lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20180221184954.28875-1-dsahern@gmail.com>
Date:   Wed, 21 Feb 2018 10:49:47 -0800
From:   David Ahern <dsahern@...il.com>
To:     netdev@...r.kernel.org
Cc:     idosch@...sch.org, tom@...bertland.com, davem@...emloft.net,
        roopa@...ulusnetworks.com, nikolay@...ulusnetworks.com,
        David Ahern <dsahern@...il.com>
Subject: [PATCH net-next 0/7] net/ipv6: Add support for path selection using hash of 5-tuple

Hardware supports multipath selection using the standard L4 5-tuple
instead of just L3 and the flow label. In addition, some network
operators prefer IPv6 path selection to use the 5-tuple. To that end,
add support to IPv6 for multipath hash policy similar to
bf4e0a3db97eb ("net: ipv4: add support for ECMP hash policy choice").
The default is still L3 which covers source and destination addresses
along with flow label and IPv6 protocol. This gives users a choice in
hash algorithms if they believe L3 only and the IPv6 flow label are not
sufficient for their use case.

A separate sysctl is added for IPv6, allowing IPv4 and IPv6 to use
different algorithms if desired.

The first 2 patches modify the IPv4 variant so that at the end of the
patch set the ipv4 and ipv6 implementations are direct parallels.

Patch 3 refactors the existing rt6_multipath_hash in preparation for
adding the policy option.

Patch 4 renames the existing netevent to have IPv4 in the name so ipv4
changes can be distinguished from IPv6 if the netevent handler cares.

Patch 5 adds the L4 hash support.

Patch 6 adds the hook for the netevent to the spectrum driver to update
the ASIC.

Patch 7 removes no longer used code.

RFC to v1:
- rebase to top of net-next
- fix addr_type in hash_keys and removed flow label as noticed by Ido
- added a comment to cover letter about choice in algorithms based on
  use case per Or's comments

David Ahern (7):
  net/ipv4: Pass net to fib_multipath_hash instead of fib_info
  net: Align ip_multipath_l3_keys and ip6_multipath_l3_keys
  net/ipv6: Make rt6_multipath_hash similar to fib_multipath_hash
  net: Rename NETEVENT_MULTIPATH_HASH_UPDATE
  net/ipv6: Add support for path selection using hash of 5-tuple
  mlxsw: spectrum_router: Add support for ipv6 hash policy update
  net: Remove unused get_hash_from_flow functions

 Documentation/networking/ip-sysctl.txt             |  7 +++
 .../net/ethernet/mellanox/mlxsw/spectrum_router.c  | 13 ++++-
 include/net/flow.h                                 | 15 -----
 include/net/ip6_route.h                            |  3 +-
 include/net/ip_fib.h                               |  2 +-
 include/net/netevent.h                             |  3 +-
 include/net/netns/ipv6.h                           |  1 +
 net/core/flow_dissector.c                          | 16 ------
 net/ipv4/fib_semantics.c                           |  2 +-
 net/ipv4/route.c                                   | 25 +++++----
 net/ipv4/sysctl_net_ipv4.c                         |  2 +-
 net/ipv6/icmp.c                                    |  2 +-
 net/ipv6/route.c                                   | 64 ++++++++++++++++++----
 net/ipv6/sysctl_net_ipv6.c                         | 26 +++++++++
 14 files changed, 118 insertions(+), 63 deletions(-)

-- 
2.11.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ