toeplitz.c revision 1.3
1 1.1 jmcneill /* $OpenBSD: toeplitz.c,v 1.9 2020/09/01 19:18:26 tb Exp $ */ 2 1.1 jmcneill 3 1.1 jmcneill /* 4 1.1 jmcneill * Copyright (c) 2009 The DragonFly Project. All rights reserved. 5 1.1 jmcneill * 6 1.1 jmcneill * This code is derived from software contributed to The DragonFly Project 7 1.1 jmcneill * by Sepherosa Ziehau <sepherosa (at) gmail.com> 8 1.1 jmcneill * 9 1.1 jmcneill * Redistribution and use in source and binary forms, with or without 10 1.1 jmcneill * modification, are permitted provided that the following conditions 11 1.1 jmcneill * are met: 12 1.1 jmcneill * 13 1.1 jmcneill * 1. Redistributions of source code must retain the above copyright 14 1.1 jmcneill * notice, this list of conditions and the following disclaimer. 15 1.1 jmcneill * 2. Redistributions in binary form must reproduce the above copyright 16 1.1 jmcneill * notice, this list of conditions and the following disclaimer in 17 1.1 jmcneill * the documentation and/or other materials provided with the 18 1.1 jmcneill * distribution. 19 1.1 jmcneill * 3. Neither the name of The DragonFly Project nor the names of its 20 1.1 jmcneill * contributors may be used to endorse or promote products derived 21 1.1 jmcneill * from this software without specific, prior written permission. 22 1.1 jmcneill * 23 1.1 jmcneill * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 24 1.1 jmcneill * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 25 1.1 jmcneill * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 26 1.1 jmcneill * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 27 1.1 jmcneill * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 28 1.1 jmcneill * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, 29 1.1 jmcneill * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 30 1.1 jmcneill * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 31 1.1 jmcneill * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 32 1.1 jmcneill * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 33 1.1 jmcneill * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 34 1.1 jmcneill * SUCH DAMAGE. 35 1.1 jmcneill */ 36 1.1 jmcneill 37 1.1 jmcneill /* 38 1.1 jmcneill * Copyright (c) 2019 David Gwynne <dlg (at) openbsd.org> 39 1.1 jmcneill * Copyright (c) 2020 Theo Buehler <tb (at) openbsd.org> 40 1.1 jmcneill * 41 1.1 jmcneill * Permission to use, copy, modify, and distribute this software for any 42 1.1 jmcneill * purpose with or without fee is hereby granted, provided that the above 43 1.1 jmcneill * copyright notice and this permission notice appear in all copies. 44 1.1 jmcneill * 45 1.1 jmcneill * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 46 1.1 jmcneill * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 47 1.1 jmcneill * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 48 1.1 jmcneill * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 49 1.1 jmcneill * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 50 1.1 jmcneill * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 51 1.1 jmcneill * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 52 1.1 jmcneill */ 53 1.1 jmcneill 54 1.1 jmcneill #include <sys/param.h> 55 1.1 jmcneill #include <sys/systm.h> 56 1.1 jmcneill #include <sys/kernel.h> 57 1.1 jmcneill #include <sys/sysctl.h> 58 1.1 jmcneill #include <sys/cprng.h> 59 1.1 jmcneill 60 1.1 jmcneill #include <netinet/in.h> 61 1.1 jmcneill 62 1.1 jmcneill #include <net/toeplitz.h> 63 1.1 jmcneill 64 1.1 jmcneill /* 65 1.1 jmcneill * symmetric toeplitz 66 1.1 jmcneill */ 67 1.1 jmcneill 68 1.1 jmcneill static stoeplitz_key stoeplitz_keyseed = STOEPLITZ_KEYSEED; 69 1.1 jmcneill static struct stoeplitz_cache stoeplitz_syskey_cache; 70 1.1 jmcneill const struct stoeplitz_cache *const 71 1.1 jmcneill stoeplitz_cache = &stoeplitz_syskey_cache; 72 1.1 jmcneill 73 1.1 jmcneill /* parity of n16: count (mod 2) of ones in the binary representation. */ 74 1.1 jmcneill static int 75 1.1 jmcneill parity(uint16_t n16) 76 1.1 jmcneill { 77 1.1 jmcneill n16 = ((n16 & 0xaaaa) >> 1) ^ (n16 & 0x5555); 78 1.1 jmcneill n16 = ((n16 & 0xcccc) >> 2) ^ (n16 & 0x3333); 79 1.1 jmcneill n16 = ((n16 & 0xf0f0) >> 4) ^ (n16 & 0x0f0f); 80 1.1 jmcneill n16 = ((n16 & 0xff00) >> 8) ^ (n16 & 0x00ff); 81 1.1 jmcneill 82 1.1 jmcneill return (n16); 83 1.1 jmcneill } 84 1.1 jmcneill 85 1.1 jmcneill /* 86 1.1 jmcneill * The Toeplitz matrix obtained from a seed is invertible if and only if the 87 1.1 jmcneill * parity of the seed is 1. Generate such a seed uniformly at random. 88 1.1 jmcneill */ 89 1.1 jmcneill static stoeplitz_key 90 1.1 jmcneill stoeplitz_random_seed(void) 91 1.1 jmcneill { 92 1.1 jmcneill stoeplitz_key seed; 93 1.1 jmcneill 94 1.1 jmcneill seed = cprng_strong32() & UINT16_MAX; 95 1.1 jmcneill if (parity(seed) == 0) 96 1.1 jmcneill seed ^= 1; 97 1.1 jmcneill 98 1.1 jmcneill return (seed); 99 1.1 jmcneill } 100 1.1 jmcneill 101 1.1 jmcneill void 102 1.1 jmcneill stoeplitz_init(void) 103 1.1 jmcneill { 104 1.1 jmcneill stoeplitz_keyseed = stoeplitz_random_seed(); 105 1.1 jmcneill stoeplitz_cache_init(&stoeplitz_syskey_cache, stoeplitz_keyseed); 106 1.1 jmcneill } 107 1.1 jmcneill 108 1.1 jmcneill #define NBSK (NBBY * sizeof(stoeplitz_key)) 109 1.1 jmcneill 110 1.1 jmcneill /* 111 1.1 jmcneill * The Toeplitz hash of a 16-bit number considered as a column vector over 112 1.1 jmcneill * the field with two elements is calculated as a matrix multiplication with 113 1.1 jmcneill * a 16x16 circulant Toeplitz matrix T generated by skey. 114 1.1 jmcneill * 115 1.1 jmcneill * The first eight columns H of T generate the remaining eight columns using 116 1.1 jmcneill * the byteswap operation J = swap16: T = [H JH]. Thus, the Toeplitz hash of 117 1.1 jmcneill * n = [hi lo] is computed via the formula T * n = (H * hi) ^ swap16(H * lo). 118 1.1 jmcneill * 119 1.1 jmcneill * Therefore the results H * val for all values of a byte are cached in scache. 120 1.1 jmcneill */ 121 1.1 jmcneill void 122 1.1 jmcneill stoeplitz_cache_init(struct stoeplitz_cache *scache, stoeplitz_key skey) 123 1.1 jmcneill { 124 1.1 jmcneill uint16_t column[NBBY]; 125 1.1 jmcneill unsigned int b, shift, val; 126 1.1 jmcneill 127 1.1 jmcneill bzero(column, sizeof(column)); 128 1.1 jmcneill 129 1.1 jmcneill /* Calculate the first eight columns H of the Toeplitz matrix T. */ 130 1.1 jmcneill for (b = 0; b < NBBY; ++b) 131 1.1 jmcneill column[b] = skey << b | skey >> (NBSK - b); 132 1.1 jmcneill 133 1.1 jmcneill /* Cache the results of H * val for all possible values of a byte. */ 134 1.1 jmcneill for (val = 0; val < 256; ++val) { 135 1.1 jmcneill uint16_t res = 0; 136 1.1 jmcneill 137 1.1 jmcneill for (b = 0; b < NBBY; ++b) { 138 1.1 jmcneill shift = NBBY - b - 1; 139 1.1 jmcneill if (val & (1 << shift)) 140 1.1 jmcneill res ^= column[b]; 141 1.1 jmcneill } 142 1.1 jmcneill scache->bytes[val] = res; 143 1.1 jmcneill } 144 1.1 jmcneill } 145 1.1 jmcneill 146 1.1 jmcneill uint16_t 147 1.1 jmcneill stoeplitz_hash_ip4(const struct stoeplitz_cache *scache, 148 1.1 jmcneill in_addr_t faddr, in_addr_t laddr) 149 1.1 jmcneill { 150 1.1 jmcneill return (stoeplitz_hash_n32(scache, faddr ^ laddr)); 151 1.1 jmcneill } 152 1.1 jmcneill 153 1.1 jmcneill uint16_t 154 1.1 jmcneill stoeplitz_hash_ip4port(const struct stoeplitz_cache *scache, 155 1.1 jmcneill in_addr_t faddr, in_addr_t laddr, in_port_t fport, in_port_t lport) 156 1.1 jmcneill { 157 1.1 jmcneill return (stoeplitz_hash_n32(scache, faddr ^ laddr ^ fport ^ lport)); 158 1.1 jmcneill } 159 1.1 jmcneill 160 1.1 jmcneill #ifdef INET6 161 1.1 jmcneill uint16_t 162 1.1 jmcneill stoeplitz_hash_ip6(const struct stoeplitz_cache *scache, 163 1.1 jmcneill const struct in6_addr *faddr6, const struct in6_addr *laddr6) 164 1.1 jmcneill { 165 1.1 jmcneill uint32_t n32 = 0; 166 1.1 jmcneill size_t i; 167 1.1 jmcneill 168 1.2 yamaguch for (i = 0; i < __arraycount(faddr6->s6_addr32); i++) 169 1.1 jmcneill n32 ^= faddr6->s6_addr32[i] ^ laddr6->s6_addr32[i]; 170 1.1 jmcneill 171 1.1 jmcneill return (stoeplitz_hash_n32(scache, n32)); 172 1.1 jmcneill } 173 1.1 jmcneill 174 1.1 jmcneill uint16_t 175 1.1 jmcneill stoeplitz_hash_ip6port(const struct stoeplitz_cache *scache, 176 1.1 jmcneill const struct in6_addr *faddr6, const struct in6_addr *laddr6, 177 1.1 jmcneill in_port_t fport, in_port_t lport) 178 1.1 jmcneill { 179 1.1 jmcneill uint32_t n32 = 0; 180 1.1 jmcneill size_t i; 181 1.1 jmcneill 182 1.2 yamaguch for (i = 0; i < __arraycount(faddr6->s6_addr32); i++) 183 1.1 jmcneill n32 ^= faddr6->s6_addr32[i] ^ laddr6->s6_addr32[i]; 184 1.1 jmcneill 185 1.1 jmcneill n32 ^= fport ^ lport; 186 1.1 jmcneill 187 1.1 jmcneill return (stoeplitz_hash_n32(scache, n32)); 188 1.1 jmcneill } 189 1.1 jmcneill #endif /* INET6 */ 190 1.1 jmcneill 191 1.1 jmcneill void 192 1.1 jmcneill stoeplitz_to_key(void *key, size_t klen) 193 1.1 jmcneill { 194 1.1 jmcneill uint8_t *k = key; 195 1.1 jmcneill uint16_t skey = htons(stoeplitz_keyseed); 196 1.1 jmcneill size_t i; 197 1.1 jmcneill 198 1.1 jmcneill KASSERT((klen % 2) == 0); 199 1.1 jmcneill 200 1.1 jmcneill for (i = 0; i < klen; i += sizeof(skey)) { 201 1.1 jmcneill k[i + 0] = skey >> 8; 202 1.1 jmcneill k[i + 1] = skey; 203 1.1 jmcneill } 204 1.1 jmcneill } 205 1.3 knakahar 206 1.3 knakahar /* 207 1.3 knakahar * e.g.) 208 1.3 knakahar * 209 1.3 knakahar * struct in_addr src, dst; 210 1.3 knakahar * uint16_t srcport, dstport; 211 1.3 knakahar * toeplitz_vhash(rsskey[], sizeof(rsskey), 212 1.3 knakahar * &src, sizeof(src), 213 1.3 knakahar * &dst, sizeof(dst), 214 1.3 knakahar * &srcport, sizeof(srcport), 215 1.3 knakahar * &dstport, sizeof(dstport), 216 1.3 knakahar * NULL); 217 1.3 knakahar * 218 1.3 knakahar * struct in6_addr src6, dst6; 219 1.3 knakahar * toeplitz_vhash(rsskey[], sizeof(rsskey), 220 1.3 knakahar * &src6, sizeof(src6), 221 1.3 knakahar * &dst6, sizeof(dst6), 222 1.3 knakahar * NULL); 223 1.3 knakahar * 224 1.3 knakahar * struct ip *ip; 225 1.3 knakahar * struct tcphdr *tcp; 226 1.3 knakahar * toeplitz_vhash(rsskey[], sizeof(rsskey), 227 1.3 knakahar * &ip->ip_src, sizeof(ip->ip_src), 228 1.3 knakahar * &ip->ip_dst, sizeof(ip->ip_dst), 229 1.3 knakahar * &tcp->th_sport, sizeof(tcp->th_sport), 230 1.3 knakahar * &tcp->th_dport, sizeof(tcp->th_dport), 231 1.3 knakahar * NULL); 232 1.3 knakahar * 233 1.3 knakahar */ 234 1.3 knakahar uint32_t 235 1.3 knakahar toeplitz_vhash(const uint8_t *keyp, size_t keylen, ...) 236 1.3 knakahar { 237 1.3 knakahar va_list ap; 238 1.3 knakahar uint32_t hash, v; 239 1.3 knakahar size_t datalen; 240 1.3 knakahar uint8_t *datap, key, data; 241 1.3 knakahar const uint8_t *keyend; 242 1.3 knakahar 243 1.3 knakahar keyend = keyp + keylen; 244 1.3 knakahar 245 1.3 knakahar /* first 32bit is initial vector */ 246 1.3 knakahar v = *keyp++; 247 1.3 knakahar v <<= 8; 248 1.3 knakahar v |= *keyp++; 249 1.3 knakahar v <<= 8; 250 1.3 knakahar v |= *keyp++; 251 1.3 knakahar v <<= 8; 252 1.3 knakahar v |= *keyp++; 253 1.3 knakahar 254 1.3 knakahar hash = 0; 255 1.3 knakahar va_start(ap, keylen); 256 1.3 knakahar 257 1.3 knakahar while ((datap = va_arg(ap, uint8_t *)) != NULL) { 258 1.3 knakahar for (datalen = va_arg(ap, size_t); datalen > 0; datalen--) { 259 1.3 knakahar /* fetch key and input data by 8bit */ 260 1.3 knakahar if (keyp < keyend) 261 1.3 knakahar key = *keyp++; 262 1.3 knakahar else 263 1.3 knakahar key = 0; 264 1.3 knakahar data = *datap++; 265 1.3 knakahar 266 1.3 knakahar #define XOR_AND_FETCH_BIT(x) \ 267 1.3 knakahar if (data & __BIT(x)) \ 268 1.3 knakahar hash ^= v; \ 269 1.3 knakahar v <<= 1; \ 270 1.3 knakahar if (key & __BIT(x)) \ 271 1.3 knakahar v |= 1; 272 1.3 knakahar 273 1.3 knakahar XOR_AND_FETCH_BIT(7); 274 1.3 knakahar XOR_AND_FETCH_BIT(6); 275 1.3 knakahar XOR_AND_FETCH_BIT(5); 276 1.3 knakahar XOR_AND_FETCH_BIT(4); 277 1.3 knakahar XOR_AND_FETCH_BIT(3); 278 1.3 knakahar XOR_AND_FETCH_BIT(2); 279 1.3 knakahar XOR_AND_FETCH_BIT(1); 280 1.3 knakahar XOR_AND_FETCH_BIT(0); 281 1.3 knakahar 282 1.3 knakahar #undef XOR_AND_FETCH_BIT 283 1.3 knakahar } 284 1.3 knakahar } 285 1.3 knakahar va_end(ap); 286 1.3 knakahar 287 1.3 knakahar return hash; 288 1.3 knakahar } 289
Indexes created Thu Oct 02 14:10:14 GMT 2025