From owner-svn-src-all@freebsd.org Fri Sep 13 12:24:22 2019 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 235A4F05A7; Fri, 13 Sep 2019 12:24:22 +0000 (UTC) (envelope-from gallatin@cs.duke.edu) Received: from duke.cs.duke.edu (duke.cs.duke.edu [152.3.140.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 46VFF10Ls6z4ZHR; Fri, 13 Sep 2019 12:24:20 +0000 (UTC) (envelope-from gallatin@cs.duke.edu) Received: from [192.168.200.4] (c-71-56-186-158.hsd1.va.comcast.net [71.56.186.158]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: gallatin) by duke.cs.duke.edu (Postfix) with ESMTPSA id 545C5270018B; Fri, 13 Sep 2019 08:24:19 -0400 (EDT) DMARC-Filter: OpenDMARC Filter v1.3.1 duke.cs.duke.edu 545C5270018B DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=cs.duke.edu; s=mail0816; t=1568377459; bh=a1b+f4yVNP9u/FaoHmc4GpvizRqRGlogYWiAUgk8uSM=; h=Subject:To:From:Date:From; b=dSACIiSF1ht0DK/yT2RZVn7ah0O6BJ36mw29oNtE189gqMqJ1X0Pw/M7Oks09rdUI a4jWGp764D0lnMoOvf1KkSLXmqaqEIl2pqr3RPtBPvx4Z/j2rbPVHfDLEQ3j5ed5G1 BY0L8sDzjXbnUZ57CjKB4TPsTyHaq5sTdhTnFm6O9dzE+USaIDzPOs+i93XXJdElBL uqS4umGDsvTb3rAWgaschourCXANIkg+/1CCVZXWbztxnnFNrMl2DYA3YMpuFeCgRV G+K/ZZff93inuaPhK4sI+x0iE9fd6PACiCNRBNFRQwOtNtuNxBOKvtlWhxPwvf6sB1 rZ0SXSfrztL4w== Subject: Re: svn commit: r352228 - head/sys/netinet To: cem@freebsd.org, Andrew Gallatin Cc: src-committers , svn-src-all , svn-src-head References: <201909111848.x8BImQnn056188@repo.freebsd.org> From: Andrew Gallatin Message-ID: <50ec28c4-7e36-c69b-4003-bff07decf22a@cs.duke.edu> Date: Fri, 13 Sep 2019 08:24:18 -0400 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 46VFF10Ls6z4ZHR X-Spamd-Bar: --------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cs.duke.edu header.s=mail0816 header.b=dSACIiSF; dmarc=pass (policy=none) header.from=cs.duke.edu; spf=pass (mx1.freebsd.org: domain of gallatin@cs.duke.edu designates 152.3.140.1 as permitted sender) smtp.mailfrom=gallatin@cs.duke.edu X-Spamd-Result: default: False [-9.36 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[cs.duke.edu:s=mail0816]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:152.3.140.0/23]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; DWL_DNSWL_MED(-2.00)[duke.edu.dwl.dnswl.org : 127.0.11.2]; RCPT_COUNT_FIVE(0.00)[5]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCVD_IN_DNSWL_MED(-0.20)[1.140.3.152.list.dnswl.org : 127.0.11.2]; DKIM_TRACE(0.00)[cs.duke.edu:+]; DMARC_POLICY_ALLOW(-0.50)[cs.duke.edu,none]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-3.66)[ip: (-9.91), ipnet: 152.3.128.0/17(-4.62), asn: 13371(-3.71), country: US(-0.05)]; ASN(0.00)[asn:13371, ipnet:152.3.128.0/17, country:US]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Sep 2019 12:24:22 -0000 On 2019-09-11 17:16, Conrad Meyer wrote: > Small nitpick: > > On Wed, Sep 11, 2019 at 11:48 AM Andrew Gallatin wrote: >> Note that on a system under a syn flood attack, arc4random() >> becomes quite expensive, and the chacha_poly crypto that it calls > > arc4random uses chacha20 — there is no "poly" involved. > > Best, > Conrad > Sorry for the mis-statement. poly is associated with chacha in my mind. In any case, calling arc4random() and the chacha it uses millions of times per second is expensive, and avoiding it provides some headroom. Drew