On Sat, Jun 6, 2020 at 1:20 PM Alexei Starovoitov
<alexei.starovoitov@xxxxxxxxx> wrote:
>
> Please mention specific bugs and let's fix them.
Well, Eric did mention one explicit bug, and several "looks dodgy" bugs.
And the fact is, this isn't used.
It's clever, and I like the concept, but it was probably a mistake to
do this as a user-mode-helper thing.
If people really convert netfilter rules to bpf, they'll likely do so
in user space. This bpfilter thing hasn't gone anywhere, and it _has_
caused problems.
So Alexei, I think the burden of proof is not on Eric, but on you.
Eric's claim is that
(a) it has bugs (and yes, he pointed to at lelast one)
(b) it's not doing anything useful
(b) it's a maintenance issue for execve, which is what Eric maintains.
So you can't just dismiss this, ignore the reported bug, and say
"we'll fix them".
That only answers (a) (well, it _would_ have answered (a)., except you
actually didn't even read Eric's report of existing bugs).
What is your answer to (b)-(c)?
Linus
