From: Paolo Abeni <pabeni@redhat.com>
To: netdev@vger.kernel.org
Cc: "David S. Miller" <davem@davemloft.net>,
Jakub Kicinski <kuba@kernel.org>, Florian Westphal <fw@strlen.de>,
Eric Dumazet <edumazet@google.com>,
linux-security-module@vger.kernel.org, selinux@vger.kernel.org
Subject: [PATCH RFC 1/9] sk_buff: track nfct status in newly added skb->_state
Date: Wed, 21 Jul 2021 18:44:33 +0200 [thread overview]
Message-ID: <f3708c7208ac32cf35a69ae90e3203bda93be1ce.1626882513.git.pabeni@redhat.com> (raw)
In-Reply-To: <cover.1626882513.git.pabeni@redhat.com>
so that we can skip initizialzing such field at skb
allocation and move such field after 'tail'.
_state uses one byte hole in the header section.
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
v1 -> v2:
- : NULL
- has_nfct = !!nfct -> ovs uses skb_set_nfct(NULL, 0) to clear skb->_nfct
should skb_nfct()/skb_get_nfct() return IP_CT_UNTRACKED
if SKB_HAS_NFCT is not set?
---
include/linux/skbuff.h | 19 ++++++++++++++-----
1 file changed, 14 insertions(+), 5 deletions(-)
diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index f19190820e63..ec3d34d8022f 100644
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -689,6 +689,8 @@ typedef unsigned char *sk_buff_data_t;
* CHECKSUM_UNNECESSARY (max 3)
* @dst_pending_confirm: need to confirm neighbour
* @decrypted: Decrypted SKB
+ * @_state: bitmap reporting the presence of some skb state info
+ * @has_nfct: @_state bit for nfct info
* @napi_id: id of the NAPI struct this skb came from
* @sender_cpu: (aka @napi_id) source CPU in XPS
* @secmark: security marking
@@ -765,9 +767,6 @@ struct sk_buff {
#endif
};
-#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
- unsigned long _nfct;
-#endif
unsigned int len,
data_len;
__u16 mac_len,
@@ -870,6 +869,12 @@ struct sk_buff {
#ifdef CONFIG_TLS_DEVICE
__u8 decrypted:1;
#endif
+ union {
+ __u8 _state; /* state of extended fields */
+ struct {
+ __u8 has_nfct:1;
+ };
+ };
#ifdef CONFIG_NET_SCHED
__u16 tc_index; /* traffic control index */
@@ -936,6 +941,9 @@ struct sk_buff {
/* only useable after checking ->active_extensions != 0 */
struct skb_ext *extensions;
#endif
+#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
+ unsigned long _nfct;
+#endif
};
#ifdef __KERNEL__
@@ -4198,7 +4206,7 @@ static inline void skb_remcsum_process(struct sk_buff *skb, void *ptr,
static inline struct nf_conntrack *skb_nfct(const struct sk_buff *skb)
{
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
- return (void *)(skb->_nfct & NFCT_PTRMASK);
+ return skb->has_nfct ? (void *)(skb->_nfct & NFCT_PTRMASK) : NULL;
#else
return NULL;
#endif
@@ -4207,7 +4215,7 @@ static inline struct nf_conntrack *skb_nfct(const struct sk_buff *skb)
static inline unsigned long skb_get_nfct(const struct sk_buff *skb)
{
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
- return skb->_nfct;
+ return skb->has_nfct ? skb->_nfct : 0;
#else
return 0UL;
#endif
@@ -4216,6 +4224,7 @@ static inline unsigned long skb_get_nfct(const struct sk_buff *skb)
static inline void skb_set_nfct(struct sk_buff *skb, unsigned long nfct)
{
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
+ skb->has_nfct = !!nfct;
skb->_nfct = nfct;
#endif
}
--
2.26.3
next parent reply other threads:[~2021-07-21 16:45 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <cover.1626882513.git.pabeni@redhat.com>
2021-07-21 16:44 ` Paolo Abeni [this message]
2021-07-21 16:44 ` [PATCH RFC 2/9] sk_buff: track dst status in skb->_state Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 3/9] sk_buff: move the active_extensions into the state bitfield Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 4/9] net: optimize GRO for the common case Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 5/9] skbuff: introduce has_sk state bit Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 6/9] veth: use skb_prepare_for_gro() Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 7/9] sk_buff: move inner header fields after tail Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 8/9] sk_buff: move vlan field " Paolo Abeni
2021-07-21 16:44 ` [PATCH RFC 9/9] sk_buff: access secmark via getter/setter Paolo Abeni
2021-07-21 19:56 ` kernel test robot
2021-07-21 20:19 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f3708c7208ac32cf35a69ae90e3203bda93be1ce.1626882513.git.pabeni@redhat.com \
--to=pabeni@redhat.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=fw@strlen.de \
--cc=kuba@kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.