lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Apr 2015 02:10:33 +0200 From: Daniel Borkmann <daniel@...earbox.net> To: Pablo Neira Ayuso <pablo@...filter.org> CC: netfilter-devel@...r.kernel.org, davem@...emloft.net, netdev@...r.kernel.org, jhs@...atatu.com Subject: Re: [PATCH 6/6] net: move qdisc ingress filtering on top of netfilter ingress hooks On 04/30/2015 01:32 AM, Pablo Neira Ayuso wrote: ... > Actually, the extra cost is roughly (getting inlined stuff away and > other non-relevant stuff): > > `-> nf_hook_slow() > `-> [for each entry in hook list] > `-> nf_iterate() > `-> (*elemp)->hook() Yep, agreed. > as part of the generic hook infrastructure, which comes with extra > flexibility in return. I think the main concern so far was not to harm > the critical netif_receive_core() path, and this patchset proves not > to affect this. Correct, as you use the static key and hide everything behind it. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists