lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 21 Jul 2021 18:44:32 +0200
From:   Paolo Abeni <>
Cc:     "David S. Miller" <>,
        Jakub Kicinski <>,
        Florian Westphal <>,
        Eric Dumazet <>,,
Subject: [PATCH RFC 0/9] sk_buff: optimize layout for GRO

This is a very early draft - in a different world would be
replaced by hallway discussion at in-person conference - aimed at
outlining some ideas and collect feedback on the overall outlook.
There are still bugs to be fixed, more test and benchmark need, etc.

There are 3 main goals:
- [try to] avoid the overhead for uncommon conditions at GRO time
  (patches 1-4)
- enable backpressure for the veth GRO path (patches 5-6)
- reduce the number of cacheline used by the sk_buff lifecycle
  from 4 to 3, at least in some common scenarios (patches 1,7-9).
  The idea here is avoid the initialization of some fields and
  control their validity with a bitmask, as presented by at least
  Florian and Jesper in the past.

The above requires a bit of code churn in some places and, yes,
a few new bits in the sk_buff struct (using some existing holes)

Paolo Abeni (9):
  sk_buff: track nfct status in newly added skb->_state
  sk_buff: track dst status in skb->_state
  sk_buff: move the active_extensions into the state bitfield
  net: optimize GRO for the common case.
  skbuff: introduce has_sk state bit.
  veth: use skb_prepare_for_gro()
  sk_buff: move inner header fields after tail
  sk_buff: move vlan field after tail.
  sk_buff: access secmark via getter/setter

 drivers/net/veth.c               |   2 +-
 include/linux/skbuff.h           | 117 ++++++++++++++++++++++---------
 include/net/dst.h                |   3 +
 include/net/sock.h               |   9 +++
 net/core/dev.c                   |  31 +++++---
 net/core/skbuff.c                |  40 +++++++----
 net/netfilter/nfnetlink_queue.c  |   6 +-
 net/netfilter/nft_meta.c         |   6 +-
 net/netfilter/xt_CONNSECMARK.c   |   8 +--
 net/netfilter/xt_SECMARK.c       |   2 +-
 security/apparmor/lsm.c          |  15 ++--
 security/selinux/hooks.c         |  10 +--
 security/smack/smack_lsm.c       |   4 +-
 security/smack/smack_netfilter.c |   4 +-
 14 files changed, 175 insertions(+), 82 deletions(-)


Powered by blists - more mailing lists