| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 28 Dec 2016 14:13:24 -0500
From: Willem de Bruijn <willemdebruijn.kernel@...il.com>
To: netdev@...r.kernel.org
Cc: davem@...emloft.net, fw@...len.de, dborkman@...earbox.net,
jhs@...atatu.com, alexei.starovoitov@...il.com,
Willem de Bruijn <willemb@...gle.com>
Subject: [PATCH net-next rfc 0/6] convert tc_verd to integer bitfields
From: Willem de Bruijn <willemb@...gle.com>
The skb tc_verd field takes up two bytes but uses far fewer bits.
Convert the remaining use cases to bitfields that fit in existing
holes (depending on config options) and potentially save the two
bytes in struct sk_buff.
This patchset is based on an earlier set by Florian Westphal and its
discussion (http://www.spinics.net/lists/netdev/msg329181.html).
Patches 1 and 2 are low hanging fruit: removing the last traces of
data that are no longer stored in tc_verd.
Patches 3 and 4 convert tc_verd to individual bitfields (5 bits).
Patch 5 reduces TC_AT to a single bitfield,
as AT_STACK is not valid here (unlike in the case of TC_FROM).
Patch 6 changes TC_FROM to two bitfields with clearly defined purpose.
It may be possible to reduce storage further after this initial round.
If tc_skip_classify is set only by IFB, testing skb_iif may suffice.
The L2 header pushing/popping logic can perhaps be shared with
AF_PACKET, which currently not pkt_type for the same purpose.
Tested ingress mirred + netem + ifb:
ip link set dev ifb0 up
tc qdisc add dev eth0 ingress
tc filter add dev eth0 parent ffff: \
u32 match ip dport 8000 0xffff \
action mirred egress redirect dev ifb0
tc qdisc add dev ifb0 root netem delay 1000ms
nc -u -l 8000 &
ssh $otherhost nc -u $host 8000
Tested egress mirred:
ip link add veth1 type veth peer name veth2
ip link set dev veth1 up
ip link set dev veth2 up
tcpdump -n -i veth2 udp and dst port 8000 &
tc qdisc add dev eth0 root handle 1: prio
tc filter add dev eth0 parent 1:0 \
u32 match ip dport 8000 0xffff \
action mirred egress redirect dev veth1
tc qdisc add dev veth1 root netem delay 1000ms
nc -u $otherhost 8000
Willem de Bruijn (6):
net-tc: remove unused tc_verd fields
net-tc: make MAX_RECLASSIFY_LOOP local
net-tc: extract skip classify bit from tc_verd
net-tc: convert tc_verd to integer bitfields
net-tc: convert tc_at to tc_at_ingress
net-tc: convert tc_from to tc_from_ingress and tc_redirected
drivers/net/ifb.c | 16 ++++-------
drivers/staging/octeon/ethernet-tx.c | 5 ++--
include/linux/skbuff.h | 15 ++++++----
include/net/sch_generic.h | 20 ++++++++++++-
include/uapi/linux/pkt_cls.h | 55 ------------------------------------
net/core/dev.c | 20 ++++---------
net/core/pktgen.c | 4 +--
net/core/skbuff.c | 3 --
net/sched/act_api.c | 8 ++----
net/sched/act_ife.c | 7 ++---
net/sched/act_mirred.c | 21 +++++++-------
net/sched/sch_api.c | 4 ++-
net/sched/sch_netem.c | 2 +-
13 files changed, 64 insertions(+), 116 deletions(-)
--
2.8.0.rc3.226.g39d4020
Powered by blists - more mailing lists