lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 2 Oct 2018 09:11:17 -0600
From:   David Ahern <dsahern@...il.com>
To:     Jiri Benc <jbenc@...hat.com>, David Ahern <dsahern@...nel.org>
Cc:     netdev@...r.kernel.org, davem@...emloft.net, christian@...uner.io,
        stephen@...workplumber.org
Subject: Re: [PATCH RFC v2 net-next 02/25] net/ipv6: Refactor address dump to
 push inet6_fill_args to in6_dump_addrs

On 10/2/18 4:54 AM, Jiri Benc wrote:
> On Mon,  1 Oct 2018 17:28:28 -0700, David Ahern wrote:
>> Pull the inet6_fill_args arg up to in6_dump_addrs and move netnsid
>> into it. Since IFA_TARGET_NETNSID is a kernel side filter add the
>> NLM_F_DUMP_FILTERED flag so userspace knows the request was honored.
> 
> IFA_TARGET_NETNSID is not a filter.
> 
> "Filter" returns a subset of the results. It's kind of optimization
> when one is interested only in some data but not all of them. Instead
> of dumping everything, going through the results and picking only the
> data one is interested in, it's better to pass a filter and get only
> the relevant data. But you're not really required to: you can filter in
> your app.

Generically speaking a filter modifies the output based on the input.
Specifying a target namespace is an input to the dump that modifies the
output.

Yes, you can do it in userspace which is what iproute2 has done to this
point, but it is grossly inefficient and that inefficiency has
implications at scale.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ