kernel_optimize_test/Documentation
Jason A. Donenfeld 2c956a6077 siphash: add cryptographically secure PRF
SipHash is a 64-bit keyed hash function that is actually a
cryptographically secure PRF, like HMAC. Except SipHash is super fast,
and is meant to be used as a hashtable keyed lookup function, or as a
general PRF for short input use cases, such as sequence numbers or RNG
chaining.

For the first usage:

There are a variety of attacks known as "hashtable poisoning" in which an
attacker forms some data such that the hash of that data will be the
same, and then preceeds to fill up all entries of a hashbucket. This is
a realistic and well-known denial-of-service vector. Currently
hashtables use jhash, which is fast but not secure, and some kind of
rotating key scheme (or none at all, which isn't good). SipHash is meant
as a replacement for jhash in these cases.

There are a modicum of places in the kernel that are vulnerable to
hashtable poisoning attacks, either via userspace vectors or network
vectors, and there's not a reliable mechanism inside the kernel at the
moment to fix it. The first step toward fixing these issues is actually
getting a secure primitive into the kernel for developers to use. Then
we can, bit by bit, port things over to it as deemed appropriate.

While SipHash is extremely fast for a cryptographically secure function,
it is likely a bit slower than the insecure jhash, and so replacements
will be evaluated on a case-by-case basis based on whether or not the
difference in speed is negligible and whether or not the current jhash usage
poses a real security risk.

For the second usage:

A few places in the kernel are using MD5 or SHA1 for creating secure
sequence numbers, syn cookies, port numbers, or fast random numbers.
SipHash is a faster and more fitting, and more secure replacement for MD5
in those situations. Replacing MD5 and SHA1 with SipHash for these uses is
obvious and straight-forward, and so is submitted along with this patch
series. There shouldn't be much of a debate over its efficacy.

Dozens of languages are already using this internally for their hash
tables and PRFs. Some of the BSDs already use this in their kernels.
SipHash is a widely known high-speed solution to a widely known set of
problems, and it's time we catch-up.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Reviewed-by: Jean-Philippe Aumasson <jeanphilippe.aumasson@gmail.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Eric Biggers <ebiggers3@gmail.com>
Cc: David Laight <David.Laight@aculab.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-01-09 13:58:57 -05:00
..
ABI Merge branch 'x86-cache-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-12-22 09:25:45 -08:00
accounting tools: move accounting tool from Documentation 2016-09-23 13:07:15 -06:00
acpi ACPI material for v4.10-rc1 2016-12-13 11:06:21 -08:00
admin-guide ima: define a canonical binary_runtime_measurements list format 2016-12-20 09:48:45 -08:00
aoe
arm ARM: SoC platform updates for v4.10 2016-12-15 15:39:02 -08:00
arm64 arm64 updates for 4.9: 2016-10-03 08:58:35 -07:00
auxdisplay samples: move auxdisplay example code from Documentation 2016-09-23 11:52:32 -06:00
backlight
blackfin samples: move blackfin gptimers-example from Documentation 2016-10-10 07:12:02 -06:00
block block: fix up io_poll documentation 2017-01-03 16:47:13 -07:00
blockdev docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
bus-devices
cdrom
cgroup-v1 docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
cma
connector
console
core-api core-api: remove an unexpected unident 2016-12-01 10:46:01 -07:00
cpu-freq Documentation: intel_pstate: Document HWP energy/performance hints 2016-12-08 01:43:05 +01:00
cpuidle
cris
crypto This pull contains one set of changes: a conversion of the crypto DocBook 2016-12-17 16:00:34 -08:00
dev-tools Documentation/sparse: drop __CHECK_ENDIAN__ 2016-12-16 00:13:41 +02:00
device-mapper Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2016-12-14 11:12:25 -08:00
devicetree Documentation: DT: net: cpsw: remove no_bd_ram property 2017-01-07 20:48:14 -05:00
dmaengine dmaengine: Documentation: Fix typo in pxa_dma.txt 2016-11-14 08:14:24 +05:30
doc-guide docs-rst: parse-headers.pl: cleanup the documentation 2016-11-30 17:08:09 -07:00
DocBook docs: Fix build failure 2016-12-27 13:05:36 -07:00
driver-api edac.rst: move concepts dictionary from edac.h 2016-12-15 08:58:12 -02:00
driver-model devres: add devm_alloc_percpu() 2016-11-15 22:34:25 -05:00
early-userspace
EDID
extcon
fault-injection
fb
features 2nd round of ARC udpates for 4.10rc1 2016-12-23 10:22:47 -08:00
filesystems Merge uncontroversial parts of branch 'readlink' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs 2016-12-17 19:16:12 -08:00
firmware_class
fmc
fpga fpga: Clarify how write_init works streaming modes 2016-11-29 15:51:49 -06:00
frv docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
gpio Bulk GPIO changes for the v4.10 kernel cycle: 2016-12-13 07:54:57 -08:00
gpu Main pull request for drm for 4.10 kernel 2016-12-13 09:35:09 -08:00
hid Documentation: HID: Intel ISH HID document 2016-08-17 11:13:07 +02:00
hwmon hwmon updates for v4.10 2016-12-13 15:43:56 -08:00
i2c Merge branch 'i2c/for-4.10' of git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux 2016-12-15 12:56:35 -08:00
ia64 selftests: move ia64 tests from Documentation/ia64 2016-09-20 09:58:12 -06:00
ide
iio iio: Documentation: Correct the path used to create triggers. 2016-10-01 00:49:58 -06:00
infiniband IB/hfi1: Document new sysfs entries for hfi1 driver 2016-10-02 08:42:19 -04:00
input Input: ALPS - add V8 protocol documentation 2016-10-04 11:47:02 -07:00
ioctl doc: ioctl: Add some clarifications to botching-up-ioctls 2016-09-06 06:00:22 -06:00
isdn docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
kbuild Kconfig: Introduce the "imply" keyword 2016-11-16 09:26:33 +01:00
kdump Documentation: kdump: Add description of enable multi-cpus support 2016-09-20 18:02:54 -06:00
laptops platform/x86: thinkpad_acpi: Add support for X1 Yoga (2016) Tablet Mode 2016-12-13 09:29:06 -08:00
leds leds/leds-lp5523.txt: make documentation match reality 2016-11-22 12:07:02 +01:00
livepatch Documentation/livepatch: Fix stale link to gmame 2016-12-09 13:41:46 +01:00
locking locking/lglock: Remove lglock implementation 2016-09-22 15:25:56 +02:00
m68k docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
media Merge branch 'patchwork' into v4l_for_linus 2016-12-15 08:38:35 -02:00
memory-devices
metag
mic samples: move mic/mpssd example code from Documentation 2016-09-20 12:38:48 -06:00
mips
misc-devices samples: move misc-devices/mei example code from Documentation 2016-09-23 11:51:43 -06:00
mmc mmc: core: Extend sysfs with DSR register 2016-07-25 10:34:51 +02:00
mn10300
mtd
namespaces
netlabel
networking Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2017-01-05 11:03:07 -05:00
nfc
nios2
nvdimm libnvdimm, btt: update the usage section in Documentation 2016-06-17 16:23:23 -07:00
nvmem
parisc
PCI PCI changes for the v4.9 merge window: 2016-10-07 11:46:37 -07:00
pcmcia tools: move pcmcia crc32hash tool from Documentation 2016-09-23 13:07:27 -06:00
perf perf: xgene: Add APM X-Gene SoC Performance Monitoring Unit driver 2016-09-15 11:20:55 -07:00
phy
platform
power Power management material for v4.10-rc1 2016-12-13 10:41:53 -08:00
powerpc powerpc updates for 4.9 2016-10-07 20:19:31 -07:00
pps
prctl selftests: move prctl tests from Documentation/prctl 2016-09-20 09:09:09 -06:00
process Doc: Correct typo, "Introdution" => "Introduction" 2016-12-01 10:44:08 -07:00
pti
ptp selftests: move ptp tests from Documentation/ptp 2016-09-20 09:54:38 -06:00
rapidio rapidio/documentation/mport_cdev: add missing parameter description 2016-09-01 17:52:02 -07:00
RCU Documentation/RCU: Fix minor typo 2016-11-14 10:39:48 -08:00
s390 s390/Documentation: improve sort command for trace buffer 2016-06-13 15:58:23 +02:00
scheduler docs/completion.txt: drop dangling reference to completions-design.txt 2016-11-16 16:27:50 -07:00
scsi Merge branch 'misc' into for-linus 2016-12-22 12:32:33 -08:00
security Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2016-12-14 13:57:44 -08:00
serial Documentation: rs485: Do not define manually the ioctl 2016-08-18 11:08:33 -06:00
sh
sound Merge remote-tracking branch 'sound/topic/restize-docs' into sound 2016-11-18 16:19:28 -07:00
sphinx docs: sphinx-extensions: make rstFlatTable work with docutils 0.13 2016-12-18 13:30:29 -07:00
sphinx-static This is the documentation update pull for the 4.9 merge window. 2016-10-04 13:54:07 -07:00
spi Doc: update 00-INDEX files to reflect the runnable code move 2016-10-10 07:12:09 -06:00
sysctl net: dev_weight: TX/RX orthogonality 2016-12-29 15:38:35 -05:00
target
thermal thermal: Add support for hardware-tracked trip points 2016-09-27 14:02:16 +08:00
timers Doc: update 00-INDEX files to reflect the runnable code move 2016-10-10 07:12:09 -06:00
trace This release has a few updates: 2016-12-15 13:49:34 -08:00
translations Documentation/sparse: drop __CHECK_ENDIAN__ 2016-12-16 00:13:41 +02:00
usb Documentation: tiny typo fix in usb/gadget_multi.txt 2016-06-23 08:09:10 -06:00
virtual KVM: hyperv: fix locking of struct kvm_hv fields 2016-12-16 17:53:38 +01:00
vm These are the documentation changes for 4.10. 2016-12-12 21:58:13 -08:00
w1
watchdog docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
wimax
x86 Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2016-12-23 16:54:46 -08:00
xtensa xtensa: cleanup MMU setup and kernel layout macros 2016-07-24 06:33:58 +03:00
.gitignore Add .pyc files to .gitignore 2016-06-30 13:07:33 -06:00
00-INDEX edac: adjust docs location at MAINTAINERS and 00-INDEX 2016-12-15 08:57:16 -02:00
bcache.txt bcache: documentation formatting, edited for clarity, stripe alignment notes 2016-06-23 07:58:38 -06:00
bt8xxgpio.txt
btmrvl.txt
bus-virt-phys-mapping.txt
cachetlb.txt
cgroup-v2.txt
Changes docs: add back 'Documentation/Changes' file (as symlink) 2016-12-14 16:30:12 -08:00
circular-buffers.txt Documentation: circular-buffers: use READ_ONCE() 2016-11-16 16:17:45 -07:00
clk.txt Documentation: clk: update file names containing referenced structures 2016-08-14 12:12:36 -06:00
CodingStyle doc: re-add CodingStyle and SubmittingPatches 2016-10-24 08:12:35 -02:00
conf.py docs-rst: doc-guide: split the kernel-documentation.rst contents 2016-11-19 10:22:04 -07:00
cpu-hotplug.txt Documentation: cpu-hotplug: Fix typos 2016-10-25 17:07:52 -06:00
cpu-load.txt
cputopology.txt topology/sysfs: provide drawer id and siblings attributes 2016-06-13 15:58:27 +02:00
crc32.txt
dcdbas.txt
debugging-modules.txt
debugging-via-ohci1394.txt
dell_rbu.txt
digsig.txt
DMA-API-HOWTO.txt Documentation: DMA-API-HOWTO: Fix a typo 2016-09-20 17:58:46 -06:00
DMA-API.txt dma-mapping: add dma_{map,unmap}_resource 2016-09-26 22:16:41 +05:30
DMA-attributes.txt dma-mapping: introduce the DMA_ATTR_NO_WARN attribute 2016-10-11 15:06:32 -07:00
dma-buf-sharing.txt
DMA-ISA-LPC.txt
docutils.conf doc-rst: add docutils config file 2016-08-14 11:52:40 -06:00
dontdiff Remove last traces of ikconfig.h 2016-12-14 10:54:28 +01:00
efi-stub.txt
eisa.txt
flexible-arrays.txt
futex-requeue-pi.txt
gcc-plugins.txt GCC plugin infrastructure 2016-06-07 22:57:10 +02:00
highuid.txt
hw_random.txt
hwspinlock.txt
index.rst crypto: doc - convert crypto API documentation to Sphinx 2016-12-13 16:37:54 -07:00
intel_txt.txt
Intel-IOMMU.txt
io_ordering.txt
io-mapping.txt
iostats.txt
IPMI.txt ipmi: Update documentation 2016-11-07 12:16:06 -06:00
IRQ-affinity.txt
IRQ-domain.txt
IRQ.txt
irqflags-tracing.txt
isa.txt
isapnp.txt
kernel-doc-nano-HOWTO.txt docs-rst: doc-guide: split the kernel-documentation.rst contents 2016-11-19 10:22:04 -07:00
kernel-per-CPU-kthreads.txt docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
kobject.txt
kprobes.txt Documentation: kprobes: Document jprobes stack copying limitations 2016-08-15 10:19:11 -06:00
kref.txt
kselftest.txt Doc: update kselftest.txt with details on how to run tests after install 2016-11-07 18:04:18 -07:00
ldm.txt
lockup-watchdogs.txt docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
logo.gif
logo.txt
lzo.txt
mailbox.txt
Makefile samples: move blackfin gptimers-example from Documentation 2016-10-10 07:12:02 -06:00
Makefile.sphinx docs-rst: fix media cleandocs target 2016-11-30 17:08:03 -07:00
md-cluster.txt
memory-barriers.txt locking/Documentation: Fix a typo of example result 2016-08-12 08:24:13 +02:00
memory-hotplug.txt docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
men-chameleon-bus.txt
nommu-mmap.txt
ntb.txt
numastat.txt
padata.txt
parport-lowlevel.txt
percpu-rw-semaphore.txt
phy.txt
pi-futex.txt
pinctrl.txt pinctrl: Flag strict is a field in struct pinmux_ops 2016-06-23 10:50:10 +02:00
pnp.txt
preempt-locking.txt
printk-formats.txt
pwm.txt
rbtree.txt
remoteproc.txt remoteproc: Split driver and consumer dereferencing 2016-10-02 22:50:21 -07:00
rfkill.txt docs: fix locations of several documents that got moved 2016-10-24 08:12:35 -02:00
robust-futex-ABI.txt
robust-futexes.txt
rpmsg.txt
rtc.txt
SAK.txt
sgi-ioc4.txt
siphash.txt siphash: add cryptographically secure PRF 2017-01-09 13:58:57 -05:00
SM501.txt
smsc_ece1099.txt
static-keys.txt jump_labels: Allow array initialisers 2016-09-07 09:41:11 +01:00
SubmittingPatches doc: re-add CodingStyle and SubmittingPatches 2016-10-24 08:12:35 -02:00
svga.txt
sync_file.txt dma-buf: Rename struct fence to dma_fence 2016-10-25 14:40:39 +02:00
this_cpu_ops.txt
unaligned-memory-access.txt Documentation/unaligned-memory-access.txt: fix incorrect comparison operator 2016-12-27 13:08:42 -07:00
unshare.txt
vfio-mediated-device.txt docs: Sample driver to demonstrate how to use Mediated device framework. 2016-11-17 09:18:44 -07:00
vfio.txt
video-output.txt
xillybus.txt
xz.txt
zorro.txt