[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-net
Subject:    [Differential] D24989: netinet: Generate a random RSS key on boot.
From:       "neel_neelc.org (Neel Chauhan)" <phabric-noreply () FreeBSD ! org>
Date:       2020-05-30 21:55:20
Message-ID: 464da524b5d507b43913e7b5fcc8924d () localhost ! localdomain
[Download RAW message or body]

[Attachment #2 (text/plain)]

neel_neelc.org updated this revision to Diff 72463.
neel_neelc.org added a comment.


  @cem thanks for the comments.
  
  I fixed arc4random_buf().
  
  About waiting for entropy, I think you're right.

REPOSITORY
  rS FreeBSD src repository

CHANGES SINCE LAST UPDATE
  https://reviews.freebsd.org/D24989?vs=72203&id=72463

CHANGES SINCE LAST ACTION
  https://reviews.freebsd.org/D24989/new/

REVISION DETAIL
  https://reviews.freebsd.org/D24989

AFFECTED FILES
  sys/net/rss_config.c

EMAIL PREFERENCES
  https://reviews.freebsd.org/settings/panel/emailpreferences/

To: neel_neelc.org, #csprng
Cc: cem, #csprng, kevans, debdrup, rwatson, imp, ae, melifaro, \
#contributor_reviews_base, freebsd-net-list, mmacy, kpraveen.lkml_gmail.com, \
marcnarc_gmail.com, simonvella_gmail.com, novice_techie.com, tommi.pernila_iki.fi, \
krzysztof.galazka_intel.com


["D24989.72463.patch" (text/x-patch)]

diff --git a/sys/net/rss_config.c b/sys/net/rss_config.c
--- a/sys/net/rss_config.c
+++ b/sys/net/rss_config.c
@@ -74,7 +74,6 @@
  * - Synchronization for rss_key and other future-configurable parameters.
  * - Event handler drivers can register to pick up RSS configuration changes.
  * - Should we allow rss_basecpu to be configured?
- * - Randomize key on boot.
  * - IPv6 support.
  * - Statistics on how often there's a misalignment between hardware
  *   placement and pcbgroup expectations.
@@ -153,19 +152,8 @@
  * RSS secret key, intended to prevent attacks on load-balancing.  Its
  * effectiveness may be limited by algorithm choice and available entropy
  * during the boot.
- *
- * XXXRW: And that we don't randomize it yet!
- *
- * This is the default Microsoft RSS specification key which is also
- * the Chelsio T5 firmware default key.
  */
-static uint8_t rss_key[RSS_KEYSIZE] = {
-	0x6d, 0x5a, 0x56, 0xda, 0x25, 0x5b, 0x0e, 0xc2,
-	0x41, 0x67, 0x25, 0x3d, 0x43, 0xa3, 0x8f, 0xb0,
-	0xd0, 0xca, 0x2b, 0xcb, 0xae, 0x7b, 0x30, 0xb4,
-	0x77, 0xcb, 0x2d, 0xa3, 0x80, 0x30, 0xf2, 0x0c,
-	0x6a, 0x42, 0xb7, 0x3b, 0xbe, 0xac, 0x01, 0xfa,
-};
+uint8_t rss_key[RSS_KEYSIZE];
 
 /*
  * RSS hash->CPU table, which maps hashed packet headers to particular CPUs.
@@ -258,11 +246,9 @@
 	}
 
 	/*
-	 * Randomize rrs_key.
-	 *
-	 * XXXRW: Not yet.  If nothing else, will require an rss_isbadkey()
-	 * loop to check for "bad" RSS keys.
+	 * Randomize rss_key.
 	 */
+	arc4random_buf(rss_key, RSS_KEYSIZE);
 }
 SYSINIT(rss_init, SI_SUB_SOFTINTR, SI_ORDER_SECOND, rss_init, NULL);
 



_______________________________________________
freebsd-net@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic