tcp: configurable source port perturb table size

On embedded systems with little memory and no relevant security concerns, it is beneficial to reduce the size of the table. Reducing the size from 2^16 to 2^8 saves 255 KiB of kernel RAM. Makes the table size configurable as an expert option. The size was previously increased from 2^8 to 2^16 in commit 4c2c8f03a5ab ("tcp: increase source port perturb table to 2^16"). Signed-off-by: Gleb Mazovetskiy <glex.spb@gmail.com> Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Gleb Mazovetskiy 2022-11-14 22:56:16 +0000
committer: David S. Miller 2022-11-16 13:02:04 +0000
commit: aeac4ec8f46d610a10adbaeff5e2edf6a88ffc62 (patch)
tree: c5397e6b81c4067acc2e5e49cb3200dcadeb2c0a /net/ipv4/Kconfig
parent: b68777d54fac21fc833ec26ea1a2a84f975ab035 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/net/ipv4/Kconfig b/net/ipv4/Kconfig
index e983bb0c5012..2dfb12230f08 100644
--- a/net/ipv4/Kconfig
+++ b/net/ipv4/Kconfig
@@ -402,6 +402,16 @@ config INET_IPCOMP
 
 	  If unsure, say Y.
 
+config INET_TABLE_PERTURB_ORDER
+	int "INET: Source port perturbation table size (as power of 2)" if EXPERT
+	default 16
+	help
+	  Source port perturbation table size (as power of 2) for
+	  RFC 6056 3.3.4.  Algorithm 4: Double-Hash Port Selection Algorithm.
+
+	  The default is almost always what you want.
+	  Only change this if you know what you are doing.
+
 config INET_XFRM_TUNNEL
 	tristate
 	select INET_TUNNEL
author	Gleb Mazovetskiy	2022-11-14 22:56:16 +0000
committer	David S. Miller	2022-11-16 13:02:04 +0000
commit	aeac4ec8f46d610a10adbaeff5e2edf6a88ffc62 (patch)
tree	c5397e6b81c4067acc2e5e49cb3200dcadeb2c0a /net/ipv4/Kconfig
parent	b68777d54fac21fc833ec26ea1a2a84f975ab035 (diff)