| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <c5929461-8da5-4c77-bf3d-796c7645d7f9@hartkopp.net>
Date: Tue, 3 Feb 2026 20:19:31 +0100
From: Oliver Hartkopp <socketcan@...tkopp.net>
To: Paolo Abeni <pabeni@...hat.com>, Florian Westphal <fw@...len.de>,
Marc Kleine-Budde <mkl@...gutronix.de>, Vincent Mailhol
<mailhol@...nel.org>, Robin van der Gracht <robin@...tonic.nl>,
Oleksij Rempel <o.rempel@...gutronix.de>, kernel@...gutronix.de,
"David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>,
Jakub Kicinski <kuba@...nel.org>, Simon Horman <horms@...nel.org>
Cc: linux-can@...r.kernel.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, kernel test robot <lkp@...el.com>
Subject: Re: [PATCH net-next v8 0/6] move CAN skb headroom content to skb
extensions
Hello Paolo,
On 03.02.26 15:40, Paolo Abeni wrote:
> On 2/1/26 3:33 PM, Oliver Hartkopp via B4 Relay wrote:
>> CAN bus related skbuffs (ETH_P_CAN/ETH_P_CANFD/ETH_P_CANXL) simply contain
>> CAN frame structs for CAN CC/FD/XL of skb->len length at skb->data. Those
>> CAN skbs do not have network/mac/transport headers nor other such
>> references for encapsulated protocols like ethernet/IP protocols.
>>
>> To store data for CAN specific use-cases all CAN bus related skbuffs are
>> created with a 16 byte private skb headroom (struct can_skb_priv). Using
>> the skb headroom and accessing skb->head for this private data led to
>> several problems in the past likely due to "The struct can_skb_priv
>> business is highly unconventional for the networking stack." [1]
>>
>> This patch set aims to remove the unconventional skb headroom usage for CAN
>> bus related skbuffs and use the common skb extensions instead.
>>
>> [1] https://lore.kernel.org/linux-can/20260104074222.29e660ac@kernel.org/
>
> Could you please share how skb_ext size change with this series?
> (possibly breaking down the actual size to each separate extension).
>
> Ideally/hopefully the skbuff_ext_cache size is not going to change, and
> that would ensure that this change will not cause any indirect regressions.
>
> /P
I'm not really sure what your question is about and how I could actively
change the impact of this series.
When CONFIG_CAN is enabled the skbuff_ext_cache element would increase
in size by 8 bytes (sizeof(struct can_skb_ext)) on my machine (see
pahole output below).
So when everything is enabled it would be
CONFIG_SKB_EXTENSIONS
8 bytes sizeof(struct skb_ext)
CONFIG_BRIDGE_NETFILTER
32 bytes sizeof(struct nf_bridge_info)
CONFIG_XFRM
88 bytes sizeof(struct sec_path)
CONFIG_NET_TC_SKB_EXT
16 bytes sizeof(struct tc_skb_ext)
CONFIG_MPTCP
32 bytes sizeof(struct mptcp_ext)
CONFIG_MCTP_FLOWS
8 bytes sizeof(struct mctp_flow)
CONFIG_INET_PSP
8 bytes sizeof(struct psp_skb_ext)
CONFIG_CAN
8 bytes sizeof(struct can_skb_ext)
---------
200 bytes total skbuff_ext_cache element size
(255 * 8 = 2040 bytes max space for skb extension users).
Does this answer your question?
Best regards,
Oliver
static const u8 skb_ext_type_len[] = {
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
[SKB_EXT_BRIDGE_NF] = SKB_EXT_CHUNKSIZEOF(struct nf_bridge_info),
#endif
#ifdef CONFIG_XFRM
[SKB_EXT_SEC_PATH] = SKB_EXT_CHUNKSIZEOF(struct sec_path),
#endif
#if IS_ENABLED(CONFIG_NET_TC_SKB_EXT)
[TC_SKB_EXT] = SKB_EXT_CHUNKSIZEOF(struct tc_skb_ext),
#endif
#if IS_ENABLED(CONFIG_MPTCP)
[SKB_EXT_MPTCP] = SKB_EXT_CHUNKSIZEOF(struct mptcp_ext),
#endif
#if IS_ENABLED(CONFIG_MCTP_FLOWS)
[SKB_EXT_MCTP] = SKB_EXT_CHUNKSIZEOF(struct mctp_flow),
#endif
#if IS_ENABLED(CONFIG_INET_PSP)
[SKB_EXT_PSP] = SKB_EXT_CHUNKSIZEOF(struct psp_skb_ext),
#endif
#if IS_ENABLED(CONFIG_CAN)
[SKB_EXT_CAN] = SKB_EXT_CHUNKSIZEOF(struct can_skb_ext),
#endif
};
CONFIG_SKB_EXTENSIONS
struct skb_ext {
refcount_t refcnt; /* 0 4 */
u8 offset[3]; /* 4 3 */
u8 chunks; /* 7 1 */
char data[]
__attribute__((__aligned__(8))); /* 8 0 */
/* size: 8, cachelines: 1, members: 4 */
/* forced alignments: 1 */
/* last cacheline: 8 bytes */
} __attribute__((__aligned__(8)));
CONFIG_BRIDGE_NETFILTER
struct nf_bridge_info {
enum {
BRNF_PROTO_UNCHANGED = 0,
BRNF_PROTO_8021Q = 1,
BRNF_PROTO_PPPOE = 2,
} orig_proto:8; /* 0: 0
4 */
/* Bitfield combined with next fields */
u8 pkt_otherhost:1; /* 1: 0 1 */
u8 in_prerouting:1; /* 1: 1 1 */
u8 bridged_dnat:1; /* 1: 2 1 */
u8 sabotage_in_done:1; /* 1: 3 1 */
/* XXX 4 bits hole, try to pack */
__u16 frag_max_size; /* 2 2 */
int physinif; /* 4 4 */
struct net_device * physoutdev; /* 8 8 */
union {
__be32 ipv4_daddr; /* 16 4 */
struct in6_addr ipv6_daddr; /* 16 16 */
char neigh_header[8]; /* 16 8 */
}; /* 16 16 */
/* size: 32, cachelines: 1, members: 9 */
/* sum members: 30 */
/* sum bitfield members: 12 bits, bit holes: 1, sum bit holes:
4 bits */
/* last cacheline: 32 bytes */
};
CONFIG_XFRM
struct sec_path {
int len; /* 0 4 */
int olen; /* 4 4 */
int verified_cnt; /* 8 4 */
/* XXX 4 bytes hole, try to pack */
struct xfrm_state * xvec[6]; /* 16 48 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct xfrm_offload ovec[1]; /* 64 24 */
/* size: 88, cachelines: 2, members: 5 */
/* sum members: 84, holes: 1, sum holes: 4 */
/* last cacheline: 24 bytes */
};
CONFIG_NET_TC_SKB_EXT
struct tc_skb_ext {
union {
u64 act_miss_cookie; /* 0 8 */
__u32 chain; /* 0 4 */
}; /* 0 8 */
__u16 mru; /* 8 2 */
__u16 zone; /* 10 2 */
u8 post_ct:1; /* 12: 0 1 */
u8 post_ct_snat:1; /* 12: 1 1 */
u8 post_ct_dnat:1; /* 12: 2 1 */
u8 act_miss:1; /* 12: 3 1 */
u8 l2_miss:1; /* 12: 4 1 */
/* size: 16, cachelines: 1, members: 8 */
/* padding: 3 */
/* bit_padding: 3 bits */
/* last cacheline: 16 bytes */
};
CONFIG_MPTCP
struct mptcp_ext {
union {
u64 data_ack; /* 0 8 */
u32 data_ack32; /* 0 4 */
}; /* 0 8 */
u64 data_seq; /* 8 8 */
u32 subflow_seq; /* 16 4 */
u16 data_len; /* 20 2 */
__sum16 csum; /* 22 2 */
u8 use_map:1; /* 24: 0 1 */
u8 dsn64:1; /* 24: 1 1 */
u8 data_fin:1; /* 24: 2 1 */
u8 use_ack:1; /* 24: 3 1 */
u8 ack64:1; /* 24: 4 1 */
u8 mpc_map:1; /* 24: 5 1 */
u8 frozen:1; /* 24: 6 1 */
u8 reset_transient:1; /* 24: 7 1 */
u8 reset_reason:4; /* 25: 0 1 */
u8 csum_reqd:1; /* 25: 4 1 */
u8 infinite_map:1; /* 25: 5 1 */
/* size: 32, cachelines: 1, members: 16 */
/* padding: 6 */
/* bit_padding: 2 bits */
/* last cacheline: 32 bytes */
};
CONFIG_MCTP_FLOWS
struct mctp_flow {
struct mctp_sk_key * key; /* 0 8 */
/* size: 8, cachelines: 1, members: 1 */
/* last cacheline: 8 bytes */
};
CONFIG_INET_PSP
struct psp_skb_ext {
__be32 spi; /* 0 4 */
u16 dev_id; /* 4 2 */
u8 generation; /* 6 1 */
u8 version; /* 7 1 */
/* size: 8, cachelines: 1, members: 4 */
/* last cacheline: 8 bytes */
};
CONFIG_CAN
struct can_skb_ext {
int can_iif; /* 0 4 */
u16 can_framelen; /* 4 2 */
u8 can_gw_hops; /* 6 1 */
u8 can_ext_flags; /* 7 1 */
/* size: 8, cachelines: 1, members: 4 */
/* last cacheline: 8 bytes */
};
Powered by blists - more mailing lists