From: Pablo Neira Ayuso <pablo@netfilter.org>
To: Florian Westphal <fw@strlen.de>
Cc: netfilter-devel@vger.kernel.org, Eric Garver <eric@garver.life>
Subject: Re: [PATCH nft] src: mnl: fix --echo buffer size -- again
Date: Tue, 10 Sep 2019 10:50:56 +0200 [thread overview]
Message-ID: <20190910085056.bfbgsgvhraatmsuc@salvia> (raw)
In-Reply-To: <20190909221918.28473-1-fw@strlen.de>
On Tue, Sep 10, 2019 at 12:19:18AM +0200, Florian Westphal wrote:
[...]
> diff --git a/src/mnl.c b/src/mnl.c
> index 9c1f5356c9b9..d664564e16af 100644
> --- a/src/mnl.c
> +++ b/src/mnl.c
> @@ -311,8 +311,6 @@ int mnl_batch_talk(struct netlink_ctx *ctx, struct list_head *err_list,
> int ret, fd = mnl_socket_get_fd(nl), portid = mnl_socket_get_portid(nl);
> uint32_t iov_len = nftnl_batch_iovec_len(ctx->batch);
> char rcv_buf[MNL_SOCKET_BUFFER_SIZE];
> - unsigned int enobuf_restarts = 0;
> - size_t avg_msg_size, batch_size;
> const struct sockaddr_nl snl = {
> .nl_family = AF_NETLINK
> };
> @@ -321,17 +319,22 @@ int mnl_batch_talk(struct netlink_ctx *ctx, struct list_head *err_list,
> .tv_usec = 0
> };
> struct iovec iov[iov_len];
> - unsigned int scale = 4;
> struct msghdr msg = {};
> fd_set readfds;
>
> mnl_set_sndbuffer(ctx->nft->nf_sock, ctx->batch);
>
> - batch_size = mnl_nft_batch_to_msg(ctx, &msg, &snl, iov, iov_len);
> - avg_msg_size = div_round_up(batch_size, num_cmds);
> + mnl_nft_batch_to_msg(ctx, &msg, &snl, iov, iov_len);
>
> -restart:
> - mnl_set_rcvbuffer(ctx->nft->nf_sock, num_cmds * avg_msg_size * scale);
> + if (nft_output_echo(&ctx->nft->output)) {
> + size_t buffer_size = MNL_SOCKET_BUFFER_SIZE * 1024;
> + size_t new_buffer_size = num_cmds * 1024;
Probably all simplify this to?
mnl_set_rcvbuffer(ctx->nft->nf_sock, (1 << 10) * num_cmds);
Upper limit for us is NLMSG_GOODSIZE, which is not exposed to
userspace, although we have control over that upper limit from
nf_tables. In practise, I think we go over the 1 Kbytes per message
boundary.
> +
> + if (new_buffer_size > buffer_size)
> + buffer_size = new_buffer_size;
> +
> + mnl_set_rcvbuffer(ctx->nft->nf_sock, buffer_size);
> + }
>
> ret = mnl_nft_socket_sendmsg(ctx, &msg);
> if (ret == -1)
next prev parent reply other threads:[~2019-09-10 8:51 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-09 22:19 [PATCH nft] src: mnl: fix --echo buffer size -- again Florian Westphal
2019-09-10 8:50 ` Pablo Neira Ayuso [this message]
2019-09-10 10:52 ` Florian Westphal
2019-09-10 11:22 ` Pablo Neira Ayuso
2019-09-10 11:44 ` Florian Westphal
2019-09-10 13:08 ` Eric Garver
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190910085056.bfbgsgvhraatmsuc@salvia \
--to=pablo@netfilter.org \
--cc=eric@garver.life \
--cc=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).