Hi, I am a researcher at EPFL, Switzerland. I study software vulnerabilities with the aim of building better tools to protect developers against security bugs. Recently the skb_sgement() was patched (http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fd819ecb90cc9b822cd84d3056ddba315d3340f) fixing the CVE-2014-0131 vulnerability (http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0131) in the Linux Kernel. I am interested in the performance implications of this patch; could you help me answering the following questions:
Do you think the bug fix for skb_segment() function can have any performance implications? If so, how much will the added checks add to the run time of the function? Is skb_segment() function part of the core functionality of the software? What fraction of time is expected to be spent in this function? Your answers will help us to better characterize the trade offs between performance and security in popular software. -- Regards, Azqa Nadeem Internee - Dependable Systems Lab EPFL, Switzerland -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
