mirror
/
linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
linux/include/net
History
Stewart Smith d11b0df7dd tcp: Reduce chance of collisions in inet6_hashfn(). 
For both IPv4 and IPv6 incoming TCP connections are tracked in a hash
table with a hash over the source & destination addresses and ports.
However, the IPv6 hash is insufficient and can lead to a high rate of
collisions.

The IPv6 hash used an XOR to fit everything into the 96 bits for the
fast jenkins hash, meaning it is possible for an external entity to
ensure the hash collides, thus falling back to a linear search in the
bucket, which is slow.

We take the approach of hash the full length of IPv6 address in
__ipv6_addr_jhash() so that all users can benefit from a more secure
version.

While this may look like it adds overhead, the reality of modern CPUs
means that this is unmeasurable in real world scenarios.

In simulating with llvm-mca, the increase in cycles for the hashing
code was ~16 cycles on Skylake (from a base of ~155), and an extra ~9
on Nehalem (base of ~173).

In commit dd6d2910c5 ("netfilter: conntrack: switch to siphash")
netfilter switched from a jenkins hash to a siphash, but even the faster
hsiphash is a more significant overhead (~20-30%) in some preliminary
testing.  So, in this patch, we keep to the more conservative approach to
ensure we don't add much overhead per SYN.

In testing, this results in a consistently even spread across the
connection buckets.  In both testing and real-world scenarios, we have
not found any measurable performance impact.

Fixes: 08dcdbf6a7 ("ipv6: use a stronger hash for tcp")
Signed-off-by: Stewart Smith <trawets@amazon.com>
Signed-off-by: Samuel Mendoza-Jonas <samjonas@amazon.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Link: https://lore.kernel.org/r/20230721222410.17914-1-kuniyu@amazon.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2023-07-24 16:52:37 -07:00
..
9p 9p: Add additional debug flags and open modes 2023-03-27 02:33:48 +00:00
bluetooth Bluetooth: coredump: fix building with coredump disabled 2023-07-20 11:25:24 -07:00
caif
iucv
mana Linux 6.4 2023-06-27 14:06:29 -03:00
netfilter netfilter: conntrack: don't fold port numbers into addresses before hashing 2023-07-05 14:42:16 +02:00
netns tcp: enforce receive buffer memory limits by allowing the tcp window to shrink 2023-06-17 09:53:53 +01:00
nfc
phonet net: ioctl: Use kernel memory on protocol ioctl callbacks 2023-06-15 22:33:26 -07:00
sctp sctp: delete the nested flexible array peer_init 2023-04-21 08:19:30 +01:00
tc_act net/sched: act_connmark: transition to percpu stats and rcu 2023-02-16 10:39:28 +01:00
6lowpan.h
Space.h
act_api.h net/sched: Rename user cookie and act cookie 2023-02-20 16:46:10 -08:00
addrconf.h ipv6: constify inet6_mc_check() 2023-03-17 08:56:37 +00:00
af_ieee802154.h
af_rxrpc.h rxrpc: Fix timeout of a call that hasn't yet been granted a channel 2023-05-01 07:43:19 +01:00
af_unix.h af_unix: preserve const qualifier in unix_sk() 2023-03-18 12:23:33 +00:00
af_vsock.h vsock: support sockmap 2023-03-29 08:19:38 +01:00
ah.h
amt.h
arp.h neighbour: switch to standard rcu, instead of rcu_bh 2023-03-21 21:32:18 -07:00
atmclip.h
ax25.h x25: preserve const qualifier in [a]x25_sk() 2023-03-18 12:23:34 +00:00
ax88796.h
bareudp.h
bond_3ad.h
bond_alb.h
bond_options.h
bonding.h net: bonding: remove kernel-doc comment marker 2023-07-14 20:39:29 -07:00
bpf_sk_storage.h
busy_poll.h
calipso.h
cfg80211-wext.h
cfg80211.h wifi: cfg80211: Retrieve PSD information from RNR AP information 2023-06-21 14:01:29 +02:00
cfg802154.h net: cfg802154: fix kernel-doc notation warnings 2023-07-14 20:39:29 -07:00
checksum.h net: checksum: drop the linux/uaccess.h include 2023-01-27 11:19:46 +00:00
cipso_ipv4.h
cls_cgroup.h
codel.h codel: fix kernel-doc notation warnings 2023-07-14 20:39:29 -07:00
codel_impl.h
codel_qdisc.h
compat.h
datalink.h
dcbevent.h
dcbnl.h net: dcb: add helper functions to retrieve PCP and DSCP rewrite maps 2023-01-20 09:33:22 +00:00
devlink.h devlink: fix kernel-doc notation warnings 2023-07-14 20:39:29 -07:00
dropreason-core.h net: extend drop reasons for multiple subsystems 2023-04-20 20:20:49 -07:00
dropreason.h mac80211: use the new drop reasons infrastructure 2023-04-20 20:20:49 -07:00
dsa.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-06-27 09:45:22 -07:00
dsa_stubs.h net: dsa: replace NETDEV_PRE_CHANGE_HWTSTAMP notifier with a stub 2023-04-09 15:35:49 +01:00
dsfield.h
dst.h net: dst: Switch to rcuref_t reference counting 2023-03-28 18:52:28 -07:00
dst_cache.h
dst_metadata.h xfrm: interface: Add unstable helpers for setting/getting XFRM metadata from TC-BPF 2022-12-05 21:58:27 -08:00
dst_ops.h ipv6: remove max_size check inline with ipv4 2023-01-13 20:59:14 -08:00
erspan.h
esp.h
espintcp.h
ethoc.h
failover.h
fib_notifier.h
fib_rules.h
firewire.h
flow.h ipv4: Drop tos parameter from flowi4_update_output() 2023-06-02 10:52:38 +01:00
flow_dissector.h net: flow_dissector: add support for cfm packets 2023-06-12 17:01:45 -07:00
flow_offload.h net/sched: cls_api: Support hardware miss to tc action 2023-02-20 16:46:10 -08:00
fou.h bpf,fou: Add bpf_skb_{set,get}_fou_encap kfuncs 2023-04-12 16:40:39 -07:00
fq.h
fq_impl.h wifi: mac80211: add support for restricting netdev features per vif 2022-12-01 15:09:10 +01:00
garp.h
gen_stats.h
genetlink.h
geneve.h
gre.h
gro.h net: move gso declarations and functions to their own files 2023-06-10 00:11:41 -07:00
gro_cells.h
gso.h net: move gso declarations and functions to their own files 2023-06-10 00:11:41 -07:00
gtp.h
gue.h
handshake.h net/handshake: Enable the SNI extension to work properly 2023-05-24 22:05:24 -07:00
hwbm.h
icmp.h
ieee80211_radiotap.h wifi: iwlwifi: mvm: support U-SIG EHT validate checks 2023-06-14 12:32:19 +02:00
ieee802154_netdev.h mac802154: Handle received BEACON_REQ 2023-03-23 21:51:30 +01:00
if_inet6.h
ife.h
ila.h
inet6_connection_sock.h
inet6_hashtables.h
inet_common.h sock: Remove ->sendpage*() in favour of sendmsg(MSG_SPLICE_PAGES) 2023-06-24 15:50:13 -07:00
inet_connection_sock.h
inet_dscp.h
inet_ecn.h
inet_frag.h inet: frags: eliminate kernel-doc warning 2023-07-14 20:39:29 -07:00
inet_hashtables.h tcp: Add TIME_WAIT sockets in bhash2. 2022-12-30 07:25:52 +00:00
inet_sock.h inet: preserve const qualifier in inet_sk() 2023-03-17 08:56:37 +00:00
inet_timewait_sock.h tcp: Add TIME_WAIT sockets in bhash2. 2022-12-30 07:25:52 +00:00
inetpeer.h
ioam6.h
ip.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-05-25 19:57:39 -07:00
ip6_checksum.h
ip6_fib.h ipv6: Remove in6addr_any alternatives. 2023-03-29 08:22:52 +01:00
ip6_route.h net: dst: Prevent false sharing vs. dst_entry:: __refcnt 2023-03-28 18:52:22 -07:00
ip6_tunnel.h
ip_fib.h
ip_tunnels.h bpf-next-for-netdev 2023-04-13 16:43:38 -07:00
ip_vs.h ipvs: Correct spelling in comments 2023-04-22 01:39:41 +02:00
ipcomp.h
ipconfig.h
ipv6.h tcp: Reduce chance of collisions in inet6_hashfn(). 2023-07-24 16:52:37 -07:00
ipv6_frag.h
ipv6_stubs.h
iw_handler.h
kcm.h kcm: Send multiple frags in one sendmsg() 2023-06-12 21:13:23 -07:00
l3mdev.h
lag.h
lapb.h
lib80211.h
llc.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: Check netns in llc_estab_match() and llc_listener_match(). 2023-07-20 10:46:28 +02:00
llc_if.h
llc_pdu.h net: llc: fix kernel-doc notation warnings 2023-07-14 20:39:29 -07:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h
mac80211.h wifi: mac80211: fix documentation config reference 2023-06-21 09:16:57 +02:00
mac802154.h
macsec.h macsec: Use helper macsec_netdev_priv for offload drivers 2023-05-10 11:32:09 +01:00
mctp.h mctp: Reorder fields in 'struct mctp_route' 2023-06-20 20:06:16 -07:00
mctpdevice.h
mip6.h
mld.h
mpls.h
mpls_iptunnel.h
mptcp.h mptcp: remove MPTCP 'ifdef' in TCP SYN cookies 2022-12-12 13:11:24 -08:00
mrp.h
ncsi.h
ndisc.h neighbour: switch to standard rcu, instead of rcu_bh 2023-03-21 21:32:18 -07:00
neighbour.h neighbour: fix unaligned access to pneigh_entry 2023-06-01 21:36:37 -07:00
net_debug.h
net_failover.h
net_namespace.h
net_ratelimit.h
net_trackers.h
netdev_queues.h net: add macro netif_subqueue_completed_wake 2023-04-18 12:59:01 +02:00
netevent.h
netlabel.h
netlink.h net: netlink: recommend policy range validation 2023-01-28 00:33:51 -08:00
netprio_cgroup.h
netrom.h
nexthop.h ipv6: remove nexthop_fib6_nh_bh() 2023-05-11 18:07:05 -07:00
nl802154.h ieee802154: Add support for user beaconing requests 2023-01-28 13:51:22 +01:00
nsh.h net: NSH: fix kernel-doc notation warning 2023-07-14 20:39:29 -07:00
p8022.h
page_pool.h page_pool: fix inconsistency for page_pool_ring_[un]lock() 2023-05-23 20:25:13 -07:00
pie.h pie: fix kernel-doc notation warning 2023-07-14 20:39:30 -07:00
ping.h net/ipv4: ping_group_range: allow GID from 2147483648 to 4294967294 2023-06-02 09:55:22 +01:00
pkt_cls.h sch_htb: Allow HTB priority parameter in offload mode 2023-05-15 09:31:07 +01:00
pkt_sched.h net/sched: make psched_mtu() RTNL-less safe 2023-07-12 15:59:33 -07:00
pptp.h
protocol.h
psample.h
psnap.h
raw.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-04-06 12:01:20 -07:00
rawv6.h ipv6: raw: constify raw_v6_match() socket argument 2023-03-17 08:56:37 +00:00
red.h
regulatory.h wifi: cfg80211: fix regulatory disconnect with OCB/NAN 2023-06-19 12:05:29 +02:00
request_sock.h
rose.h
route.h ipv4: Drop tos parameter from flowi4_update_output() 2023-06-02 10:52:38 +01:00
rpl.h ipv6: rpl: Remove pskb(_may)?_pull() in ipv6_rpl_srh_rcv(). 2023-06-19 11:32:58 -07:00
rsi_91x.h rsi: remove kernel-doc comment marker 2023-07-14 20:39:30 -07:00
rtnetlink.h
rtnh.h
sch_generic.h net: sched: Remove unused qdisc_l2t() 2023-06-17 00:17:42 -07:00
scm.h net: scm: introduce and use scm_recv_unix helper 2023-06-27 10:50:22 -07:00
secure_seq.h
seg6.h
seg6_hmac.h
seg6_local.h
selftests.h
slhc_vj.h
smc.h net/smc: Introduce explicit check for v2 support 2023-03-15 08:18:35 +00:00
snmp.h
sock.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2023-06-27 09:45:22 -07:00
sock_reuseport.h
stp.h
strparser.h
switchdev.h
tc_wrapper.h net/sched: Retire rsvp classifier 2023-02-16 09:27:07 +01:00
tcp.h tcp: annotate data-races around tp->notsent_lowat 2023-07-20 12:34:18 -07:00
tcp_states.h
timewait_sock.h
tipc.h
tls.h net: tls: make the offload check helper take skb not socket 2023-06-15 09:01:05 +01:00
tls_toe.h
transp_v6.h
tso.h net: tso: inline tso_count_descs() 2022-12-12 15:04:39 -08:00
tun_proto.h
udp.h net: ioctl: Use kernel memory on protocol ioctl callbacks 2023-06-15 22:33:26 -07:00
udp_tunnel.h
udplite.h
vsock_addr.h
vxlan.h vxlan: calculate correct header length for GPE 2023-07-24 09:37:32 +01:00
wext.h
x25.h x25: preserve const qualifier in [a]x25_sk() 2023-03-18 12:23:34 +00:00
x25device.h
xdp.h bpf-next-for-netdev 2023-04-13 16:43:38 -07:00
xdp_priv.h
xdp_sock.h bpf, net: xskmap memory usage 2023-03-07 09:33:43 -08:00
xdp_sock_drv.h xsk: Remove unused inline function xsk_buff_discard() 2023-06-19 14:06:22 +02:00
xfrm.h xfrm: Treat already-verified secpath entries as optional 2023-05-21 09:21:37 +02:00
xsk_buff_pool.h xsk: Use pool->dma_pages to check for DMA 2023-04-27 22:24:51 +02:00