| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 17 Jul 2016 09:32:09 -0700 From: Cong Wang <xiyou.wangcong@...il.com> To: Jamal Hadi Salim <jhs@...atatu.com> Cc: David Miller <davem@...emloft.net>, Daniel Borkmann <daniel@...earbox.net>, Nikolay Aleksandrov <nikolay@...ulusnetworks.com>, Linux Kernel Network Developers <netdev@...r.kernel.org> Subject: Re: [RFC PATCH net-next 1/1] Introduce skbmod action On Sat, Jul 16, 2016 at 7:28 AM, Jamal Hadi Salim <jhs@...atatu.com> wrote: > On 16-07-12 01:10 PM, Cong Wang wrote: >> >> On Mon, Jul 11, 2016 at 5:12 AM, Jamal Hadi Salim <jhs@...atatu.com> >> wrote: >>> >>> From: Jamal Hadi Salim <jhs@...atatu.com> >>> >>> This action is intended to be an upgrade from a usability perspective >>> from pedit. Compare this: >>> >> >> Definitely agree we need a more user-friendly interface. >> >>> >>> pedit is a good starting point - but once you start going to a large >>> number of policies then from a programmability, ops and usability point >>> of view you need something with more succint params. >>> >> >> But it is still unclear why we can't just build something on top of >> pedit? Since pedit accepts keys like u32, user-space is free to >> introduce any wrapper on top of it. >> > > > That hasnt served us well so far for reasons i described earlier > especially in the dump case. > It hasnt served u32 as a classifier well either (yes, those dump > wrappers exist on the tc user code); i am almost willing to bet > you didnt even know such a feature existed ;-> But this still sounds like it is solvable, just not yet solved, right? And we don't have to change kernel space unless we can't fix user-space.
Powered by blists - more mailing lists