[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: BPF_MISC+BPF_COP and BPF_COPX
On 10/08/2013 7:23 AM, Matt Thomas wrote:
> The possibility of the COP/COPX functions doing bad things is over wrought.
> It makes the assumption of avoiding BPF and then coding everything is safer
> than using BPF and COP/COPX functions.
Depends on what you mean by "bad things."
Thus far I haven't seen a proper problem statement, only this:
> The problem is simple: I want a generic mechanism to offload more complex
> packet inspection operations, e.g. lookup IP address in some container or
> walk IPv6 headers and return some offsets.
IMHO, the IPv6 problem is and will be common enough to deserve its own
instructionas happened with IPv4 and determining the offset of the first
byte after the IPv4 header.
But the generic offload problem hasn't been explained nearly enough.
Is it required for NPF?
Is it required for tcpdump?
Is it required for dhcpd?
I don't think we know nearly enough about what the problem is in order
to be able to judge whether or not the solution is acceptable.
Main Index |
Thread Index |