Commit 1b1be81b authored by Eric Dumazet's avatar Eric Dumazet Committed by Yang Yingliang
Browse files

ipv6: use siphash in rt6_exception_hash() 



mainline inclusion
from mainline-v5.14
commit 4785305c
category: bugfix
bugzilla: NA
CVE: CVE-2021-20322

-------------------------------------------------

A group of security researchers brought to our attention
the weakness of hash function used in rt6_exception_hash()

Lets use siphash instead of Jenkins Hash, to considerably
reduce security risks.

Following patch deals with IPv4.

Fixes: 35732d01 ("ipv6: introduce a hash table to store dst cache")
Signed-off-by: default avatarEric Dumazet <edumazet@google.com>
Reported-by: default avatarKeyu Man <kman001@ucr.edu>
Cc: Wei Wang <weiwan@google.com>
Cc: Martin KaFai Lau <kafai@fb.com>
Acked-by: default avatarWei Wang <weiwan@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Signed-off-by: default avatarXu Jia <xujia39@huawei.com>
Reviewed-by: default avatarYue Haibing <yuehaibing@huawei.com>
Reviewed-by: default avatarXiu Jianfeng <xiujianfeng@huawei.com>
Signed-off-by: default avatarYang Yingliang <yangyingliang@huawei.com>
parent e2eea86c
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment