Date: Sat, 30 May 2020 21:55:20 +0000 From: "neel_neelc.org (Neel Chauhan)" <phabric-noreply@FreeBSD.org> To: Phabricator <phabric-noreply@FreeBSD.org> Cc: freebsd-net@freebsd.org Subject: [Differential] D24989: netinet: Generate a random RSS key on boot. Message-ID: <464da524b5d507b43913e7b5fcc8924d@localhost.localdomain> In-Reply-To: <differential-rev-PHID-DREV-yukac7sf5rncf2mc6vjo-req@reviews.freebsd.org> References: <differential-rev-PHID-DREV-yukac7sf5rncf2mc6vjo-req@reviews.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] neel_neelc.org updated this revision to Diff 72463. neel_neelc.org added a comment. @cem thanks for the comments. I fixed arc4random_buf(). About waiting for entropy, I think you're right. REPOSITORY rS FreeBSD src repository CHANGES SINCE LAST UPDATE https://reviews.freebsd.org/D24989?vs=72203&id=72463 CHANGES SINCE LAST ACTION https://reviews.freebsd.org/D24989/new/ REVISION DETAIL https://reviews.freebsd.org/D24989 AFFECTED FILES sys/net/rss_config.c EMAIL PREFERENCES https://reviews.freebsd.org/settings/panel/emailpreferences/ To: neel_neelc.org, #csprng Cc: cem, #csprng, kevans, debdrup, rwatson, imp, ae, melifaro, #contributor_reviews_base, freebsd-net-list, mmacy, kpraveen.lkml_gmail.com, marcnarc_gmail.com, simonvella_gmail.com, novice_techie.com, tommi.pernila_iki.fi, krzysztof.galazka_intel.com [-- Attachment #2 --] diff --git a/sys/net/rss_config.c b/sys/net/rss_config.c --- a/sys/net/rss_config.c +++ b/sys/net/rss_config.c @@ -74,7 +74,6 @@ * - Synchronization for rss_key and other future-configurable parameters. * - Event handler drivers can register to pick up RSS configuration changes. * - Should we allow rss_basecpu to be configured? - * - Randomize key on boot. * - IPv6 support. * - Statistics on how often there's a misalignment between hardware * placement and pcbgroup expectations. @@ -153,19 +152,8 @@ * RSS secret key, intended to prevent attacks on load-balancing. Its * effectiveness may be limited by algorithm choice and available entropy * during the boot. - * - * XXXRW: And that we don't randomize it yet! - * - * This is the default Microsoft RSS specification key which is also - * the Chelsio T5 firmware default key. */ -static uint8_t rss_key[RSS_KEYSIZE] = { - 0x6d, 0x5a, 0x56, 0xda, 0x25, 0x5b, 0x0e, 0xc2, - 0x41, 0x67, 0x25, 0x3d, 0x43, 0xa3, 0x8f, 0xb0, - 0xd0, 0xca, 0x2b, 0xcb, 0xae, 0x7b, 0x30, 0xb4, - 0x77, 0xcb, 0x2d, 0xa3, 0x80, 0x30, 0xf2, 0x0c, - 0x6a, 0x42, 0xb7, 0x3b, 0xbe, 0xac, 0x01, 0xfa, -}; +uint8_t rss_key[RSS_KEYSIZE]; /* * RSS hash->CPU table, which maps hashed packet headers to particular CPUs. @@ -258,11 +246,9 @@ } /* - * Randomize rrs_key. - * - * XXXRW: Not yet. If nothing else, will require an rss_isbadkey() - * loop to check for "bad" RSS keys. + * Randomize rss_key. */ + arc4random_buf(rss_key, RSS_KEYSIZE); } SYSINIT(rss_init, SI_SUB_SOFTINTR, SI_ORDER_SECOND, rss_init, NULL);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?464da524b5d507b43913e7b5fcc8924d>