| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171201174654.y2hhsv7qfxg5ftus@kafai-mbp.dhcp.thefacebook.com>
Date: Fri, 1 Dec 2017 09:47:42 -0800
From: Martin KaFai Lau <kafai@...com>
To: Eric Dumazet <eric.dumazet@...il.com>
CC: netdev <netdev@...r.kernel.org>,
"David S . Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>,
Kernel Team <kernel-team@...com>
Subject: Re: [PATCH net-next 3/4] inet: Add a 2nd listener hashtable
(port+addr)
On Fri, Dec 01, 2017 at 09:26:46AM -0800, Eric Dumazet wrote:
> On Thu, 2017-11-30 at 15:23 -0800, Martin KaFai Lau wrote:
> > The current listener hashtable is hashed by port only.
> > When a process is listening at many IP addresses with the same port
> > (e.g.
> > [IP1]:443, [IP2]:443... [IPN]:443), the inet[6]_lookup_listener()
> > performance is degraded to a link list. It is prone to syn attack.
> >
> >
>
> ...
>
> > diff --git a/include/net/inet_hashtables.h
> > b/include/net/inet_hashtables.h
> > index 4cce516c41ac..ebce55d694e7 100644
> > --- a/include/net/inet_hashtables.h
> > +++ b/include/net/inet_hashtables.h
> > @@ -152,8 +152,19 @@ struct inet_hashinfo {
> > */
> > struct inet_listen_hashbucket listening_hash[INET_LHT
> > ABLE_SIZE]
> > ____cacheline_aligned_in_smp
> > ;
> > + struct inet_listen_hashbucket *lhash2;
> > + unsigned int lhash2_mask;
> > };
> >
>
> Please move these two fields before listening_hash[], to avoid adding
> another cache line to "struct inet_hashinfo"
>
> ( We have a 16-byte hole there, so lets use it ;) )
Oops. Indeed. Thanks for pointing it out.
Powered by blists - more mailing lists