Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 5e0f8923 authored by Pavel Emelyanov's avatar Pavel Emelyanov Committed by David S. Miller
Browse files

cipso: Relax too much careful cipso hash function. 



The cipso_v4_cache is allocated to contain CIPSO_V4_CACHE_BUCKETS
buckets. The CIPSO_V4_CACHE_BUCKETS = 1 << CIPSO_V4_CACHE_BUCKETBITS,
where CIPSO_V4_CACHE_BUCKETBITS = 7.

The bucket-selection function for this hash is calculated like this:

  bkt = hash & (CIPSO_V4_CACHE_BUCKETBITS - 1);
                                     ^^^

i.e. picking only 4 buckets of possible 128 :)

Signed-off-by: default avatarPavel Emelyanov <xemul@openvz.org>
Acked-by: default avatarPaul Moore <paul.moore@hp.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 79d44516

net/ipv4/cipso_ipv4.c

+2 −2
Original line number Diff line number Diff line
@@ -338,7 +338,7 @@ static int cipso_v4_cache_check(const unsigned char *key, 
		return -ENOENT;



	hash = cipso_v4_map_cache_hash(key, key_len);

	bkt = hash & (CIPSO_V4_CACHE_BUCKETBITS - 1);

	bkt = hash & (CIPSO_V4_CACHE_BUCKETS - 1);

	spin_lock_bh(&cipso_v4_cache[bkt].lock);

	list_for_each_entry(entry, &cipso_v4_cache[bkt].list, list) {

		if (entry->hash == hash &&
@@ -417,7 +417,7 @@ int cipso_v4_cache_add(const struct sk_buff *skb, 
	atomic_inc(&secattr->cache->refcount);

	entry->lsm_data = secattr->cache;



	bkt = entry->hash & (CIPSO_V4_CACHE_BUCKETBITS - 1);

	bkt = entry->hash & (CIPSO_V4_CACHE_BUCKETS - 1);

	spin_lock_bh(&cipso_v4_cache[bkt].lock);

	if (cipso_v4_cache[bkt].size < cipso_v4_cache_bucketsize) {

		list_add(&entry->list, &cipso_v4_cache[bkt].list);