| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Oct 2018 14:05:48 -0400
From: Jamal Hadi Salim <jhs@...atatu.com>
To: David Ahern <dsahern@...il.com>,
Sowmini Varadhan <sowmini.varadhan@...cle.com>,
Stephen Hemminger <stephen@...workplumber.org>
Cc: David Ahern <dsahern@...nel.org>, netdev@...r.kernel.org,
davem@...emloft.net
Subject: Re: [PATCH net-next 0/9] net: Kernel side filtering for route dumps
On 2018-10-11 1:04 p.m., David Ahern wrote:
> You can already filter link dumps by kind. How? By passing in the KIND
> attribute on a dump request. This type of filtering exists for link
> dumps, neighbor dumps, fdb dumps. Why is there a push to make route
> dumps different? Why can't they be consistent and use existing semantics?
I think you meant filtering by ifindex in neighbor.
note: I would argue that there are already "adhoc" ways of filtering
in place, mostly use case driven). Otherwise Sowmini wouldnt have to
craft that bpf filter. There are netlink users who have none or some
weird filtering involved. There is no arguement that your approach
works for rtm. But the rest of the users missing filters will require
similar kernel changes. Could this be made generic enough to benefit
other netlink users?
The problem is there's always one new attribute that would make sense
for some use case which requires a kernel change ("send me an event only
if you get link down" or "dump all ports with link down").
cheers,
jamal
Powered by blists - more mailing lists