lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Mar 2015 09:53:31 -0500 From: Andy Gospodarek <gospo@...ulusnetworks.com> To: "Eric W. Biederman" <ebiederm@...ssion.com> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH net-next 1/2] neigh: Factor out ___neigh_lookup_noref On Tue, Mar 03, 2015 at 05:10:44PM -0600, Eric W. Biederman wrote: > > While looking at the mpls code I found myself writing yet another > version of neigh_lookup_noref. We currently have __ipv4_lookup_noref > and __ipv6_lookup_noref. > > So to make my work a little easier and to make it a smidge easier to > verify/maintain the mpls code in the future I stopped and wrote > ___neigh_lookup_noref. Then I rewote __ipv4_lookup_noref and > __ipv6_lookup_noref in terms of this new function. I tested my new > version by verifying that the same code is generated in > ip_finish_output2 and ip6_finish_output2 where these functions are > inlined. > > To get to ___neigh_lookup_noref I added a new neighbour cache table > function key_eq. So that the static size of the key would be > available. > > I also added __neigh_lookup_noref for people who want to to lookup > a neighbour table entry quickly but don't know which neibhgour table > they are going to look up. While I understand your intent here, you do really need to know which neighbour table being used in order to do the look-up with your new function, so this changelog isn't quite accurate. I know Dave has already accepted this patch, but it did not appear in the tree I just updated, so hopefully there is time to fix this if you agree with me. I realize patch 2/2 allows one to not specify a table as look-up is done for you in neigh_xmit, but ___neigh_lookup_noref will clearly panic if no valid table is passed. Otherwise the patch-set looks good to me. Acked-by: Andy Gospodarek <gospo@...ulusnetworks.com> > > Signed-off-by: "Eric W. Biederman" <ebiederm@...ssion.com> > --- > include/net/arp.h | 19 ++++-------------- > include/net/ndisc.h | 19 +----------------- > include/net/neighbour.h | 52 +++++++++++++++++++++++++++++++++++++++++++++++++ > net/core/neighbour.c | 20 +++++-------------- > net/decnet/dn_neigh.c | 6 ++++++ > net/ipv4/arp.c | 9 ++++++++- > net/ipv6/ndisc.c | 7 +++++++ > 7 files changed, 83 insertions(+), 49 deletions(-) > > diff --git a/include/net/arp.h b/include/net/arp.h > index 21ee1860abbc..5e0f891d476c 100644 > --- a/include/net/arp.h > +++ b/include/net/arp.h > @@ -9,28 +9,17 @@ > > extern struct neigh_table arp_tbl; > > -static inline u32 arp_hashfn(u32 key, const struct net_device *dev, u32 hash_rnd) > +static inline u32 arp_hashfn(const void *pkey, const struct net_device *dev, u32 *hash_rnd) > { > + u32 key = *(const u32 *)pkey; > u32 val = key ^ hash32_ptr(dev); > > - return val * hash_rnd; > + return val * hash_rnd[0]; > } > > static inline struct neighbour *__ipv4_neigh_lookup_noref(struct net_device *dev, u32 key) > { > - struct neigh_hash_table *nht = rcu_dereference_bh(arp_tbl.nht); > - struct neighbour *n; > - u32 hash_val; > - > - hash_val = arp_hashfn(key, dev, nht->hash_rnd[0]) >> (32 - nht->hash_shift); > - for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]); > - n != NULL; > - n = rcu_dereference_bh(n->next)) { > - if (n->dev == dev && *(u32 *)n->primary_key == key) > - return n; > - } > - > - return NULL; > + return ___neigh_lookup_noref(&arp_tbl, neigh_key_eq32, arp_hashfn, &key, dev); > } > > static inline struct neighbour *__ipv4_neigh_lookup(struct net_device *dev, u32 key) > diff --git a/include/net/ndisc.h b/include/net/ndisc.h > index 6bbda34d5e59..b3a7751251b4 100644 > --- a/include/net/ndisc.h > +++ b/include/net/ndisc.h > @@ -156,24 +156,7 @@ static inline u32 ndisc_hashfn(const void *pkey, const struct net_device *dev, _ > > static inline struct neighbour *__ipv6_neigh_lookup_noref(struct net_device *dev, const void *pkey) > { > - struct neigh_hash_table *nht; > - const u32 *p32 = pkey; > - struct neighbour *n; > - u32 hash_val; > - > - nht = rcu_dereference_bh(nd_tbl.nht); > - hash_val = ndisc_hashfn(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift); > - for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]); > - n != NULL; > - n = rcu_dereference_bh(n->next)) { > - u32 *n32 = (u32 *) n->primary_key; > - if (n->dev == dev && > - ((n32[0] ^ p32[0]) | (n32[1] ^ p32[1]) | > - (n32[2] ^ p32[2]) | (n32[3] ^ p32[3])) == 0) > - return n; > - } > - > - return NULL; > + return ___neigh_lookup_noref(&nd_tbl, neigh_key_eq128, ndisc_hashfn, pkey, dev); > } > > static inline struct neighbour *__ipv6_neigh_lookup(struct net_device *dev, const void *pkey) > diff --git a/include/net/neighbour.h b/include/net/neighbour.h > index 9f912e4d4232..14e3f017966b 100644 > --- a/include/net/neighbour.h > +++ b/include/net/neighbour.h > @@ -197,6 +197,7 @@ struct neigh_table { > __u32 (*hash)(const void *pkey, > const struct net_device *dev, > __u32 *hash_rnd); > + bool (*key_eq)(const struct neighbour *, const void *pkey); > int (*constructor)(struct neighbour *); > int (*pconstructor)(struct pneigh_entry *); > void (*pdestructor)(struct pneigh_entry *); > @@ -247,6 +248,57 @@ static inline void *neighbour_priv(const struct neighbour *n) > #define NEIGH_UPDATE_F_ISROUTER 0x40000000 > #define NEIGH_UPDATE_F_ADMIN 0x80000000 > > + > +static inline bool neigh_key_eq16(const struct neighbour *n, const void *pkey) > +{ > + return *(const u16 *)n->primary_key == *(const u16 *)pkey; > +} > + > +static inline bool neigh_key_eq32(const struct neighbour *n, const void *pkey) > +{ > + return *(const u32 *)n->primary_key == *(const u32 *)pkey; > +} > + > +static inline bool neigh_key_eq128(const struct neighbour *n, const void *pkey) > +{ > + const u32 *n32 = (const u32 *)n->primary_key; > + const u32 *p32 = pkey; > + > + return ((n32[0] ^ p32[0]) | (n32[1] ^ p32[1]) | > + (n32[2] ^ p32[2]) | (n32[3] ^ p32[3])) == 0; > +} > + > +static inline struct neighbour *___neigh_lookup_noref( > + struct neigh_table *tbl, > + bool (*key_eq)(const struct neighbour *n, const void *pkey), > + __u32 (*hash)(const void *pkey, > + const struct net_device *dev, > + __u32 *hash_rnd), > + const void *pkey, > + struct net_device *dev) > +{ > + struct neigh_hash_table *nht = rcu_dereference_bh(tbl->nht); > + struct neighbour *n; > + u32 hash_val; > + > + hash_val = hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift); > + for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]); > + n != NULL; > + n = rcu_dereference_bh(n->next)) { > + if (n->dev == dev && key_eq(n, pkey)) > + return n; > + } > + > + return NULL; > +} > + > +static inline struct neighbour *__neigh_lookup_noref(struct neigh_table *tbl, > + const void *pkey, > + struct net_device *dev) > +{ > + return ___neigh_lookup_noref(tbl, tbl->key_eq, tbl->hash, pkey, dev); > +} > + > void neigh_table_init(int index, struct neigh_table *tbl); > int neigh_table_clear(int index, struct neigh_table *tbl); > struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey, > diff --git a/net/core/neighbour.c b/net/core/neighbour.c > index 0f48ea3affed..fe3c6eac5805 100644 > --- a/net/core/neighbour.c > +++ b/net/core/neighbour.c > @@ -397,25 +397,15 @@ struct neighbour *neigh_lookup(struct neigh_table *tbl, const void *pkey, > struct net_device *dev) > { > struct neighbour *n; > - int key_len = tbl->key_len; > - u32 hash_val; > - struct neigh_hash_table *nht; > > NEIGH_CACHE_STAT_INC(tbl, lookups); > > rcu_read_lock_bh(); > - nht = rcu_dereference_bh(tbl->nht); > - hash_val = tbl->hash(pkey, dev, nht->hash_rnd) >> (32 - nht->hash_shift); > - > - for (n = rcu_dereference_bh(nht->hash_buckets[hash_val]); > - n != NULL; > - n = rcu_dereference_bh(n->next)) { > - if (dev == n->dev && !memcmp(n->primary_key, pkey, key_len)) { > - if (!atomic_inc_not_zero(&n->refcnt)) > - n = NULL; > - NEIGH_CACHE_STAT_INC(tbl, hits); > - break; > - } > + n = __neigh_lookup_noref(tbl, pkey, dev); > + if (n) { > + if (!atomic_inc_not_zero(&n->refcnt)) > + n = NULL; > + NEIGH_CACHE_STAT_INC(tbl, hits); > } > > rcu_read_unlock_bh(); > diff --git a/net/decnet/dn_neigh.c b/net/decnet/dn_neigh.c > index f123c6c6748c..ee7d1cef0027 100644 > --- a/net/decnet/dn_neigh.c > +++ b/net/decnet/dn_neigh.c > @@ -93,12 +93,18 @@ static u32 dn_neigh_hash(const void *pkey, > return jhash_2words(*(__u16 *)pkey, 0, hash_rnd[0]); > } > > +static bool dn_key_eq(const struct neighbour *neigh, const void *pkey) > +{ > + return neigh_key_eq16(neigh, pkey); > +} > + > struct neigh_table dn_neigh_table = { > .family = PF_DECnet, > .entry_size = NEIGH_ENTRY_SIZE(sizeof(struct dn_neigh)), > .key_len = sizeof(__le16), > .protocol = cpu_to_be16(ETH_P_DNA_RT), > .hash = dn_neigh_hash, > + .key_eq = dn_key_eq, > .constructor = dn_neigh_construct, > .id = "dn_neigh_cache", > .parms ={ > diff --git a/net/ipv4/arp.c b/net/ipv4/arp.c > index 6b8aad6a0d7d..5f5c674e130a 100644 > --- a/net/ipv4/arp.c > +++ b/net/ipv4/arp.c > @@ -122,6 +122,7 @@ > * Interface to generic neighbour cache. > */ > static u32 arp_hash(const void *pkey, const struct net_device *dev, __u32 *hash_rnd); > +static bool arp_key_eq(const struct neighbour *n, const void *pkey); > static int arp_constructor(struct neighbour *neigh); > static void arp_solicit(struct neighbour *neigh, struct sk_buff *skb); > static void arp_error_report(struct neighbour *neigh, struct sk_buff *skb); > @@ -154,6 +155,7 @@ struct neigh_table arp_tbl = { > .key_len = 4, > .protocol = cpu_to_be16(ETH_P_IP), > .hash = arp_hash, > + .key_eq = arp_key_eq, > .constructor = arp_constructor, > .proxy_redo = parp_redo, > .id = "arp_cache", > @@ -209,7 +211,12 @@ static u32 arp_hash(const void *pkey, > const struct net_device *dev, > __u32 *hash_rnd) > { > - return arp_hashfn(*(u32 *)pkey, dev, *hash_rnd); > + return arp_hashfn(pkey, dev, hash_rnd); > +} > + > +static bool arp_key_eq(const struct neighbour *neigh, const void *pkey) > +{ > + return neigh_key_eq32(neigh, pkey); > } > > static int arp_constructor(struct neighbour *neigh) > diff --git a/net/ipv6/ndisc.c b/net/ipv6/ndisc.c > index e363bbc2420d..247ad7c298f7 100644 > --- a/net/ipv6/ndisc.c > +++ b/net/ipv6/ndisc.c > @@ -84,6 +84,7 @@ do { \ > static u32 ndisc_hash(const void *pkey, > const struct net_device *dev, > __u32 *hash_rnd); > +static bool ndisc_key_eq(const struct neighbour *neigh, const void *pkey); > static int ndisc_constructor(struct neighbour *neigh); > static void ndisc_solicit(struct neighbour *neigh, struct sk_buff *skb); > static void ndisc_error_report(struct neighbour *neigh, struct sk_buff *skb); > @@ -119,6 +120,7 @@ struct neigh_table nd_tbl = { > .key_len = sizeof(struct in6_addr), > .protocol = cpu_to_be16(ETH_P_IPV6), > .hash = ndisc_hash, > + .key_eq = ndisc_key_eq, > .constructor = ndisc_constructor, > .pconstructor = pndisc_constructor, > .pdestructor = pndisc_destructor, > @@ -295,6 +297,11 @@ static u32 ndisc_hash(const void *pkey, > return ndisc_hashfn(pkey, dev, hash_rnd); > } > > +static bool ndisc_key_eq(const struct neighbour *n, const void *pkey) > +{ > + return neigh_key_eq128(n, pkey); > +} > + > static int ndisc_constructor(struct neighbour *neigh) > { > struct in6_addr *addr = (struct in6_addr *)&neigh->primary_key; > -- > 2.2.1 > > -- > To unsubscribe from this list: send the line "unsubscribe netdev" in > the body of a message to majordomo@...r.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists