| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 17 Sep 2015 15:13:31 +0200 From: Daniel Borkmann <daniel@...earbox.net> To: Jamal Hadi Salim <jhs@...atatu.com>, Alexei Starovoitov <ast@...mgrid.com>, "David S. Miller" <davem@...emloft.net> CC: John Fastabend <john.fastabend@...il.com>, netdev@...r.kernel.org Subject: Re: [PATCH v2 net-next 1/2] cls_bpf: introduce integrated actions Hi Jamal, On 09/17/2015 02:37 PM, Jamal Hadi Salim wrote: > On 09/16/15 02:05, Alexei Starovoitov wrote: >> From: Daniel Borkmann <daniel@...earbox.net> >> >> Often cls_bpf classifier is used with single action drop attached. >> Optimize this use case and let cls_bpf return both classid and action. >> For backwards compatibility reasons enable this feature under >> TCA_BPF_FLAG_ACT_DIRECT flag. >> > > This is going off in a different direction really. > You are replicating the infrastructure inside bpf. Hmm, I don't really agree. With cls_bpf you have non-linear classifications as opposed to walking a chain of classifiers: worst case, I have to walk through N classifiers just to find out that the last one matches that I need to drop - this doesn't scale at all. Given that we can make this decision right here, we can use this fact and have simple return codes provided as well. It only supplements non-linear classification that was from the very beginning of cls_bpf a core part of it. Thanks, Daniel -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists