Richard Weinberger <richard@xxxxxx> wrote: > Am 01.07.2017 um 12:35 schrieb Florian Westphal: > > The compare on removal is not needed afaics, and its also not used when > > doing lookup to begin with, so we can just recompute it? > > Isn't this a way too much overhead? I don't think so. This computation only occurs when we dump events to userspace. > I personally favor Pablo's per-cpu counter approach. > That way the IDs are unique again and we get rid of the info leak without > much effort. I have not seen these patches so can't really comment. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
