On Thu, Apr 18, 2019 at 11:01:42PM +0300, Amit Klein wrote:
Patch 355b98553789b646ed97ad801a619ff898471b92 makes net_hash_mix() return tru 32 bits of entropy. When used in the IP ID generation algorithm, this has the effect of extending the IP ID generation key from 32 bits to 64 bits. However, net_hash_mix() is only used for IP ID generation starting with kernel version 4.1. Therefore, earlier kernels remain with 32-bit key. The patch addresses this issue by explicitly extending the key to 64 bits for kernels v<4.1.
Very nice, thanks!
One nit, it's easier to reference commits by a shorter sha1 and the text of the commit, than just one long number. So I would rewrite the subject and paragraphs to be something like the following:
------------ Subject: [PATCH] inet: update the IP ID generation algorithm to higher standards.
Commit 355b98553789 ("netns: provide pure entropy for net_hash_mix()") makes net_hash_mix() return a true 32 bits of entropy. When used in the IP ID generation algorithm, this has the effect of extending the IP ID generation key from 32 bits to 64 bits.
However, net_hash_mix() is only used for IP ID generation starting with kernel version 4.1. Therefore, earlier kernels remain with 32-bit key no matter what the net_hash_mix() return value is.
This change addresses the issue by explicitly extending the key to 64 bits for kernels older than 4.1. ------------
Does that look good to you as an accurate representation? If so, I can edit the text of your patch when I queue it up.
thanks,
greg k-h
On Thu, Apr 18, 2019 at 10:25:07PM +0200, Greg Kroah-Hartman wrote:
On Thu, Apr 18, 2019 at 11:01:42PM +0300, Amit Klein wrote:
Patch 355b98553789b646ed97ad801a619ff898471b92 makes net_hash_mix() return tru 32 bits of entropy. When used in the IP ID generation algorithm, this has the effect of extending the IP ID generation key from 32 bits to 64 bits. However, net_hash_mix() is only used for IP ID generation starting with kernel version 4.1. Therefore, earlier kernels remain with 32-bit key. The patch addresses this issue by explicitly extending the key to 64 bits for kernels v<4.1.
Very nice, thanks!
One nit, it's easier to reference commits by a shorter sha1 and the text of the commit, than just one long number. So I would rewrite the subject and paragraphs to be something like the following:
Subject: [PATCH] inet: update the IP ID generation algorithm to higher standards.
Commit 355b98553789 ("netns: provide pure entropy for net_hash_mix()") makes net_hash_mix() return a true 32 bits of entropy. When used in the IP ID generation algorithm, this has the effect of extending the IP ID generation key from 32 bits to 64 bits.
However, net_hash_mix() is only used for IP ID generation starting with kernel version 4.1. Therefore, earlier kernels remain with 32-bit key no matter what the net_hash_mix() return value is.
This change addresses the issue by explicitly extending the key to 64 bits for kernels older than 4.1.
Does that look good to you as an accurate representation? If so, I can edit the text of your patch when I queue it up.
Oops, you sent the patch in html format, which I couldn't apply either way, so you would need to resend it no matter what :(
thanks,
greg k-h
linux-stable-mirror@lists.linaro.org