lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20190820122214.702476ff@cakuba.netronome.com>
Date:   Tue, 20 Aug 2019 12:22:14 -0700
From:   Jakub Kicinski <jakub.kicinski@...ronome.com>
To:     Pablo Neira Ayuso <pablo@...filter.org>
Cc:     netfilter-devel@...r.kernel.org, davem@...emloft.net,
        netdev@...r.kernel.org, jiri@...nulli.us, vladbu@...lanox.com
Subject: Re: [PATCH net-next 0/2] netfilter: payload mangling offload
 support

On Tue, 20 Aug 2019 12:48:05 +0200, Pablo Neira Ayuso wrote:
> Hi,
> 
> This patchset adds payload mangling offload support for Netfilter:
> 
> 1) Adapt existing drivers to allow for mangling up to four 32-bit words
>    with one single flow_rule action. Hence, once single action can be
>    used to mangle an IPv6 address.
> 
> 2) Add support for netfilter packet mangling.

Why pick 128b as a unit, because that's nftables' word size? :/

Reality is unless core coalesces _all_ consecutive rewrites drivers 
will have to do their own coalescing, anyway.

We suffered through enough haphazard "updates", I don't like this either.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ