From: "Jason A. Donenfeld" <Jason@zx2c4.com>
To: Dmitrii Ermakov <demonihin@gmail.com>
Cc: wireguard@lists.zx2c4.com, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH net-next] wireguard: use rhashtables instead of hashtables
Date: Wed, 19 Mar 2025 17:59:16 +0100 [thread overview]
Message-ID: <Z9r35H2rfLV8m5iW@zx2c4.com> (raw)
In-Reply-To: <20250105110036.70720-2-demonihin@gmail.com>
On Sun, Jan 05, 2025 at 12:00:17PM +0100, Dmitrii Ermakov wrote:
> @@ -74,7 +75,6 @@ struct noise_handshake {
> u8 remote_static[NOISE_PUBLIC_KEY_LEN];
> u8 remote_ephemeral[NOISE_PUBLIC_KEY_LEN];
> u8 precomputed_static_static[NOISE_PUBLIC_KEY_LEN];
> -
> u8 preshared_key[NOISE_SYMMETRIC_KEY_LEN];
>
> u8 hash[NOISE_HASH_LEN];
> @@ -83,6 +83,8 @@ struct noise_handshake {
> u8 latest_timestamp[NOISE_TIMESTAMP_LEN];
> __le32 remote_index;
>
> + siphash_key_t hash_seed;
Why?
> +#include "linux/printk.h"
> +#include "linux/rcupdate.h"
> +#include "linux/rhashtable-types.h"
> +#include "linux/rhashtable.h"
> +#include "linux/siphash.h"
Seems wrong.
> +#include "messages.h"
> #include "peer.h"
> #include "noise.h"
> +#include "linux/memory.h"
Ditto.
>
> -static struct hlist_head *pubkey_bucket(struct pubkey_hashtable *table,
> - const u8 pubkey[NOISE_PUBLIC_KEY_LEN])
> +static inline u32 index_hashfn(const void *data, u32 len, u32 seed)
> {
> - /* siphash gives us a secure 64bit number based on a random key. Since
> - * the bits are uniformly distributed, we can then mask off to get the
> - * bits we need.
> - */
> - const u64 hash = siphash(pubkey, NOISE_PUBLIC_KEY_LEN, &table->key);
> + const u32 *index = data;
> + return *index;
> +}
But shouldn't this actually use siphash? What's happening here?
> +struct peer_hash_pubkey {
> + siphash_key_t key;
> + u8 pubkey[NOISE_PUBLIC_KEY_LEN];
> +};
> +
> +static inline u32 wg_peer_obj_hashfn(const void *data, u32 len, u32 seed)
> +{
> + const struct wg_peer *peer = data;
> + struct peer_hash_pubkey key;
> + u64 hash;
> +
> + memcpy(&key.key, &peer->handshake.hash_seed, sizeof(key.key));
> + memcpy(&key.pubkey, &peer->handshake.remote_static, NOISE_PUBLIC_KEY_LEN);
> +
> + hash = siphash(&key.pubkey, NOISE_PUBLIC_KEY_LEN, &key.key);
Why this weird construction with this other struct?
I'll stop reading here. There's a lot of strangeness with this patch.
Maybe it's workable with enough care, but I think to review this into
shape, in its current state, would be about the same as just rewriting
it.
prev parent reply other threads:[~2025-03-19 16:59 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-05 11:00 [PATCH net-next] wireguard: use rhashtables instead of hashtables Dmitrii Ermakov
2025-03-19 16:59 ` Jason A. Donenfeld [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z9r35H2rfLV8m5iW@zx2c4.com \
--to=jason@zx2c4.com \
--cc=demonihin@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).