Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm-4.9 / a5c8f270e4dae14ea5cb88e477ed1092955f8722 / . / net / ipv4 / tcp_fastopen.c
blob: ab7bd35bb312c6e9e07aa2950d75ec4bbc982eac [file] [log] [blame]
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]1#include <linux/err.h>
Yuchung Cheng2100c8d2012-07-19 06:43:05 +0000[diff] [blame]2#include <linux/init.h>
3#include <linux/kernel.h>
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]4#include <linux/list.h>
5#include <linux/tcp.h>
6#include <linux/rcupdate.h>
7#include <linux/rculist.h>
8#include <net/inetpeer.h>
9#include <net/tcp.h>
Yuchung Cheng2100c8d2012-07-19 06:43:05 +0000[diff] [blame]10
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]11int sysctl_tcp_fastopen __read_mostly;
12
13struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
14
15static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
16
17static void tcp_fastopen_ctx_free(struct rcu_head *head)
18{
19 struct tcp_fastopen_context *ctx =
20 container_of(head, struct tcp_fastopen_context, rcu);
21 crypto_free_cipher(ctx->tfm);
22 kfree(ctx);
23}
24
25int tcp_fastopen_reset_cipher(void *key, unsigned int len)
26{
27 int err;
28 struct tcp_fastopen_context *ctx, *octx;
29
30 ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
31 if (!ctx)
32 return -ENOMEM;
33 ctx->tfm = crypto_alloc_cipher("aes", 0, 0);
34
35 if (IS_ERR(ctx->tfm)) {
36 err = PTR_ERR(ctx->tfm);
37error: kfree(ctx);
38 pr_err("TCP: TFO aes cipher alloc error: %d\n", err);
39 return err;
40 }
41 err = crypto_cipher_setkey(ctx->tfm, key, len);
42 if (err) {
43 pr_err("TCP: TFO cipher key error: %d\n", err);
44 crypto_free_cipher(ctx->tfm);
45 goto error;
46 }
47 memcpy(ctx->key, key, len);
48
49 spin_lock(&tcp_fastopen_ctx_lock);
50
51 octx = rcu_dereference_protected(tcp_fastopen_ctx,
52 lockdep_is_held(&tcp_fastopen_ctx_lock));
53 rcu_assign_pointer(tcp_fastopen_ctx, ctx);
54 spin_unlock(&tcp_fastopen_ctx_lock);
55
56 if (octx)
57 call_rcu(&octx->rcu, tcp_fastopen_ctx_free);
58 return err;
59}
60
Yuchung Cheng149479d2013-08-08 14:06:22 -0700[diff] [blame]61/* Computes the fastopen cookie for the IP path.
62 * The path is a 128 bits long (pad with zeros for IPv4).
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]63 *
64 * The caller must check foc->len to determine if a valid cookie
65 * has been generated successfully.
66*/
Yuchung Cheng149479d2013-08-08 14:06:22 -0700[diff] [blame]67void tcp_fastopen_cookie_gen(__be32 src, __be32 dst,
68 struct tcp_fastopen_cookie *foc)
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]69{
Yuchung Cheng149479d2013-08-08 14:06:22 -0700[diff] [blame]70 __be32 path[4] = { src, dst, 0, 0 };
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]71 struct tcp_fastopen_context *ctx;
72
73 rcu_read_lock();
74 ctx = rcu_dereference(tcp_fastopen_ctx);
75 if (ctx) {
Yuchung Cheng149479d2013-08-08 14:06:22 -0700[diff] [blame]76 crypto_cipher_encrypt_one(ctx->tfm, foc->val, (__u8 *)path);
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]77 foc->len = TCP_FASTOPEN_COOKIE_SIZE;
78 }
79 rcu_read_unlock();
80}
Yuchung Cheng2100c8d2012-07-19 06:43:05 +0000[diff] [blame]81
82static int __init tcp_fastopen_init(void)
83{
Jerry Chu10467162012-08-31 12:29:11 +0000[diff] [blame]84 __u8 key[TCP_FASTOPEN_KEY_LENGTH];
85
86 get_random_bytes(key, sizeof(key));
87 tcp_fastopen_reset_cipher(key, sizeof(key));
Yuchung Cheng2100c8d2012-07-19 06:43:05 +0000[diff] [blame]88 return 0;
89}
90
91late_initcall(tcp_fastopen_init);