lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <2112761850.30866431.1628012472544.JavaMail.zimbra@uliege.be>
Date:   Tue, 3 Aug 2021 19:41:12 +0200 (CEST)
From:   Justin Iurman <justin.iurman@...ege.be>
To:     Eric Dumazet <eric.dumazet@...il.com>
Cc:     netdev@...r.kernel.org, davem@...emloft.net, kuba@...nel.org,
        yoshfuji@...ux-ipv6.org, dsahern@...nel.org, tom@...bertland.com
Subject: Re: [RFC net-next] ipv6: Attempt to improve options code parsing

>>>> As per Eric's comment on a previous patchset that was adding a new HopbyHop
>>>> option, i.e. why should a new option appear before or after existing ones in the
>>>> list, here is an attempt to suppress such competition. It also improves the
>>>> efficiency and fasten the process of matching a Hbh or Dst option, which is
>>>> probably something we want regarding the list of new options that could quickly
>>>> grow in the future.
>>>>
>>>> Basically, the two "lists" of options (Hbh and Dst) are replaced by two arrays.
>>>> Each array has a size of 256 (for each code point). Each code point points to a
>>>> function to process its specific option.
>>>>
>>>> Thoughts?
>>>>
>>> Hi Justin
>>>
>>> I think this still suffers from indirect call costs (CONFIG_RETPOLINE=y),
>>> and eventually use more dcache.
>> 
>> Agree with both. It was the compromise for such a solution, unfortunately.
>> 
>>> Since we only deal with two sets/arrays, I would simply get rid of them
>>> and inline the code using two switch() clauses.
>> 
>> Indeed, this is the more efficient. However, we still have two "issues":
>>  - ip6_parse_tlv will keep growing and code could look ugly at some point
> 
> Well, in 10 years there has not been a lot of growth.

Indeed, but I think it could grow a lot more in short/middle term. Just have a look at current discussions in the IETF (e.g., 6man) about HopbyHop limitations and anything related, as a way to widely improve their support and not just drop them. A better support could bring new options.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ