summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2008-03-23 22:21:28 -0700
committerDavid S. Miller <davem@davemloft.net>2008-03-23 22:21:28 -0700
commit2051f11fb86b0056fec440fe7e9fa8370d60a5c6 (patch)
treee93befbb8fb6590994b51aa213bf9596c0070bc1
parent310afe86af8ddd96a06b75aa61ef1af233f80e89 (diff)
downloadkernel-crypto-2051f11fb86b0056fec440fe7e9fa8370d60a5c6.tar.gz
kernel-crypto-2051f11fb86b0056fec440fe7e9fa8370d60a5c6.tar.xz
kernel-crypto-2051f11fb86b0056fec440fe7e9fa8370d60a5c6.zip
[TCP]: Shrink syncookie_secret by 8 byte.
the first u32 copied from syncookie_secret is overwritten by the minute-counter four lines below. After adjusting the destination address, the size of syncookie_secret can be reduced accordingly. AFAICS, the only other user of syncookie_secret[] is the ipv6 syncookie support. Because ipv6 syncookies only grab 44 bytes from syncookie_secret[], this shouldn't affect them in any way. With fixes from Glenn Griffin. Signed-off-by: Florian Westphal <fw@strlen.de> Acked-by: Glenn Griffin <ggriffin.kernel@gmail.com> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/net/tcp.h2
-rw-r--r--net/ipv4/syncookies.c4
-rw-r--r--net/ipv6/syncookies.c2
3 files changed, 4 insertions, 4 deletions
diff --git a/include/net/tcp.h b/include/net/tcp.h
index 67cc3956d29..723b36851dd 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h
@@ -436,7 +436,7 @@ extern int tcp_disconnect(struct sock *sk, int flags);
extern void tcp_unhash(struct sock *sk);
/* From syncookies.c */
-extern __u32 syncookie_secret[2][16-3+SHA_DIGEST_WORDS];
+extern __u32 syncookie_secret[2][16-4+SHA_DIGEST_WORDS];
extern struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
struct ip_options *opt);
extern __u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb,
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index 4704f27f6c0..abc752d45cf 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -21,7 +21,7 @@
extern int sysctl_tcp_syncookies;
-__u32 syncookie_secret[2][16-3+SHA_DIGEST_WORDS];
+__u32 syncookie_secret[2][16-4+SHA_DIGEST_WORDS];
EXPORT_SYMBOL(syncookie_secret);
static __init int init_syncookies(void)
@@ -41,7 +41,7 @@ static u32 cookie_hash(__be32 saddr, __be32 daddr, __be16 sport, __be16 dport,
{
__u32 *tmp = __get_cpu_var(cookie_scratch);
- memcpy(tmp + 3, syncookie_secret[c], sizeof(syncookie_secret[c]));
+ memcpy(tmp + 4, syncookie_secret[c], sizeof(syncookie_secret[c]));
tmp[0] = (__force u32)saddr;
tmp[1] = (__force u32)daddr;
tmp[2] = ((__force u32)sport << 16) + (__force u32)dport;
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c
index 827c5aa7524..3a622e7abc0 100644
--- a/net/ipv6/syncookies.c
+++ b/net/ipv6/syncookies.c
@@ -22,7 +22,7 @@
#include <net/tcp.h>
extern int sysctl_tcp_syncookies;
-extern __u32 syncookie_secret[2][16-3+SHA_DIGEST_WORDS];
+extern __u32 syncookie_secret[2][16-4+SHA_DIGEST_WORDS];
#define COOKIEBITS 24 /* Upper bits store count */
#define COOKIEMASK (((__u32)1 << COOKIEBITS) - 1)