On Sat, 2016-06-25 at 06:26 +0200, Eric Dumazet wrote:
> On Sat, 2016-06-25 at 06:11 +0200, Eric Dumazet wrote:
>
> > Simply extend tcp_md5sig_pool to contain a copy of the TCP headers ?
> >
> > At most 40 bytes of extra per cpu storage is not a big problem.
> >
>
> Correction : This is exactly
On Sat, 2016-06-25 at 06:11 +0200, Eric Dumazet wrote:
> Simply extend tcp_md5sig_pool to contain a copy of the TCP headers ?
>
> At most 40 bytes of extra per cpu storage is not a big problem.
>
Correction : This is exactly 20 bytes for tcphdr, not 40.
On Fri, 2016-06-24 at 18:51 -0700, Andy Lutomirski wrote:
> Hi all-
>
> tcp_md5_hash_header does crypto using an sg that points to the stack.
> This will break with virtually mapped stacks. It also looks like it's
> probably much slower than it deserves to be (it's trying to compute
> the MD5 has
