| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20150510170550.GA4442@salvia>
Date: Sun, 10 May 2015 19:05:50 +0200
From: Pablo Neira Ayuso <pablo@...filter.org>
To: Daniel Borkmann <daniel@...earbox.net>
Cc: davem@...emloft.net, ast@...mgrid.com, jhs@...atatu.com,
netdev@...r.kernel.org
Subject: Re: [PATCH net-next 0/2] handle_ing update
On Sat, May 09, 2015 at 10:51:30PM +0200, Daniel Borkmann wrote:
> These are a couple of cleanups to make ingress a bit more lightweight.
This is plain wrong at many levels.
You're persisting on embedding the ingress code into the core, and you
have to remember that most users don't need this. Modules allows
people to get the code that they need into the core, with this
approach, they have no other choice other than disable from .config
this if they don't need it.
This has to be done the other way around. I just sent a patchset to
clean up this that in exactly the other direction, as a result,
performance is improved for users that don't need this.
We should do things to make users aware that when they request
features, they have to pay a performance cost, and that happens by
when you invoke:
tc qdisc add dev eth0 handle ffff: ingress
David already stated before that ingress path is performance critical,
but you insist on trying to get qdisc ingress faster *at any cost*.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists