| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Jun 2009 14:29:46 +0300 From: Timo Teräs <timo.teras@....fi> To: Herbert Xu <herbert@...dor.apana.org.au> CC: David Miller <davem@...emloft.net>, netdev@...r.kernel.org, kuznet@....inr.ac.ru Subject: Re: ip_gre headroom allocation Herbert Xu wrote: > On Thu, Jun 11, 2009 at 01:17:14PM +0300, Timo Teräs wrote: >>> Otherwise we'd need a similar hack in ipip.c too. >> I was under the impression that as we need to do the route lookup anyway >> we could take advantage of the information available from there fully. >> >> But yes, your explanation makes perfect sense. > > I think you're both right :) > > We should include the IPsec head room here, but also in the > dev->needed_headroom calculation so that most packets don't > get reallocated in the first place. I guess this is easy for point-to-point tunnels. But how about the multipoint gre tunnels? The needed_headroom can vary on destination basis depending on if they are NATted or not, and on the cipher/hash used. Can we change the needed_headroom on-the-fly? Increase it when ever we encounter a larger path? But this also means some packages would get extra headroom allocated. - Timo -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists