On Fri, Jan 18, 2008 at 02:49:00PM -0800, Stephen Hemminger wrote: > The perturbation timer used for re-keying can be deferred, it doesn't > need to be deterministic.
The only concern that I can come up with is that the sfq_perturbation timer might be on one CPU, and all the operations using the corresponding SFQ on another. This could in theory allow a nearly omniscient attacker to exploit an SFQ imbalance while preventing perturbation of the hash function. This does not seem to be a valid concern at this point, since there are very few uses of init_timer_deferrable(). And if it should become a problem, one approach would be to have some sort of per-timer limit to the deferral. Of course, at that point one would need to figure out what this limit should be! Acked-by: Paul E. McKenney <[EMAIL PROTECTED]> > Signed-off-by: Stephen Hemminger <[EMAIL PROTECTED]> > > > --- a/net/sched/sch_sfq.c 2008-01-17 08:29:24.000000000 -0800 > +++ b/net/sched/sch_sfq.c 2008-01-17 09:00:58.000000000 -0800 > @@ -426,7 +426,9 @@ static int sfq_init(struct Qdisc *sch, s > struct sfq_sched_data *q = qdisc_priv(sch); > int i; > > - setup_timer(&q->perturb_timer, sfq_perturbation, (unsigned long)sch); > + q->perturb_timer.function = sfq_perturbation; > + q->perturb_timer.data = (unsigned long)sch;; > + init_timer_deferrable(&q->perturb_timer); > > for (i=0; i<SFQ_HASH_DIVISOR; i++) > q->ht[i] = SFQ_DEPTH; -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
