freebsd-skq/sys/netinet
gallatin b799855a78 Avoid unneeded call to arc4random() in syncache_add()
Don't call arc4random() unconditionally to initialize sc_iss, and
then when syncookies are enabled, just overwrite it with the
return value from from syncookie_generate(). Instead, only call
arc4random() to initialize sc_iss when syncookies are not
enabled.

Note that on a system under a syn flood attack, arc4random()
becomes quite expensive, and the chacha_poly crypto that it calls
is one of the more expensive things happening on the
system. Removing this unneeded arc4random() call reduces CPU from
about 40% to about 35% in my test scenario (Broadwell Xeon, 6Mpps
syn flood attack).

Reviewed by:	rrs, tuxen, bz
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D21591
2019-09-11 18:48:26 +00:00
..
cc When performing after_idle() or post_recovery(), don't disable the 2019-07-29 09:19:48 +00:00
khelp sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
libalias Separate kernel crc32() implementation to its own header (gsb_crc32.h) and 2019-06-17 19:49:08 +00:00
netdump Fix netdump buffering after r348473. 2019-08-19 16:29:51 +00:00
tcp_stacks Only update SACK/DSACK lists when a non-empty segment was received. 2019-09-09 16:07:47 +00:00
accf_data.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
accf_dns.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
accf_http.c sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
icmp6.h Initial implementation of draft-ietf-6man-ipv6only-flag. 2018-10-30 20:08:48 +00:00
icmp_var.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
if_ether.c Extract eventfilter declarations to sys/_eventfilter.h 2019-05-20 00:38:23 +00:00
if_ether.h Retire arpresolve_addr(), which is not used anywhere, from if_ether.c. 2018-11-17 16:08:36 +00:00
igmp_var.h Separate list manipulation locking from state change in multicast 2018-05-02 19:36:29 +00:00
igmp.c Mechanical cleanup of epoch(9) usage in network stack. 2019-01-09 01:11:19 +00:00
igmp.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
in_cksum.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
in_debug.c CK: update consumers to use CK macros across the board 2018-05-24 23:21:23 +00:00
in_fib.c Existense of PCB route caching doesn't allow us to use new fast route 2019-05-08 23:39:24 +00:00
in_fib.h Existense of PCB route caching doesn't allow us to use new fast route 2019-05-08 23:39:24 +00:00
in_gif.c Add the check that current VNET is ready and access to srchash is allowed. 2018-10-23 13:11:45 +00:00
in_jail.c Move most of the contents of opt_compat.h to opt_global.h. 2018-04-06 17:35:35 +00:00
in_kdtrace.c Define sctp probes only when SCTP is configured. 2018-09-06 14:15:03 +00:00
in_kdtrace.h Add support for send, receive and state-change DTrace providers for 2018-08-22 21:23:32 +00:00
in_mcast.c Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
in_pcb.c Fix !INET build. 2019-08-02 22:43:09 +00:00
in_pcb.h IPv6 cleanup: kernel 2019-08-02 07:41:36 +00:00
in_pcbgroup.c Fix PCBGROUPS build post CK conversion of pcbinfo 2018-06-13 23:19:54 +00:00
in_prot.c Move most of the contents of opt_compat.h to opt_global.h. 2018-04-06 17:35:35 +00:00
in_proto.c Remove empty encap_init() function. 2018-05-29 12:32:08 +00:00
in_rmx.c
in_rss.c
in_rss.h
in_systm.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
in_var.h Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
in.c Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code 2019-04-04 19:01:13 +00:00
in.h Rename IPPROTO 33 from SEP to DCCP 2019-08-08 11:43:09 +00:00
ip6.h carp: Set DSCP value CS7 2018-07-01 08:37:07 +00:00
ip_carp.c Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
ip_carp.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
ip_divert.c Make second argument of ip_divert(), that specifies packet direction a bool. 2019-03-14 22:23:09 +00:00
ip_divert.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
ip_dummynet.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
ip_ecn.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ip_ecn.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ip_encap.c Include <sys/eventhandler.h> to fix the build. 2018-10-21 18:39:34 +00:00
ip_encap.h Add KPI that can be used by tunneling interfaces to handle IP addresses 2018-10-21 17:55:26 +00:00
ip_fastfwd.c New pfil(9) KPI together with newborn pfil API and control utility. 2019-01-31 23:01:03 +00:00
ip_fw.h Add "tcpmss" opcode to match the TCP MSS value. 2019-06-21 10:54:51 +00:00
ip_gre.c Add GRE-in-UDP encapsulation support as defined in RFC8086. 2019-04-24 09:05:45 +00:00
ip_icmp.c Add CTLFLAG_VNET to the net.inet.icmp.tstamprepl definition. 2019-03-26 22:14:50 +00:00
ip_icmp.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ip_id.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
ip_input.c Use IN_foo() macros from sys/netinet/in.h inplace of handcrafted code 2019-04-04 19:01:13 +00:00
ip_mroute.c Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
ip_mroute.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ip_options.c Mechanical cleanup of epoch(9) usage in network stack. 2019-01-09 01:11:19 +00:00
ip_options.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
ip_output.c Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
ip_reass.c Revert r346530 until further. 2019-04-22 19:36:19 +00:00
ip_var.h Convert all IPv4 and IPv6 multicast memberships into using a STAILQ 2019-06-25 11:54:41 +00:00
ip.h carp: Set DSCP value CS7 2018-07-01 08:37:07 +00:00
pim_var.h Rework IP encapsulation handling code. 2018-06-05 20:51:01 +00:00
pim.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
raw_ip.c When sending IPv4 packets on a SOCK_RAW socket using the IP_HDRINCL option, 2019-04-13 10:47:47 +00:00
sctp_asconf.c Fix a typo. 2019-08-08 08:23:27 +00:00
sctp_asconf.h Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
sctp_auth.c Mitigate providing a timing signal if the COOKIE or AUTH 2018-10-01 14:05:31 +00:00
sctp_auth.h Remove unused code. 2018-09-18 10:53:07 +00:00
sctp_bsd_addr.c Mechanical cleanup of epoch(9) usage in network stack. 2019-01-09 01:11:19 +00:00
sctp_bsd_addr.h Revert https://svnweb.freebsd.org/changeset/base/336503 2018-07-19 20:11:14 +00:00
sctp_cc_functions.c Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
sctp_constants.h Limit the user-controllable amount of memory the kernel allocates 2019-01-16 11:33:47 +00:00
sctp_crc32.c Separate kernel crc32() implementation to its own header (gsb_crc32.h) and 2019-06-17 19:49:08 +00:00
sctp_crc32.h When adding support for sending SCTP packets containing an ABORT chunk 2017-12-26 12:35:02 +00:00
sctp_dtrace_declare.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
sctp_dtrace_define.h Add support for send, receive and state-change DTrace providers for 2018-08-22 21:23:32 +00:00
sctp_header.h Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
sctp_indata.c Improve the handling of illegal sequence number combinations in received 2019-08-31 08:18:49 +00:00
sctp_indata.h Fix initialization of top_fsn. 2019-09-01 10:39:16 +00:00
sctp_input.c Improve the handling of state cookie parameters in INIT-ACK chunks. 2019-09-01 10:09:53 +00:00
sctp_input.h Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
sctp_lock_bsd.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
sctp_os_bsd.h Improve consistency. No functional change. 2019-08-05 13:22:15 +00:00
sctp_os.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
sctp_output.c Improve the handling of state cookie parameters in INIT-ACK chunks. 2019-09-01 10:09:53 +00:00
sctp_output.h Improve the handling of state cookie parameters in INIT-ACK chunks. 2019-09-01 10:09:53 +00:00
sctp_pcb.c Improve function definition. 2019-08-31 13:13:40 +00:00
sctp_pcb.h IPv6 cleanup: kernel 2019-08-02 07:41:36 +00:00
sctp_peeloff.c Use the stacb instead of the asoc in state macros. 2018-08-13 13:58:45 +00:00
sctp_peeloff.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
sctp_ss_functions.c Initialize scheduler specific data for the FCFS scheduler. 2019-03-25 16:40:54 +00:00
sctp_structs.h Fix build issue for the userland stack. 2019-03-24 12:13:05 +00:00
sctp_syscalls.c netinet silence warnings 2018-05-19 05:56:21 +00:00
sctp_sysctl.c Plug some networking sysctl leaks. 2018-11-22 20:49:41 +00:00
sctp_sysctl.h Add initial descriptions for SCTP related MIB variable. 2018-10-26 21:04:17 +00:00
sctp_timer.c Refactor the SHUTDOWN_PENDING state handling. 2018-08-21 13:25:32 +00:00
sctp_timer.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
sctp_uio.h Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
sctp_usrreq.c Fix a locking issue in sctp_accept. 2019-08-06 10:29:19 +00:00
sctp_var.h Whitespace changes due to changes in ident. 2018-07-19 20:16:33 +00:00
sctp.h Limit the size of messages sent on 1-to-many style SCTP sockets with the 2019-03-23 22:56:03 +00:00
sctputil.c Fix build issues for the userland stack on Raspbian. 2019-08-06 08:33:21 +00:00
sctputil.h Improve input validation for the IPPROTO_SCTP level socket options 2019-05-19 17:28:00 +00:00
siftr.c Repair siftr(4): PFIL_IN and PFIL_OUT are defines of some value, relying 2019-02-01 08:10:26 +00:00
tcp_debug.c sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
tcp_debug.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
tcp_fastopen.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
tcp_fastopen.h Greatly reduce the number of #ifdefs supporting the TCP_RFC7413 kernel option. 2018-02-26 03:03:41 +00:00
tcp_fsm.h Revert r334843, and partially revert r335180. 2018-06-23 06:53:53 +00:00
tcp_hostcache.c Use the new VNET_DEFINE_STATIC macro when we are defining static VNET 2018-07-24 16:35:52 +00:00
tcp_hostcache.h sys: general adoption of SPDX licensing ID tags. 2017-11-27 15:23:17 +00:00
tcp_hpts.c This commit updates rack to what is basically being used at NF as 2019-07-10 20:40:39 +00:00
tcp_hpts.h This commit updates rack to what is basically being used at NF as 2019-07-10 20:40:39 +00:00
tcp_input.c Only update SACK/DSACK lists when a non-empty segment was received. 2019-09-09 16:07:47 +00:00
tcp_log_buf.c Fix a small bug in the tcp_log_id where the bucket 2019-04-10 18:58:11 +00:00
tcp_log_buf.h This commit updates rack to what is basically being used at NF as 2019-07-10 20:40:39 +00:00
tcp_lro.c Fix build after r351934 2019-09-06 18:33:39 +00:00
tcp_lro.h This adds the final tweaks to LRO that will now allow me 2019-09-06 14:25:41 +00:00
tcp_offload.c Extract eventfilter declarations to sys/_eventfilter.h 2019-05-20 00:38:23 +00:00
tcp_offload.h Add a hook to allow the toedev handling an offloaded connection to 2018-04-03 01:08:54 +00:00
tcp_output.c Initialize if_hw_tsomaxsegsize to 0 to appease gcc's flow analysis as a 2019-09-06 18:25:42 +00:00
tcp_pcap.c Add an external mbuf buffer type that holds multiple unmapped pages. 2019-06-29 00:48:33 +00:00
tcp_pcap.h
tcp_ratelimit.c With the recent commit of ktls, we no longer have a 2019-09-11 15:41:36 +00:00
tcp_ratelimit.h This adds the third step in getting BBR into the tree. BBR and 2019-08-01 14:17:31 +00:00
tcp_reass.c This patch addresses an issue brought up by bz@ in D18968: 2019-02-21 09:34:47 +00:00
tcp_sack.c This patch improves the DSACK handling to conform with RFC 2883. 2019-09-02 19:04:02 +00:00
tcp_seq.h r330675 introduced an extra window check in the LRO code to ensure it 2018-04-03 13:54:38 +00:00
tcp_subr.c This adds in the missing counter initialization which 2019-09-06 18:29:48 +00:00
tcp_syncache.c Avoid unneeded call to arc4random() in syncache_add() 2019-09-11 18:48:26 +00:00
tcp_syncache.h The handling of RST segments in the SYN-RCVD state exists in the 2018-10-18 19:21:18 +00:00
tcp_timer.c Add sysctl variable net.inet.tcp.rexmit_initial for setting RTO.Initial 2019-03-23 21:36:59 +00:00
tcp_timer.h Add sysctl variable net.inet.tcp.rexmit_initial for setting RTO.Initial 2019-03-23 21:36:59 +00:00
tcp_timewait.c Fix a byte ordering issue for the advertised receiver window in ACK 2019-02-15 09:45:17 +00:00
tcp_usrreq.c Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
tcp_var.h This adds in the missing counter initialization which 2019-09-06 18:29:48 +00:00
tcp.h Add kernel-side support for in-kernel TLS. 2019-08-27 00:01:56 +00:00
tcpip.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
toecore.c Extract eventfilter declarations to sys/_eventfilter.h 2019-05-20 00:38:23 +00:00
toecore.h Extract eventfilter declarations to sys/_eventfilter.h 2019-05-20 00:38:23 +00:00
udp_usrreq.c After parts of the locking fixes in r346595, syzkaller found 2019-06-01 14:57:42 +00:00
udp_var.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
udp.h sys: further adoption of SPDX licensing ID tags. 2017-11-20 19:43:44 +00:00
udplite.h Add a dtrace provider for UDP-Lite. 2018-07-31 22:56:03 +00:00