From: Eric Dumazet <eric.dumazet@gmail.com>
To: William Allen Simpson <william.allen.simpson@gmail.com>
Cc: Linux Kernel Network Developers <netdev@vger.kernel.org>
Subject: Re: [net-next-2.6 PATCH v6 2/7 RFC] TCPCT part 1b: generate Responder Cookie
Date: Fri, 13 Nov 2009 07:21:04 +0100 [thread overview]
Message-ID: <4AFCFAD0.4010701@gmail.com> (raw)
In-Reply-To: <4AFCDDC4.1090606@gmail.com>
William Allen Simpson a écrit :
> Define (missing) hash message size for SHA1.
>
> Define hashing size constants specific to TCP cookies, and add new
> function.
>
> Maintain global secret values for tcp_cookie_generator().
>
> This is a significantly revised implementation of earlier (15-year-old)
> Photuris [RFC-2522] code for the KA9Q cooperative multitasking platform.
>
> Linux RCU technique appears to be well-suited to this application, though
> neither of the circular queue items are freed.
>
> These functions will also be used in subsequent patches that implement
> additional features.
>
> Signed-off-by: William.Allen.Simpson@gmail.com
> ---
> include/linux/cryptohash.h | 1 +
> include/net/tcp.h | 8 +++
> net/ipv4/tcp.c | 146
> ++++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 155 insertions(+), 0 deletions(-)
>
Small point :
+ if (unlikely(time_after_eq(jiffy, tcp_secret_generating->expires))) {
+ spin_lock_bh(&tcp_secret_locker);
+ if (!time_after_eq(jiffy, tcp_secret_generating->expires)) {
+ /* refreshed by another */
+ spin_unlock_bh(&tcp_secret_locker);
+ memcpy(bakery,
+ &tcp_secret_generating->secrets[0],
+ sizeof(tcp_secret_generating->secrets));
Technically speaking, you should perform the memcpy() before spin_unlock_bh()
+ if (unlikely(time_after_eq(jiffy, tcp_secret_generating->expires))) {
+ spin_lock_bh(&tcp_secret_locker);
+ if (!time_after_eq(jiffy, tcp_secret_generating->expires)) {
+ /* refreshed by another */
+ memcpy(bakery,
+ &tcp_secret_generating->secrets[0],
+ sizeof(tcp_secret_generating->secrets));
+ spin_unlock_bh(&tcp_secret_locker);
next prev parent reply other threads:[~2009-11-13 6:21 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-11-13 4:03 [net-next-2.6 PATCH v6 0/7 RFC] TCPCT part 1: cookie option exchange William Allen Simpson
2009-11-13 4:07 ` [net-next-2.6 PATCH v6 1/7 RFC] TCPCT part 1a: add request_values parameter for sending SYNACK William Allen Simpson
2009-11-13 4:54 ` Ilpo Järvinen
2009-11-13 4:17 ` [net-next-2.6 PATCH v6 2/7 RFC] TCPCT part 1b: generate Responder Cookie William Allen Simpson
2009-11-13 6:21 ` Eric Dumazet [this message]
2009-11-13 14:35 ` William Allen Simpson
2009-11-13 6:26 ` Joe Perches
2009-11-13 14:51 ` William Allen Simpson
2009-11-13 18:04 ` Joe Perches
2009-11-16 14:39 ` William Allen Simpson
2009-11-16 15:34 ` Eric Dumazet
2009-11-16 20:06 ` William Allen Simpson
2009-11-13 4:31 ` [net-next-2.6 PATCH v6 3/7 RFC] TCPCT part 1c: sysctl_tcp_cookie_size, socket option TCP_COOKIE_TRANSACTIONS William Allen Simpson
2009-11-13 18:37 ` Joe Perches
2009-11-13 19:45 ` William Allen Simpson
2009-11-14 15:43 ` William Allen Simpson
2009-11-16 20:40 ` William Allen Simpson
2009-11-13 4:53 ` [net-next-2.6 PATCH v6 4/7 RFC] TCPCT part 1d: define TCP cookie option, extend existing struct's William Allen Simpson
2009-11-13 6:32 ` Eric Dumazet
2009-11-13 16:06 ` William Allen Simpson
2009-11-16 20:50 ` William Allen Simpson
2009-11-16 21:08 ` Eric Dumazet
2009-11-16 22:09 ` William Allen Simpson
2009-11-16 22:26 ` Eric Dumazet
2009-11-17 3:15 ` David Miller
2009-11-17 10:41 ` William Allen Simpson
2009-11-17 12:18 ` Ilpo Järvinen
2009-11-17 12:22 ` David Miller
2009-11-17 12:38 ` Ilpo Järvinen
2009-11-17 12:48 ` David Miller
2009-11-17 12:07 ` Ilpo Järvinen
2009-11-18 13:55 ` William Allen Simpson
2009-11-18 14:08 ` Ilpo Järvinen
2009-11-18 14:42 ` William Allen Simpson
2009-11-13 5:10 ` [net-next-2.6 PATCH v6 5/7 RFC] TCPCT part 1e: implement socket option TCP_COOKIE_TRANSACTIONS William Allen Simpson
2009-11-13 14:11 ` Andi Kleen
2009-11-13 16:32 ` William Allen Simpson
2009-11-18 15:03 ` William Allen Simpson
2009-11-13 5:40 ` [net-next-2.6 PATCH v6 6/7 RFC] TCPCT part 1f: Initiator Cookie => Responder William Allen Simpson
2009-11-13 16:51 ` William Allen Simpson
2009-11-16 21:35 ` William Allen Simpson
2009-11-13 5:53 ` [net-next-2.6 PATCH v6 7/7 RFC] TCPCT part 1g: Responder Cookie => Initiator William Allen Simpson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4AFCFAD0.4010701@gmail.com \
--to=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=william.allen.simpson@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).