From: David Miller <davem@davemloft.net>
To: netdev@vger.kernel.org
Subject: ipv4: Simplify ARP hash function.
Date: Fri, 08 Jul 2011 10:10:56 -0700 (PDT) [thread overview]
Message-ID: <20110708.101056.89960389404725087.davem@davemloft.net> (raw)
Using Jenkins is over the top.
If the premise is that the hash_rnd is a random unpredictable key,
then:
key ^ dev->ifindex ^ hash_rnd
results in an unpredictable hash result, even if an attacker
controls 'key' and 'dev->ifindex' completely.
Therefore, if this hash result is unpredictable, then the
final fold phase of:
(val >> 8) ^ (val >> 16) ^ (val >> 24)
is unpredictable as well.
Signed-off-by: David S. Miller <davem@davemloft.net>
---
Someone please check my logic :-) This sames ~100 cycles during a
neigh_lookup() on my Niagara2 box.
diff --git a/include/net/arp.h b/include/net/arp.h
index 91f0568..d570747 100644
--- a/include/net/arp.h
+++ b/include/net/arp.h
@@ -8,6 +8,13 @@
extern struct neigh_table arp_tbl;
+static inline u32 arp_hashfn(u32 key, const struct net_device *dev, u32 hash_rnd)
+{
+ u32 val = key ^ dev->ifindex ^ hash_rnd;
+
+ return (val >> 8) ^ (val >> 16) ^ (val >> 24);
+}
+
extern void arp_init(void);
extern int arp_find(unsigned char *haddr, struct sk_buff *skb);
extern int arp_ioctl(struct net *net, unsigned int cmd, void __user *arg);
diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
index 1b74d3b..4412b57 100644
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -97,7 +97,6 @@
#include <linux/init.h>
#include <linux/net.h>
#include <linux/rcupdate.h>
-#include <linux/jhash.h>
#include <linux/slab.h>
#ifdef CONFIG_SYSCTL
#include <linux/sysctl.h>
@@ -232,7 +231,7 @@ static u32 arp_hash(const void *pkey,
const struct net_device *dev,
__u32 hash_rnd)
{
- return jhash_2words(*(u32 *)pkey, dev->ifindex, hash_rnd);
+ return arp_hashfn(*(u32 *)pkey, dev, hash_rnd);
}
static int arp_constructor(struct neighbour *neigh)
next reply other threads:[~2011-07-08 17:11 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-07-08 17:10 David Miller [this message]
2011-07-08 17:40 ` ipv4: Simplify ARP hash function Martin Mares
2011-07-08 17:47 ` David Miller
2011-07-08 17:54 ` David Miller
2011-07-08 18:03 ` John Heffner
2011-07-08 18:06 ` David Miller
2011-07-08 19:26 ` Roland Dreier
2011-07-08 19:27 ` David Miller
2011-07-08 19:39 ` Michał Mirosław
2011-07-08 19:51 ` David Miller
2011-07-08 19:59 ` David Miller
2011-07-08 20:10 ` Michał Mirosław
2011-07-08 20:34 ` Michał Mirosław
2011-07-08 20:35 ` David Miller
2011-07-08 20:44 ` Roland Dreier
2011-07-08 22:32 ` David Miller
2011-07-08 23:11 ` Roland Dreier
2011-07-10 19:07 ` David Miller
2011-07-08 23:41 ` Stephen Hemminger
2011-07-08 23:47 ` David Miller
2011-07-09 3:08 ` Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110708.101056.89960389404725087.davem@davemloft.net \
--to=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).