Commit 87545899 authored by Daniel Borkmann's avatar Daniel Borkmann Committed by David S. Miller
Browse files

net: replace remaining users of arch_fast_hash with jhash 

This patch effectively reverts commit 500f8087 ("net: ovs: use CRC32
accelerated flow hash if available"), and other remaining arch_fast_hash()
users such as from nfsd via commit 6282cd56 ("NFSD: Don't hand out
delegations for 30 seconds after recalling them.") where it has been used
as a hash function for bloom filtering.

While we think that these users are actually not much of concern, it has
been requested to remove the arch_fast_hash() library bits that arose
from [1] entirely as per recent discussion [2]. The main argument is that
using it as a hash may introduce bias due to its linearity (see avalanche
criterion) and thus makes it less clear (though we tried to document that)
when this security/performance trade-off is actually acceptable for a
general purpose library function.

Lets therefore avoid any further confusion on this matter and remove it to
prevent any future accidental misuse of it. For the time being, this is
going to make hashing of flow keys a bit more expensive in the ovs case,
but future work could reevaluate a different hashing discipline.

  [1] https://patchwork.ozlabs.org/patch/299369/
  [2] https://patchwork.ozlabs.org/patch/418756/



Cc: Neil Brown <neilb@suse.de>
Cc: Francesco Fusco <fusco@ntop.org>
Cc: Jesse Gross <jesse@nicira.com>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: default avatarDaniel Borkmann <dborkman@redhat.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 7f19fc5e

fs/nfsd/nfs4state.c

+3 −3
Original line number Diff line number Diff line
@@ -41,7 +41,7 @@ 
#include <linux/ratelimit.h>

#include <linux/sunrpc/svcauth_gss.h>

#include <linux/sunrpc/addr.h>

#include <linux/hash.h>

#include <linux/jhash.h>

#include "xdr4.h"

#include "xdr4cb.h"

#include "vfs.h"
@@ -594,7 +594,7 @@ static int delegation_blocked(struct knfsd_fh *fh) 
		}

		spin_unlock(&blocked_delegations_lock);

	}

	hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);

	hash = jhash(&fh->fh_base, fh->fh_size, 0);

	if (test_bit(hash&255, bd->set[0]) &&

	    test_bit((hash>>8)&255, bd->set[0]) &&

	    test_bit((hash>>16)&255, bd->set[0]))
@@ -613,7 +613,7 @@ static void block_delegations(struct knfsd_fh *fh) 
	u32 hash;

	struct bloom_pair *bd = &blocked_delegations;



	hash = arch_fast_hash(&fh->fh_base, fh->fh_size, 0);

	hash = jhash(&fh->fh_base, fh->fh_size, 0);



	spin_lock(&blocked_delegations_lock);

	__set_bit(hash&255, bd->set[bd->new]);

lib/rhashtable.c

+4 −4
Original line number Diff line number Diff line
@@ -20,7 +20,7 @@ 
#include <linux/slab.h>

#include <linux/vmalloc.h>

#include <linux/mm.h>

#include <linux/hash.h>

#include <linux/jhash.h>

#include <linux/random.h>

#include <linux/rhashtable.h>
@@ -524,7 +524,7 @@ static size_t rounded_hashtable_size(struct rhashtable_params *params) 
 *	.head_offset = offsetof(struct test_obj, node),

 *	.key_offset = offsetof(struct test_obj, key),

 *	.key_len = sizeof(int),

 *	.hashfn = arch_fast_hash,

 *	.hashfn = jhash,

 * #ifdef CONFIG_PROVE_LOCKING

 *	.mutex_is_held = &my_mutex_is_held,

 * #endif
@@ -545,7 +545,7 @@ static size_t rounded_hashtable_size(struct rhashtable_params *params) 
 *

 * struct rhashtable_params params = {

 *	.head_offset = offsetof(struct test_obj, node),

 *	.hashfn = arch_fast_hash,

 *	.hashfn = jhash,

 *	.obj_hashfn = my_hash_fn,

 * #ifdef CONFIG_PROVE_LOCKING

 *	.mutex_is_held = &my_mutex_is_held,
@@ -778,7 +778,7 @@ static int __init test_rht_init(void) 
		.head_offset = offsetof(struct test_obj, node),

		.key_offset = offsetof(struct test_obj, value),

		.key_len = sizeof(int),

		.hashfn = arch_fast_hash,

		.hashfn = jhash,

#ifdef CONFIG_PROVE_LOCKING

		.mutex_is_held = &test_mutex_is_held,

#endif

net/openvswitch/flow_table.c

+2 −2
Original line number Diff line number Diff line
@@ -25,7 +25,7 @@ 
#include <linux/if_vlan.h>

#include <net/llc_pdu.h>

#include <linux/kernel.h>

#include <linux/hash.h>

#include <linux/jhash.h>

#include <linux/jiffies.h>

#include <linux/llc.h>

#include <linux/module.h>
@@ -366,7 +366,7 @@ static u32 flow_hash(const struct sw_flow_key *key, int key_start, 
	/* Make sure number of hash bytes are multiple of u32. */

	BUILD_BUG_ON(sizeof(long) % sizeof(u32));



	return arch_fast_hash2(hash_key, hash_u32s, 0);

	return jhash2(hash_key, hash_u32s, 0);

}



static int flow_key_start(const struct sw_flow_key *key)

CRA Git | Maintained and supported by SUSTech CRA and CCSE