All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 2/2] ipv4: Use universal hash for ARP.
@ 2011-07-11  8:48 David Miller
  2011-07-13 17:59 ` Roland Dreier
  0 siblings, 1 reply; 2+ messages in thread
From: David Miller @ 2011-07-11  8:48 UTC (permalink / raw)
  To: roland; +Cc: johnwheffner, mj, netdev


We need to make sure the multiplier is odd.

Signed-off-by: David S. Miller <davem@davemloft.net>
---
 include/net/arp.h    |    7 +++++++
 net/core/neighbour.c |    1 +
 net/ipv4/arp.c       |    3 +--
 3 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/include/net/arp.h b/include/net/arp.h
index 91f0568..723bde5 100644
--- a/include/net/arp.h
+++ b/include/net/arp.h
@@ -8,6 +8,13 @@
 
 extern struct neigh_table arp_tbl;
 
+static inline u32 arp_hashfn(u32 key, const struct net_device *dev, u32 hash_rnd)
+{
+	u32 val = key ^ dev->ifindex;
+
+	return val * hash_rnd;
+}
+
 extern void	arp_init(void);
 extern int	arp_find(unsigned char *haddr, struct sk_buff *skb);
 extern int	arp_ioctl(struct net *net, unsigned int cmd, void __user *arg);
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 4d5fc94..50bd960 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -334,6 +334,7 @@ static struct neigh_hash_table *neigh_hash_alloc(unsigned int shift)
 	ret->hash_buckets = buckets;
 	ret->hash_shift = shift;
 	get_random_bytes(&ret->hash_rnd, sizeof(ret->hash_rnd));
+	ret->hash_rnd |= 1;
 	return ret;
 }
 
diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c
index 1b74d3b..4412b57 100644
--- a/net/ipv4/arp.c
+++ b/net/ipv4/arp.c
@@ -97,7 +97,6 @@
 #include <linux/init.h>
 #include <linux/net.h>
 #include <linux/rcupdate.h>
-#include <linux/jhash.h>
 #include <linux/slab.h>
 #ifdef CONFIG_SYSCTL
 #include <linux/sysctl.h>
@@ -232,7 +231,7 @@ static u32 arp_hash(const void *pkey,
 		    const struct net_device *dev,
 		    __u32 hash_rnd)
 {
-	return jhash_2words(*(u32 *)pkey, dev->ifindex, hash_rnd);
+	return arp_hashfn(*(u32 *)pkey, dev, hash_rnd);
 }
 
 static int arp_constructor(struct neighbour *neigh)
-- 
1.7.6


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH 2/2] ipv4: Use universal hash for ARP.
  2011-07-11  8:48 [PATCH 2/2] ipv4: Use universal hash for ARP David Miller
@ 2011-07-13 17:59 ` Roland Dreier
  0 siblings, 0 replies; 2+ messages in thread
From: Roland Dreier @ 2011-07-13 17:59 UTC (permalink / raw)
  To: David Miller; +Cc: johnwheffner, mj, netdev

On Mon, Jul 11, 2011 at 1:48 AM, David Miller <davem@davemloft.net> wrote:
> +static inline u32 arp_hashfn(u32 key, const struct net_device *dev, u32 hash_rnd)
> +{
> +       u32 val = key ^ dev->ifindex;
> +
> +       return val * hash_rnd;
> +}

OK, I suggested this, and there's nothing obviously wrong with it.

But I would hope that someone actually vetted that this provides
enough variation between different hash_rnd values to avoid hash
chain attacks.

 - R.

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2011-07-13 17:59 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-07-11  8:48 [PATCH 2/2] ipv4: Use universal hash for ARP David Miller
2011-07-13 17:59 ` Roland Dreier

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.