Michel Machado
Michel Machado
GK blocks batch lookups to the flow table and the LPM table. This pull request reverts these batched lookups back to single lookups and moves the code into coroutines.
When a NIC doesn't support filters that a functional block needs, the block falls back to register the needed filters through an internal API that essentially uses ACL to do...
Can't we drop `include/list.h` and use `/usr/include/sys/queue.h` instead? DPDK already uses the latter, and it comes from the C library: ``` $ dpkg -S /usr/include/sys/queue.h libc6-dev-i386: /usr/include/sys/queue.h ``` There are...
It may be possible to review Gatekeeper's interface between C and LuaJIT to remove the need for `luaL_pushcdata()`, `luaL_checkcdata()`, and `luaL_get_ctypeid()`; these are the only functions required to integrate Gatekeeper...
`luaL_get_ctypeid()`, which GT blocks call multiple times while interacting with the Lua policy (see #210 for a reference), gets a reference to `ffi.typeof()` running the Lua code `return require('ffi').typeof`. Most...
Given that the architecture of Gatekeeper favors scalability, it requires several machines to build a testbed. This demand makes experimenting with Gatekeeper difficult. Using virtual machines (VMs) lowers this demand,...
GitHub has been making it easier to use a static analysis tool on repositories; see [this news](https://github.blog/2021-07-28-new-code-scanning-integrations-open-source-security-tools/) for an example. We may benefit from integrating with these tools to inspect...
The implementation of the Neighbor Discovery protocol of IPv6 (ND) in Gatekeeper doesn't support Duplicate Address Detection (DAD). While this missing feature is not causing an issue for anyone, it's...
The scripts shipped with `gkctl` (i.e. scripts in [folder `gkctl/scripts`](https://github.com/AltraMayor/gatekeeper/tree/master/gkctl/scripts)) will have their output truncated if the output is larger than 64KiB due to the maximum size of the messages...
Pull request #484 introduced coroutines into Gatekeeper. While the single coroutine used in the CPS block is not performance critical, future uses of coroutines will be (e.g. pull request #370)....