[INET]: Use jhash + random secret for ehash.

The days are gone when this was not an issue, there are folks out there with huge bot networks that can be used to attack the established hash tables on remote systems. So just like the routing cache and connection tracking hash, use Jenkins hash with random secret input. Signed-off-by: David S. Miller <davem@davemloft.net>
author: David S. Miller <davem@davemloft.net> 2007-03-23 11:40:27 -0700
committer: David S. Miller <davem@sunset.davemloft.net> 2007-04-25 22:28:06 -0700
commit: b3da2cf37c5c6e47698957a25ab43a7223dbb90f (patch)
tree: e8892392aaf7e3d3544ede23c21791e2317b177d /net/ipv6
parent: d30045a0bcf144753869175dd9d840f7ceaf4aba (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index 82572b507547..df31cdd33cda 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -98,6 +98,11 @@ static int inet6_create(struct socket *sock, int protocol)
 	int try_loading_module = 0;
 	int err;
 
+	if (sock->type != SOCK_RAW &&
+	    sock->type != SOCK_DGRAM &&
+	    !inet_ehash_secret)
+		build_ehash_secret();
+
 	/* Look for the requested type/protocol pair. */
 	answer = NULL;
 lookup_protocol:
author	David S. Miller <davem@davemloft.net>	2007-03-23 11:40:27 -0700
committer	David S. Miller <davem@sunset.davemloft.net>	2007-04-25 22:28:06 -0700
commit	b3da2cf37c5c6e47698957a25ab43a7223dbb90f (patch)
tree	e8892392aaf7e3d3544ede23c21791e2317b177d /net/ipv6
parent	d30045a0bcf144753869175dd9d840f7ceaf4aba (diff)