| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 13 Apr 2015 16:16:38 -0400 (EDT) From: David Miller <davem@...emloft.net> To: hannes@...essinduktion.org Cc: fw@...len.de, netdev@...r.kernel.org, kaber@...sh.net Subject: Re: [PATCH -next 0/3] net: cap size to original frag size when refragmenting From: Hannes Frederic Sowa <hannes@...essinduktion.org> Date: Mon, 13 Apr 2015 20:40:52 +0200 > netfilter does alter the skbs destructiveley. So the only reason we > could use those unaltered skbs would be to save the lengths of the > individual fragments so we could reapply them to the altered > (constructed by reassembly) one in the output path. This seems much more > complex to me. :/ It could process the individual fragments one by one then. Then at the end you could see what the final verdicts look like. What happens right now is so damn expensive, has the geometry issue, and is totally unnecessary %99.99999 of the time. I therefore think there is massive value in trying to make it work to keep the original frags around as a group and try to process them that way. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists