> From: Kees Cook <keescook@xxxxxxxxxxxx> > Date: Thu, 16 Mar 2017 11:38:25 -0600 > > > I am, of course, biased, but I think the evidence of actual > > refcounting attacks outweighs the theoretical performance cost of > > these changes. > > This is not theoretical at all. > > We count the nanoseconds that every packet takes to get processed and > you are adding quite a bit. > > I understand your point of view, but this is knowingly going to add > performance regressions to the networking code. Should we then first measure the actual numbers to understand what we are talking here about? I would be glad to do it if you suggest what is the correct way to do measurements here to actually reflect the real life use cases. Best Regards, Elena.
