lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 13 Jun 2019 16:08:30 +0200 From: Toke Høiland-Jørgensen <toke@...hat.com> To: Paul Blakey <paulb@...lanox.com>, Marcelo Ricardo Leitner <marcelo.leitner@...il.com> Cc: Jiri Pirko <jiri@...lanox.com>, Roi Dayan <roid@...lanox.com>, Yossi Kuperman <yossiku@...lanox.com>, Oz Shlomo <ozsh@...lanox.com>, "netdev\@vger.kernel.org" <netdev@...r.kernel.org>, David Miller <davem@...emloft.net>, Aaron Conole <aconole@...hat.com>, Zhike Wang <wangzhike@...com>, Rony Efraim <ronye@...lanox.com>, "nst-kernel\@redhat.com" <nst-kernel@...hat.com>, John Hurley <john.hurley@...ronome.com>, Simon Horman <simon.horman@...ronome.com>, Justin Pettit <jpettit@....org>, Kevin Darbyshire-Bryant <kevin@...byshire-bryant.me.uk> Subject: Re: [PATCH net-next 1/3] net/sched: Introduce action ct Paul Blakey <paulb@...lanox.com> writes: > On 6/11/2019 11:23 PM, Toke Høiland-Jørgensen wrote: >> Marcelo Ricardo Leitner <marcelo.leitner@...il.com> writes: >> >>> On Tue, Jun 11, 2019 at 05:34:50PM +0200, Toke Høiland-Jørgensen wrote: >>>> Paul Blakey <paulb@...lanox.com> writes: >>>> >>>>> On 6/11/2019 4:59 PM, Toke Høiland-Jørgensen wrote: >>>>>> Paul Blakey <paulb@...lanox.com> writes: >>>>>> >>>>>>> Allow sending a packet to conntrack and set conntrack zone, mark, >>>>>>> labels and nat parameters. >>>>>> How is this different from the newly merged ctinfo action? >>>>>> >>>>>> -Toke >>>>> Hi, >>>>> >>>>> ctinfo does one of two very specific things, >>>>> >>>>> 1) copies DSCP values that have been placed in the firewall conntrack >>>>> mark back into the IPv4/v6 diffserv field >>>>> >>>>> 2) copies the firewall conntrack mark to the skb's mark field (like >>>>> act_connmark) >>>>> >>>>> Originally ctinfo action was named conndscp (then conntrack, which is >>>>> what our ct shorthand stands for). >>>>> >>>>> We also talked about merging both at some point, but they seem only >>>>> coincidentally related. >>>> Well, I'm predicting it will create some confusion to have them so >>>> closely named... Not sure what the best way to fix that is, though...? >>> I had suggested to let act_ct handle the above as well, as there is a >>> big chunk of code on both that is pretty similar. There is quite some >>> boilerplate for interfacing with conntrack which is duplicated. >>> But it was considered that the end actions are unrelated, and ctinfo >>> went ahead. (I'm still not convinced of that, btw) >>> >>> Other than this, which is not an option anymore, I don't see a way to >>> avoid confusion here. Seems anything we pick now will be confusing >>> because ctinfo is a generic name, and we also need one here. >> Hmm, yeah, dunno if I have any better ideas for naming that would avoid >> this. act_runct ? Meh... >> >> -Toke > > > If it's fine with you guys, can we keep the name act_ct ? :) Sure, let's just keep the colour of this particular bike shed :) -Toke
Powered by blists - more mailing lists