Displaying 1 result from an estimated 1 matches for "nft_hash_key".
2017 Oct 28
5
[Bug 1199] New: nft_set_hash fast lookup broken for 2 byte keys
...jor
Priority: P5
Component: kernel
Assignee: pablo at netfilter.org
Reporter: makovick at gmail.com
Hi,
after an upgrade of the userspace nftables to v0.8, I found that my port sets
suddenly stopped matching. After some searching, I tracked the issue down to
nft_hash_key and nft_hash_lookup_fast - with v0.8, the kernel started
preferring hashes instead of bitsets.
nft_hash_lookup_fast uses jhash_1word, which always uses the hash initializer
appropriate for keys of length == 4. This means it miscomputes the bucket
location for 2-byte keys and the lookup fails. In a...