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -596,12 +596,12 @@ static struct fib_nh_exception *fnhe_oldest(struct fnhe_hash_bucket *hash)
 
 static inline u32 fnhe_hashfun(__be32 daddr)
 {
+       static u32 fnhe_hashrnd __read_mostly;
        u32 hval;
 
-       hval = (__force u32) daddr;
-       hval ^= (hval >> 11) ^ (hval >> 22);
-
-       return hval & (FNHE_HASH_SIZE - 1);
+       net_get_random_once(&fnhe_hashrnd, sizeof(fnhe_hashrnd));
+       hval = jhash_1word((__force u32) daddr, fnhe_hashrnd);
+       return hash_32(hval, FNHE_HASH_SHIFT);
 }
 
 static void fill_route_from_fnhe(struct rtable *rt, struct fib_nh_exception *fnhe)