ipv6: switch inet6_acaddr_hash() to less predictable hash

commit 2384d02520ff ("net/ipv6: Add anycast addresses to a global hashtable")
added inet6_acaddr_hash(), using ipv6_addr_hash() and net_hash_mix()
to get hash spreading for typical users.

However ipv6_addr_hash() is highly predictable and a malicious user
could abuse a specific hash bucket.

Switch to __ipv6_addr_jhash(). We could use a dedicated
secret, or reuse net_hash_mix() as I did in this patch.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: David Ahern <dsahern@kernel.org>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Link: https://patch.msgid.link/20241008121307.800040-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/net/ipv6/anycast.c b/net/ipv6/anycast.c
index 0627c4c18d1a5067a668da778ad444855194cbeb..562cace50ca9ae635dd0762e147b452be44c729c 100644 (file)
--- a/net/ipv6/anycast.c
+++ b/net/ipv6/anycast.c
@@ -49,9 +49,10 @@ static DEFINE_SPINLOCK(acaddr_hash_lock);
 
 static int ipv6_dev_ac_dec(struct net_device *dev, const struct in6_addr *addr);
 
-static u32 inet6_acaddr_hash(struct net *net, const struct in6_addr *addr)
+static u32 inet6_acaddr_hash(const struct net *net,
+                            const struct in6_addr *addr)
 {
-       u32 val = ipv6_addr_hash(addr) ^ net_hash_mix(net);
+       u32 val = __ipv6_addr_jhash(addr, net_hash_mix(net));
 
        return hash_32(val, IN6_ADDR_HSIZE_SHIFT);
 }