From b3da2cf37c5c6e47698957a25ab43a7223dbb90f Mon Sep 17 00:00:00 2001 From: "David S. Miller" Date: Fri, 23 Mar 2007 11:40:27 -0700 Subject: [INET]: Use jhash + random secret for ehash. The days are gone when this was not an issue, there are folks out there with huge bot networks that can be used to attack the established hash tables on remote systems. So just like the routing cache and connection tracking hash, use Jenkins hash with random secret input. Signed-off-by: David S. Miller --- net/ipv6/af_inet6.c | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'net/ipv6/af_inet6.c') diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index 82572b50..df31cdd 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c @@ -98,6 +98,11 @@ static int inet6_create(struct socket *sock, int protocol) int try_loading_module = 0; int err; + if (sock->type != SOCK_RAW && + sock->type != SOCK_DGRAM && + !inet_ehash_secret) + build_ehash_secret(); + /* Look for the requested type/protocol pair. */ answer = NULL; lookup_protocol: -- cgit v1.1