[ovs-dev] [GIT PULL v2] Open vSwitch

Jesse Gross jesse at nicira.com
Fri Dec 2 23:00:42 UTC 2011


On Wed, Nov 30, 2011 at 11:52 PM, Herbert Xu
<herbert at gondor.apana.org.au> wrote:
> On Thu, Dec 01, 2011 at 04:24:18PM +0900, Simon Horman wrote:
>>
>> So while I agree that optimizing the hash is a good idea.  I don't believe
>> it is a bottle-neck at this point. Though I could be convinced otherwise if
>> long collision chains could be constructed with relatively few flows.
>> Something I had not considered until I rad your email just now.
>
> It's not an optimisation issue, but a security one.  If you leave
> a hash like this with a constant seed, an attacker would have an
> infinite amount of time to find collisions.
>
> Rehashing isn't all that difficult.

Yeah, I agree.  We'll fix this for the next version of the patch series, thanks.



More information about the dev mailing list