1 #include <linux/export.h>
2 #include <linux/skbuff.h>
6 /* This function exists only for tap drivers that must support broken
7 * clients requesting UFO without specifying an IPv6 fragment ID.
9 * This is similar to ipv6_select_ident() but we use an independent hash
10 * seed to limit information leakage.
12 void ipv6_proxy_select_ident(struct sk_buff *skb)
14 static u32 ip6_proxy_idents_hashrnd __read_mostly;
15 static bool hashrnd_initialized = false;
16 struct in6_addr buf[2];
17 struct in6_addr *addrs;
20 addrs = skb_header_pointer(skb,
21 skb_network_offset(skb) +
22 offsetof(struct ipv6hdr, saddr),
27 if (unlikely(!hashrnd_initialized)) {
28 hashrnd_initialized = true;
29 get_random_bytes(&ip6_proxy_idents_hashrnd,
30 sizeof(ip6_proxy_idents_hashrnd));
32 hash = __ipv6_addr_jhash(&addrs[1], ip6_proxy_idents_hashrnd);
33 hash = __ipv6_addr_jhash(&addrs[0], hash);
35 id = ip_idents_reserve(hash, 1);
36 skb_shinfo(skb)->ip6_frag_id = htonl(id);
38 EXPORT_SYMBOL_GPL(ipv6_proxy_select_ident);