| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 15 Jan 2011 04:46:11 +0200
From: Lucian Adrian Grijincu <lucian.grijincu@...il.com>
To: netdev@...r.kernel.org
Cc: "David S. Miller" <davem@...emloft.net>,
Alexey Kuznetsov <kuznet@....inr.ac.ru>,
"Pekka Savola (ipv6)" <pekkas@...core.fi>,
James Morris <jmorris@...ei.org>,
Hideaki YOSHIFUJI <yoshfuji@...ux-ipv6.org>,
Patrick McHardy <kaber@...sh.net>,
Nick Piggin <npiggin@...nel.dk>,
Al Viro <viro@...iv.linux.org.uk>,
Christoph Hellwig <hch@....de>,
Lucian Adrian Grijincu <lucian.grijincu@...il.com>,
Dave Chinner <dchinner@...hat.com>,
Neil Horman <nhorman@...driver.com>,
Eric Dumazet <eric.dumazet@...il.com>,
Alexey Dobriyan <adobriyan@...il.com>,
Octavian Purdila <opurdila@...acom.com>,
Vlad Dogaru <ddvlad@...edu.org>
Subject: [PATCH] RFC: ipv4: share sysctl net/ipv4/conf/DEVNAME/ tables
For each network device DEVNAME that supports ipv4 a new table was
registered in net/ipv4/conf/DEVNAME/. The sysctl table was identical
for all network devices, except for the ->data, ->extra1 and ->extra2
members.
However, given the 'struct net_device*' corresponding to the device
DEVNAME we can compute data and extra1.
extra2 cannot be computed, it is the 'struct net*' of the device and
it is used to find the correct 'struct net_device*' with this name
(e.g. we will have 'lo' in every network namespace).
We cannot use the current process' network namespace. For example,
after running this code:
int fd = open("/proc/sys/net/ipv4/conf/default/tag", O_RDONLY);
unshare(CLONE_NEWNET);
'fd' points to a sysctl for a network namespace different from the
current process' network namespace.
To gain access to the name of the directory above a file, sysctl
handlers are passed an extra argument: the 'struct file*'
corresponding to the file. From the file we walk up one level to find
the name of the device. None of the other handlers were changed to
receive this extra parameter, but due to C's calling convention they
shouldn't care.
Each table has 26 entries (25 files + 1 sentinel). For each net device
this patch should save:
* 32bit: 26 * 36 = 936 bytes
* 64bit: 26 * 64 = 1664 bytes
**This patch was not thoroughly tested, I'm just looking for feedback
whether the approach is sound and could be applied. Similar changes
can be implemented for ipv6 too.**
Signed-off-by: Lucian Adrian Grijincu <lucian.grijincu@...il.com>
---
fs/proc/proc_sysctl.c | 11 ++-
include/linux/inetdevice.h | 14 +++-
include/net/netns/ipv4.h | 14 +++
net/ipv4/devinet.c | 236 +++++++++++++++++++++++++++++---------------
4 files changed, 194 insertions(+), 81 deletions(-)
View attachment "0001-RFC-ipv4-share-sysctl-net-ipv4-conf-DEVNAME-tables.patch" of type "text/x-patch" (15497 bytes)
Powered by blists - more mailing lists