all: use siphash24 for hashing

siphash24() is wildly used by projects nowadays.

It's certainly slower then our djb hashing that we used before.
But quite likely it's fast enough for us, given how wildly it is
used. I think it would be hard to profile NetworkManager to show
that the performance of hash tables is the issue, be it with
djb or siphash24.

Certainly with siphash24() it's much harder to exploit the hashing
algorithm to cause worst case hash operations (provided that the
seed is kept private). Does this better resistance against a denial
of service matter for us? Probably not, but let's better be safe then
sorry.

Note that systemd's implementation uses a different seed for each hash
table (at least, after the hash table grows to a certain size).
We don't do that and use only one global seed.

shared/nm-utils/nm-hash-utils.c

@@ -23,33 +23,59 @@
 
 #include "nm-hash-utils.h"
 
+#include <stdint.h>
+
 #include "nm-shared-utils.h"
 #include "nm-random-utils.h"
 
 /*****************************************************************************/
 
+#define HASH_KEY_SIZE 16u
+#define HASH_KEY_SIZE_GUINT ((HASH_KEY_SIZE + sizeof (guint) - 1) / sizeof (guint))
+
+G_STATIC_ASSERT (sizeof (guint) * HASH_KEY_SIZE_GUINT >= HASH_KEY_SIZE);
+
+static const guint8 *
+_get_hash_key (void)
+{
+	static const guint8 *volatile global_seed = NULL;
+	const guint8 *g;
+
+	g = global_seed;
+	if (G_UNLIKELY (g == NULL)) {
+		/* the returned hash is aligned to guin64, hence, it is save
+		 * to use it as guint* or guint64* pointer. */
+		static union {
+			guint8 v8[HASH_KEY_SIZE];
+		} g_arr _nm_alignas (guint64);
+		static gsize g_lock;
+
+		if (g_once_init_enter (&g_lock)) {
+			nm_utils_random_bytes (g_arr.v8, sizeof (g_arr.v8));
+			g_atomic_pointer_compare_and_exchange (&global_seed, NULL, g_arr.v8);
+			g = g_arr.v8;
+			g_once_init_leave (&g_lock, 1);
+		} else {
+			g = global_seed;
+			nm_assert (g);
+		}
+	}
+
+	return g;
+}
+
 void
 nm_hash_init (NMHashState *state, guint static_seed)
 {
-	static volatile guint global_seed = 0;
-	guint g, s;
+	const guint8 *g;
+	guint seed[HASH_KEY_SIZE_GUINT];
 
 	nm_assert (state);
 
-	/* we xor @seed with a random @global_seed. This is to make the hashing behavior
-	 * less predictable and harder to exploit collisions. */
-	g = global_seed;
-	if (G_UNLIKELY (g == 0)) {
-		nm_utils_random_bytes (&s, sizeof (s));
-		if (s == 0)
-			s = 42;
-		g_atomic_int_compare_and_exchange ((int *) &global_seed, 0, s);
-		g = global_seed;
-		nm_assert (g);
-	}
-
-	s = g ^ static_seed;
-	state->hash = s;
+	g = _get_hash_key ();
+	memcpy (seed, g, HASH_KEY_SIZE);
+	seed[0] ^= static_seed;
+	siphash24_init (&state->_state, (const guint8 *) seed);
 }
 
 guint
@@ -57,8 +83,11 @@ nm_hash_str (const char *str)
 {
 	NMHashState h;
 
-	nm_hash_init (&h, 1867854211u);
-	nm_hash_update_str (&h, str);
+	if (str) {
+		nm_hash_init (&h, 1867854211u);
+		nm_hash_update_str (&h, str);
+	} else
+		nm_hash_init (&h, 842995561u);
 	return nm_hash_complete (&h);
 }
 
@@ -68,6 +97,21 @@ nm_str_hash (gconstpointer str)
 	return nm_hash_str (str);
 }
 
+guint
+nm_hash_ptr (gconstpointer ptr)
+{
+	guint h;
+
+	h = ((const guint *) _get_hash_key ())[0];
+
+	if (sizeof (ptr) <= sizeof (guint))
+		h = h ^ ((guint) ((uintptr_t) ptr));
+	else
+		h = h ^ ((guint) (((uintptr_t) ptr) >> 32)) ^ ((guint) ((uintptr_t) ptr));
+
+	return h ?: 2907677551u;
+}
+
 guint
 nm_direct_hash (gconstpointer ptr)
 {