On Sat, 2016-06-25 at 06:26 +0200, Eric Dumazet wrote:
> On Sat, 2016-06-25 at 06:11 +0200, Eric Dumazet wrote:
>
> > Simply extend tcp_md5sig_pool to contain a copy of the TCP headers ?
> >
> > At most 40 bytes of extra per cpu storage is not a big problem.
> >
>
> Correction : This is exactly
On Sat, 2016-06-25 at 06:11 +0200, Eric Dumazet wrote:
> Simply extend tcp_md5sig_pool to contain a copy of the TCP headers ?
>
> At most 40 bytes of extra per cpu storage is not a big problem.
>
Correction : This is exactly 20 bytes for tcphdr, not 40.
On Fri, 2016-06-24 at 18:51 -0700, Andy Lutomirski wrote:
> Hi all-
>
> tcp_md5_hash_header does crypto using an sg that points to the stack.
> This will break with virtually mapped stacks. It also looks like it's
> probably much slower than it deserves to be (it's trying to compute
> the MD5 has
Hi all-
tcp_md5_hash_header does crypto using an sg that points to the stack.
This will break with virtually mapped stacks. It also looks like it's
probably much slower than it deserves to be (it's trying to compute
the MD5 hash of a few tens of bytes -- going through a scatterlist is
a lot of ov
