| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20090209101912.GA8338@gondor.apana.org.au>
Date: Mon, 9 Feb 2009 21:19:12 +1100
From: Herbert Xu <herbert@...dor.apana.org.au>
To: David Miller <davem@...emloft.net>
Cc: netdev@...r.kernel.org
Subject: Re: TX pre-headers...
On Mon, Feb 09, 2009 at 02:14:03AM -0800, David Miller wrote:
>
> Indeed, I noticed needed_headroom when I set out to start coding
> things up. :)
>
> There are all sorts of cases that won't work well, as you implicitly
> suggest. For example, forwarding to a path that encapsulates to a GRE
> or other type of tunnel.
>
> For IPSEC we're predominantly COW'ing the data anyways, so...
Yes tunneling (especially when it's hidden by netfilter) is the
hard part.
Here's a thought, what if we had your global maximum, and every
time we have to reallocate a packet because of a failed head
room check, we increase the maximum by the needed amount (we should
add a ceiling in case some buggy path ignores this maximum when
allocating a new packet).
This way even tunnels could benefit from not having to copy all
the time.
As a failed check should be rare (given that we're continuously
increasing it) the overhead in updating the maximum should be
reasonable.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists