tcp: switch tcp_fastopen key generation to net_get_random_once
Changed key initialization of tcp_fastopen cookies to net_get_random_once. If the user sets a custom key net_get_random_once must be called at least once to ensure we don't overwrite the user provided key when the first cookie is generated later on. Cc: Yuchung Cheng <ycheng@google.com> Cc: Eric Dumazet <edumazet@google.com> Cc: "David S. Miller" <davem@davemloft.net> Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Hannes Frederic Sowa
committed by
David S. Miller
David S. Miller
parent
1bbdceef1e
commit
222e83d2e0
@@ -274,6 +274,11 @@ static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write,
|
||||
ret = -EINVAL;
|
||||
goto bad_key;
|
||||
}
|
||||
/* Generate a dummy secret but don't publish it. This
|
||||
* is needed so we don't regenerate a new key on the
|
||||
* first invocation of tcp_fastopen_cookie_gen
|
||||
*/
|
||||
tcp_fastopen_init_key_once(false);
|
||||
tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user