syncookies: use SipHash in place of SHA1
authorJason A. Donenfeld <Jason@zx2c4.com>
Sun, 8 Jan 2017 12:54:03 +0000 (13:54 +0100)
committerDavid S. Miller <davem@davemloft.net>
Mon, 9 Jan 2017 18:58:57 +0000 (13:58 -0500)
commitfe62d05b295bde037fa324767674540907c89362
treecf9bec3d1efa2caa3ef6576cbbc23199b30ec7e3
parent7cd23e5300c1b95903859a8bdc084e79be66ce16
syncookies: use SipHash in place of SHA1

SHA1 is slower and less secure than SipHash, and so replacing syncookie
generation with SipHash makes natural sense. Some BSDs have been doing
this for several years in fact.

The speedup should be similar -- and even more impressive -- to the
speedup from the sequence number fix in this series.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Cc: Eric Dumazet <eric.dumazet@gmail.com>
Cc: David Miller <davem@davemloft.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/ipv4/syncookies.c
net/ipv6/syncookies.c