| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20180309.105724.519703919967625754.davem@davemloft.net>
Date: Fri, 09 Mar 2018 10:57:24 -0500 (EST)
From: David Miller <davem@...emloft.net>
To: dwmw2@...radead.org
Cc: fw@...len.de, pablo@...filter.org, rga@...zon.de,
bridge@...ts.linux-foundation.org, stephen@...workplumber.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
aliguori@...zon.com, nbd@...nwrt.org
Subject: Re: [RFC PATCH v2] bridge: make it possible for packets to
traverse the bridge without hitting netfilter
From: David Woodhouse <dwmw2@...radead.org>
Date: Fri, 09 Mar 2018 15:31:15 +0000
> Eschewing a 15% speedup on the basis that "well, even though we've had
> three of these already for a decade, we're worried that adding a fourth
> might open the floodgates to further patches" does seem a little odd to
> me, FWIW.
The cost we are dealing with is a fundamental one which is a result of
the hook design.
Indirect calls are killer.
Indirect calls are even more killer now in the age of Spectre and
retpolines.
I definitely would rather see the fundamental issue addressed rather
than poking at it randomly with knobs for this case and that.
Thank you.
Powered by blists - more mailing lists