[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20190822.152857.1388207414767202364.davem@davemloft.net>
Date: Thu, 22 Aug 2019 15:28:57 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: casey@...aufler-ca.com
Cc: fw@...len.de, paul@...l-moore.com, netdev@...r.kernel.org,
linux-security-module@...r.kernel.org, selinux@...r.kernel.org
Subject: Re: New skb extension for use by LSMs (skb "security blob")?
From: Casey Schaufler <casey@...aufler-ca.com>
Date: Thu, 22 Aug 2019 14:59:37 -0700
> Sure, you *can* do that, but it would be insane to do so.
We look up the neighbour table entries on every single packet we
transmit from the kernel in the same exact way.
And it was exactly to get rid of a pointer in a data structure.
Powered by blists - more mailing lists