Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit c1969f29 authored by David S. Miller's avatar David S. Miller
Browse files

[XFRM]: Hash xfrm_state objects by source address too. 



The source address is always non-prefixed so we should use
it to help give entropy to the bydst hash.

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent a47f0ce0

net/xfrm/xfrm_state.c

+35 −18
Original line number Diff line number Diff line
@@ -65,26 +65,40 @@ static inline unsigned int __xfrm6_addr_hash(xfrm_address_t *addr) 
	return ntohl(addr->a6[2]^addr->a6[3]);

}



static inline unsigned int __xfrm_dst_hash(xfrm_address_t *addr,

static inline unsigned int __xfrm4_daddr_saddr_hash(xfrm_address_t *daddr, xfrm_address_t *saddr)

{

	return ntohl(daddr->a4 ^ saddr->a4);

}



static inline unsigned int __xfrm6_daddr_saddr_hash(xfrm_address_t *daddr, xfrm_address_t *saddr)

{

	return ntohl(daddr->a6[2] ^ daddr->a6[3] ^

		     saddr->a6[2] ^ saddr->a6[3]);

}



static inline unsigned int __xfrm_dst_hash(xfrm_address_t *daddr,

					   xfrm_address_t *saddr,

					   u32 reqid, unsigned short family,

					   unsigned int hmask)

{

	unsigned int h = family ^ reqid;

	switch (family) {

	case AF_INET:

		h ^= __xfrm4_addr_hash(addr);

		h ^= __xfrm4_daddr_saddr_hash(daddr, saddr);

		break;

	case AF_INET6:

		h ^= __xfrm6_addr_hash(addr);

		h ^= __xfrm6_daddr_saddr_hash(daddr, saddr);

		break;

	};

	return (h ^ (h >> 16)) & hmask;

}



static inline unsigned int xfrm_dst_hash(xfrm_address_t *addr, u32 reqid,

static inline unsigned int xfrm_dst_hash(xfrm_address_t *daddr,

					 xfrm_address_t *saddr,

					 u32 reqid,

					 unsigned short family)

{

	return __xfrm_dst_hash(addr, reqid, family, xfrm_state_hmask);

	return __xfrm_dst_hash(daddr, saddr, reqid, family, xfrm_state_hmask);

}



static inline unsigned __xfrm_src_hash(xfrm_address_t *addr, unsigned short family,
@@ -108,25 +122,25 @@ static inline unsigned xfrm_src_hash(xfrm_address_t *addr, unsigned short family 
}



static inline unsigned int

__xfrm_spi_hash(xfrm_address_t *addr, u32 spi, u8 proto, unsigned short family,

		unsigned int hmask)

__xfrm_spi_hash(xfrm_address_t *daddr, u32 spi, u8 proto,

		unsigned short family, unsigned int hmask)

{

	unsigned int h = spi ^ proto;

	switch (family) {

	case AF_INET:

		h ^= __xfrm4_addr_hash(addr);

		h ^= __xfrm4_addr_hash(daddr);

		break;

	case AF_INET6:

		h ^= __xfrm6_addr_hash(addr);

		h ^= __xfrm6_addr_hash(daddr);

		break;

	}

	return (h ^ (h >> 10) ^ (h >> 20)) & hmask;

}



static inline unsigned int

xfrm_spi_hash(xfrm_address_t *addr, u32 spi, u8 proto, unsigned short family)

xfrm_spi_hash(xfrm_address_t *daddr, u32 spi, u8 proto, unsigned short family)

{

	return __xfrm_spi_hash(addr, spi, proto, family, xfrm_state_hmask);

	return __xfrm_spi_hash(daddr, spi, proto, family, xfrm_state_hmask);

}



static struct hlist_head *xfrm_state_hash_alloc(unsigned int sz)
@@ -169,8 +183,9 @@ static void xfrm_hash_transfer(struct hlist_head *list, 
	hlist_for_each_entry_safe(x, entry, tmp, list, bydst) {

		unsigned int h;



		h = __xfrm_dst_hash(&x->id.daddr, x->props.reqid,

				    x->props.family, nhashmask);

		h = __xfrm_dst_hash(&x->id.daddr, &x->props.saddr,

				    x->props.reqid, x->props.family,

				    nhashmask);

		hlist_add_head(&x->bydst, ndsttable+h);



		h = __xfrm_src_hash(&x->props.saddr, x->props.family,
@@ -587,7 +602,7 @@ xfrm_state_find(xfrm_address_t *daddr, xfrm_address_t *saddr, 
		struct xfrm_policy *pol, int *err,

		unsigned short family)

{

	unsigned int h = xfrm_dst_hash(daddr, tmpl->reqid, family);

	unsigned int h = xfrm_dst_hash(daddr, saddr, tmpl->reqid, family);

	struct hlist_node *entry;

	struct xfrm_state *x, *x0;

	int acquire_in_progress = 0;
@@ -696,7 +711,8 @@ static void __xfrm_state_insert(struct xfrm_state *x) 


	x->genid = ++xfrm_state_genid;



	h = xfrm_dst_hash(&x->id.daddr, x->props.reqid, x->props.family);

	h = xfrm_dst_hash(&x->id.daddr, &x->props.saddr,

			  x->props.reqid, x->props.family);

	hlist_add_head(&x->bydst, xfrm_state_bydst+h);



	h = xfrm_src_hash(&x->props.saddr, x->props.family);
@@ -732,11 +748,12 @@ static void __xfrm_state_bump_genids(struct xfrm_state *xnew) 
	struct hlist_node *entry;

	unsigned int h;



	h = xfrm_dst_hash(&xnew->id.daddr, reqid, family);

	h = xfrm_dst_hash(&xnew->id.daddr, &xnew->props.saddr, reqid, family);

	hlist_for_each_entry(x, entry, xfrm_state_bydst+h, bydst) {

		if (x->props.family	== family &&

		    x->props.reqid	== reqid &&

		    !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family))

		    !xfrm_addr_cmp(&x->id.daddr, &xnew->id.daddr, family) &&

		    !xfrm_addr_cmp(&x->props.saddr, &xnew->props.saddr, family))

			x->genid = xfrm_state_genid;

	}

}
@@ -753,7 +770,7 @@ EXPORT_SYMBOL(xfrm_state_insert); 
/* xfrm_state_lock is held */

static struct xfrm_state *__find_acq_core(unsigned short family, u8 mode, u32 reqid, u8 proto, xfrm_address_t *daddr, xfrm_address_t *saddr, int create)

{

	unsigned int h = xfrm_dst_hash(daddr, reqid, family);

	unsigned int h = xfrm_dst_hash(daddr, saddr, reqid, family);

	struct hlist_node *entry;

	struct xfrm_state *x;