| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 22 Mar 2015 18:58:50 -0400 (EDT) From: David Miller <davem@...emloft.net> To: herbert@...dor.apana.org.au Cc: eric.dumazet@...il.com, netdev@...r.kernel.org, roland@...estorage.com Subject: Re: arp_hash From: Herbert Xu <herbert@...dor.apana.org.au> Date: Mon, 23 Mar 2015 08:56:12 +1100 > On Sun, Mar 22, 2015 at 05:56:21AM -0700, Eric Dumazet wrote: >> On Sun, 2015-03-22 at 22:42 +1100, Herbert Xu wrote: >> > >> > While googling I found the 2011 discussion on changing the arp_hash >> > function. I must say that I'm not really impressed by the new >> > function that replaced jhash :) >> > >> > u32 key = *(const u32 *)pkey; >> > u32 val = key ^ hash32_ptr(dev); >> > >> > return val * hash_rnd[0]; > > In fact this function is worse than I thought. Because the IP > address is stored in big-endian, the low bits correspond to the > first octet. So in any network smaller than a /8 everything > hashes the same value. I won't argue that there might be some bugs here, and there is some lost entropy, and that we should fix them. But I do not agree with the idea that it is in any way possible to stop someone with root access on the physical network from crudding up our ARP hash tables. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists