lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <c32d7b7c-3dd3-2d75-5f9a-e356f1fc7732@mojatatu.com>
Date:   Mon, 2 Jan 2017 11:09:57 -0500
From:   Jamal Hadi Salim <jhs@...atatu.com>
To:     Willem de Bruijn <willemdebruijn.kernel@...il.com>,
        netdev@...r.kernel.org
Cc:     davem@...emloft.net, fw@...len.de, dborkman@...earbox.net,
        alexei.starovoitov@...il.com,
        Willem de Bruijn <willemb@...gle.com>,
        Roman Mashak <mrv@...atatu.com>,
        Hannes Frederic Sowa <hannes@...essinduktion.org>,
        Shmulik Ladkani <shmulik.ladkani@...il.com>
Subject: Re: [PATCH net-next rfc 0/6] convert tc_verd to integer bitfields

And a happy new year netdev.
No objections to new year resolution of slimming the skb.
But: i am still concerned about the recursion that getting rid of
some of these bits could embolden. i.e my suggestion was infact to
restore some of those bits taken away by Florian after the ingress
redirect patches from Shmulik.

The possibilities are: egress->egress, egress->ingress,
ingress->egress, ingress->ingress. The suggestion was
xmit_recursion with some skb magic would suffice.
Hannes promised around last netdevconf that he has a scheme to solve
it without using any extra skb state.

cheers,
jamal

On 16-12-28 02:13 PM, Willem de Bruijn wrote:
> From: Willem de Bruijn <willemb@...gle.com>
>
> The skb tc_verd field takes up two bytes but uses far fewer bits.
> Convert the remaining use cases to bitfields that fit in existing
> holes (depending on config options) and potentially save the two
> bytes in struct sk_buff.
>
> This patchset is based on an earlier set by Florian Westphal and its
> discussion (http://www.spinics.net/lists/netdev/msg329181.html).
>
> Patches 1 and 2 are low hanging fruit: removing the last traces of
>   data that are no longer stored in tc_verd.
>
> Patches 3 and 4 convert tc_verd to individual bitfields (5 bits).
>
> Patch 5 reduces TC_AT to a single bitfield,
>   as AT_STACK is not valid here (unlike in the case of TC_FROM).
>
> Patch 6 changes TC_FROM to two bitfields with clearly defined purpose.
>
> It may be possible to reduce storage further after this initial round.
> If tc_skip_classify is set only by IFB, testing skb_iif may suffice.
> The L2 header pushing/popping logic can perhaps be shared with
> AF_PACKET, which currently not pkt_type for the same purpose.
>
> Tested ingress mirred + netem + ifb:
>
>   ip link set dev ifb0 up
>   tc qdisc add dev eth0 ingress
>   tc filter add dev eth0 parent ffff: \
>     u32 match ip dport 8000 0xffff \
>     action mirred egress redirect dev ifb0
>   tc qdisc add dev ifb0 root netem delay 1000ms
>   nc -u -l 8000 &
>   ssh $otherhost nc -u $host 8000
>
> Tested egress mirred:
>
>   ip link add veth1 type veth peer name veth2
>   ip link set dev veth1 up
>   ip link set dev veth2 up
>   tcpdump -n -i veth2 udp and dst port 8000 &
>
>   tc qdisc add dev eth0 root handle 1: prio
>   tc filter add dev eth0 parent 1:0 \
>     u32 match ip dport 8000 0xffff \
>     action mirred egress redirect dev veth1
>   tc qdisc add dev veth1 root netem delay 1000ms
>   nc -u $otherhost 8000
>
> Willem de Bruijn (6):
>   net-tc: remove unused tc_verd fields
>   net-tc: make MAX_RECLASSIFY_LOOP local
>   net-tc: extract skip classify bit from tc_verd
>   net-tc: convert tc_verd to integer bitfields
>   net-tc: convert tc_at to tc_at_ingress
>   net-tc: convert tc_from to tc_from_ingress and tc_redirected
>
>  drivers/net/ifb.c                    | 16 ++++-------
>  drivers/staging/octeon/ethernet-tx.c |  5 ++--
>  include/linux/skbuff.h               | 15 ++++++----
>  include/net/sch_generic.h            | 20 ++++++++++++-
>  include/uapi/linux/pkt_cls.h         | 55 ------------------------------------
>  net/core/dev.c                       | 20 ++++---------
>  net/core/pktgen.c                    |  4 +--
>  net/core/skbuff.c                    |  3 --
>  net/sched/act_api.c                  |  8 ++----
>  net/sched/act_ife.c                  |  7 ++---
>  net/sched/act_mirred.c               | 21 +++++++-------
>  net/sched/sch_api.c                  |  4 ++-
>  net/sched/sch_netem.c                |  2 +-
>  13 files changed, 64 insertions(+), 116 deletions(-)
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ