From: "David S. Miller" <davem@davemloft.net>
To: Harald Welte <laforge@gnumonks.org>
Cc: netdev@oss.sgi.com
Subject: Re: [6/6]: jenkins hash for neigh
Date: Fri, 24 Sep 2004 14:27:02 -0700 [thread overview]
Message-ID: <20040924142702.62a2b23d.davem@davemloft.net> (raw)
In-Reply-To: <20040924085234.GE3236@sunbeam.de.gnumonks.org>
On Fri, 24 Sep 2004 10:52:34 +0200
Harald Welte <laforge@gnumonks.org> wrote:
> So this means you put get_random_bytes into the __init function. I
> explicitly didn't want to do that (and added that _initted variable),
> since at bootup time we might not have sufficient entropy yet.
Good point.
> If we defer get_random_bytes() until the first neighbour is created,
> this gives the system some more time to gather entropy...
...
> Also, wouldn't it make sense to use a new random value if we grow the
> hash table? I mean it's cheap, and we make it harder for someone trying
> a hash-based attack.
I've combined all of your thoughts into the patch below.
We set the initial ARP table very small (2 chains), and we
regenerate the random seed every time we grow the hash table.
This should address all of your concerns.
# This is a BitKeeper generated diff -Nru style patch.
#
# ChangeSet
# 2004/09/24 14:06:45-07:00 davem@nuts.davemloft.net
# [NET]: Neighbour hashing tweaks.
#
# 1) Start with a smaller initial hash table size.
# This stresses the new code better.
# 2) Generate a new hash_rnd every time we grow
# the hashes.
#
# Based upon commentary from Harald Welte.
#
# Signed-off-by: David S. Miller <davem@davemloft.net>
#
# net/core/neighbour.c
# 2004/09/24 14:06:02-07:00 davem@nuts.davemloft.net +2 -1
# [NET]: Neighbour hashing tweaks.
#
# 1) Start with a smaller initial hash table size.
# This stresses the new code better.
# 2) Generate a new hash_rnd every time we grow
# the hashes.
#
# Based upon commentary from Harald Welte.
#
# Signed-off-by: David S. Miller <davem@davemloft.net>
#
diff -Nru a/net/core/neighbour.c b/net/core/neighbour.c
--- a/net/core/neighbour.c 2004-09-24 14:07:07 -07:00
+++ b/net/core/neighbour.c 2004-09-24 14:07:07 -07:00
@@ -331,6 +331,7 @@
old_hash = tbl->hash_buckets;
write_lock_bh(&tbl->lock);
+ get_random_bytes(&tbl->hash_rnd, sizeof(tbl->hash_rnd));
for (i = 0; i < old_entries; i++) {
struct neighbour *n, *next;
@@ -1306,7 +1307,7 @@
if (!tbl->kmem_cachep)
panic("cannot create neighbour cache");
- tbl->hash_mask = 0x1f;
+ tbl->hash_mask = 1;
tbl->hash_buckets = neigh_hash_alloc(tbl->hash_mask + 1);
phsize = (PNEIGH_HASHMASK + 1) * sizeof(struct pneigh_entry *);
next prev parent reply other threads:[~2004-09-24 21:27 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-09-24 5:51 [6/6]: jenkins hash for neigh David S. Miller
2004-09-24 8:52 ` Harald Welte
2004-09-24 21:27 ` David S. Miller [this message]
2004-09-25 6:44 ` Harald Welte
2004-09-25 7:56 ` David S. Miller
2004-09-25 8:14 ` YOSHIFUJI Hideaki / 吉藤英明
2004-09-25 8:27 ` YOSHIFUJI Hideaki / 吉藤英明
2004-09-25 8:30 ` David S. Miller
2004-09-25 9:09 ` Harald Welte
2004-09-25 13:33 ` Steven Whitehouse
2004-09-26 0:48 ` David S. Miller
2004-09-26 3:31 ` David S. Miller
2004-09-26 11:21 ` Thomas Graf
2004-09-27 9:29 ` Harald Welte
2004-09-27 18:57 ` David S. Miller
2004-09-26 10:11 ` YOSHIFUJI Hideaki / 吉藤英明
2004-09-27 11:43 ` Herbert Xu
2004-09-27 19:12 ` David S. Miller
2004-09-27 11:48 ` Herbert Xu
2004-09-27 18:15 ` David S. Miller
2004-09-27 21:41 ` Herbert Xu
2004-09-27 22:00 ` Herbert Xu
2004-10-02 7:50 ` Herbert Xu
2004-10-03 21:55 ` David S. Miller
2004-09-27 11:56 ` Herbert Xu
2004-09-27 19:14 ` David S. Miller
2004-09-27 22:26 ` [6/6]: jenkins hash for neigh / Statistics Harald Welte
2004-09-27 23:06 ` David S. Miller
2004-09-27 23:27 ` Stephen Hemminger
2004-09-28 8:44 ` Robert Olsson
2004-09-28 11:19 ` [PATCH 2.6] generic network statistics (was Re: [6/6]: jenkins hash for neigh / Statistics) Harald Welte
2004-09-28 12:48 ` jamal
2004-09-28 13:33 ` Thomas Graf
2004-09-29 2:22 ` jamal
2004-09-28 14:22 ` Robert Olsson
2004-09-29 2:16 ` jamal
2004-09-28 14:55 ` Harald Welte
2004-09-28 15:17 ` Robert Olsson
2004-09-28 16:24 ` Harald Welte
2004-09-28 21:43 ` David S. Miller
2004-09-29 8:04 ` Harald Welte
2004-09-28 16:27 ` [6/6]: jenkins hash for neigh / Statistics Stephen Hemminger
2004-09-28 17:06 ` Harald Welte
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040924142702.62a2b23d.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=laforge@gnumonks.org \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).