lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 28 Mar 2022 21:20:02 +0300
From:   Nikolay Aleksandrov <>
To:     Felix Fietkau <>,
        Nikolay Aleksandrov <>,
Subject: Re: [RFC 2/2] net: bridge: add a software fast-path implementation

On 28/03/2022 18:15, Felix Fietkau wrote:
> Hi Nik,
> I'd like to follow up on our discussion regarding bridge offloading.
> I managed to come up with a user space + eBPF implementation that replaces this code and shows mostly the same performance gain as my previous kernel space implementation.
> At first I tried to use generic XDP, but after getting it working, performance was pretty bad (due to headroom issues) and I was told that this is by design and nobody should use it in production.
> Then I reworked the code to use tc classifier instead and it worked much better.
> It's not fully ready yet, I need to add some more tests for incompatible features, but I'm getting there...
> The code is here:
> There's one thing I haven't been able to figure out yet: What's the proper way to keep bridge fdb entries alive from user space without modifying them in any other way?
> - Felix

Hi Felix,
That's very nice! Interesting work. One way it's usually done is through periodic NTF_USE (refresh),
another would be to mark them externally learned and delete them yourself (user-space aging).
It really depends on the exact semantics you'd like.


Powered by blists - more mailing lists