hashtables: get_random_int is now more secure, so expose directly

On 4.11, get_random_u32 now either uses chacha or rdrand, rather than the horrible former MD5 construction, so we feel more comfortable exposing RNG output directly. On older kernels, we fall back to something a bit disgusting. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
author: Jason A. Donenfeld <Jason@zx2c4.com> 2017-03-16 15:28:16 +0100
committer: Jason A. Donenfeld <Jason@zx2c4.com> 2017-03-19 15:34:46 +0100
commit: b42320fdd8354b7fee47b52b68d730911e57e534 (patch)
tree: 693f32855fe14320353b934b15c1b757bb0f62f4 /src/compat
parent: 0cd737b5c78f6ec118e6aaea249ba22ced6cfd53 (diff)
1 files changed, 19 insertions, 0 deletions
diff --git a/src/compat/compat.h b/src/compat/compat.h
index 141cad7..4e6010f 100644
--- a/src/compat/compat.h
+++ b/src/compat/compat.h
@@ -171,6 +171,25 @@ static inline void skb_reset_tc(struct sk_buff *skb)
 }
 #endif
 
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 11, 0)
+#include <linux/siphash.h>
+static inline u32 get_random_u32(void)
+{
+	static siphash_key_t key;
+	static u32 counter = 0;
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0)
+	static bool has_seeded = false;
+	if (unlikely(!has_seeded)) {
+		get_random_bytes(&key, sizeof(key));
+		has_seeded = true;
+	}
+#else
+	get_random_once(&key, sizeof(key));
+#endif
+	return siphash_2u32(counter++, get_random_int(), &key);
+}
+#endif
+
 /* https://lkml.org/lkml/2015/6/12/415 */
 #include <linux/netdevice.h>
 static inline struct net_device *netdev_pub(void *dev)
author	Jason A. Donenfeld <Jason@zx2c4.com>	2017-03-16 15:28:16 +0100
committer	Jason A. Donenfeld <Jason@zx2c4.com>	2017-03-19 15:34:46 +0100
commit	b42320fdd8354b7fee47b52b68d730911e57e534 (patch)
tree	693f32855fe14320353b934b15c1b757bb0f62f4 /src/compat
parent	0cd737b5c78f6ec118e6aaea249ba22ced6cfd53 (diff)