lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 27 Nov 2019 13:19:42 +0100
From:   Oliver Herms <oliver.peter.herms@...il.com>
To:     Eric Dumazet <eric.dumazet@...il.com>,
        David Miller <davem@...emloft.net>
Cc:     yoshfuji@...ux-ipv6.org, kuznet@....inr.ac.ru,
        netdev@...r.kernel.org
Subject: Re: [PATCH v2] net: ip/tnl: Set iph->id only when don't fragment is
 not set

On 27.11.19 01:28, Eric Dumazet wrote:
> 
> 
> On 11/26/19 3:32 PM, Oliver Herms wrote:
>> Using a simple incrementation here, as with sockets, would solve my problem well enough.
>>
> 
> I have to ask : Are you aware that linux is SMP OS ?
> 
> If on a mostly idle host, two packets need a different ID, using a " simple incrementation" 
> wont fit the need.
> 
> sockets are protected against concurrent increments by their lock.
> 
I know and I'm not going to mess around with TCP.
I've double checked and found that for non IP tunnel traffic (UDP, TCP, etc.) the cheap function
ip_select_ident_segs() is being used. That is absolutely fine. Nothing to optimize here.

For IP tunnels __ip_select_ident is being called.
And that one is way more expensive than ip_select_ident_segs().

ip_select_ident_segs() increments a counter (yes, I'm aware it is protected by lock).
If somehow __ip_select_ident could be refactored to work in a similar fashion that
would solve my problem.

Thanks
Oliver

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ