Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > Quick idea: I think we can also support atomic replacement at word > size using xchg, so the replacement operation can still happen at word > level. Setting many bits at once would be also faster with that. Unfortunately, no -- the interface is too rudimentary. Example: You want to set bis 0, 2, 6; but leave all other bit that are set intact. So you first need to make a dump to fetch the current labels set. Then, you set bits 0, 2, 6 and send the new state to the kernel. But between the dump and the set operation, a new bit might have been set. So even when using xchg it will be un-set again... -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
