On Thu, 2017-11-30 at 15:23 -0800, Martin KaFai Lau wrote:
> The current listener hashtable is hashed by port only.
> When a process is listening at many IP addresses with the same port
> (e.g.
> [IP1]:443, [IP2]:443... [IPN]:443), the inet[6]_lookup_listener()
> performance is degraded to a link list. It is prone to syn attack.
>
>
...
> diff --git a/include/net/inet_hashtables.h
> b/include/net/inet_hashtables.h
> index 4cce516c41ac..ebce55d694e7 100644
> --- a/include/net/inet_hashtables.h
> +++ b/include/net/inet_hashtables.h
> @@ -152,8 +152,19 @@ struct inet_hashinfo {
> */
> struct inet_listen_hashbucket listening_hash[INET_LHT
> ABLE_SIZE]
> ____cacheline_aligned_in_smp
> ;
> + struct inet_listen_hashbucket *lhash2;
> + unsigned int lhash2_mask;
> };
>
Please move these two fields before listening_hash[], to avoid adding
another cache line to "struct inet_hashinfo"
( We have a 16-byte hole there, so lets use it ;) )
