| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180913.141239.123063658850697631.davem@davemloft.net>
Date: Thu, 13 Sep 2018 14:12:39 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: fw@...len.de
Cc: linux@...m.de, netdev@...r.kernel.org,
steffen.klassert@...unet.com, linux-kernel@...r.kernel.org,
torvalds@...ux-foundation.org, christophe.gouault@...nd.com
Subject: Re: Regression: kernel 4.14 an later very slow with many ipsec
tunnels
From: Florian Westphal <fw@...len.de>
Date: Thu, 13 Sep 2018 23:03:25 +0200
> I am staring at b58555f1767c9f4e330fcf168e4e753d2d9196e0
> but can't figure out how to configure that away from the
> 'no hashing for prefixed policies' default or why we even have
> policy_inexact in first place :/
>
> I'll look at this again tomorrow.
The inexact list exists to handle prefixed input keys.
At the time that I wrote all of the control plane hash table
stuff, configurations I could find consisted of:
1) Entires with non-prefixed keys, which are easy to hash.
The number of entries could be large (e.g. cell phone
network)
2) A very small number of prefixed policies.
So hashing, when possible, falling back to the linked list
for prefixed stuff.
Beforehand we only had the linked list :-)
Powered by blists - more mailing lists