| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Feb 2022 10:22:17 +0100
From: Hans Schultz <schultz.hans@...il.com>
To: Nikolay Aleksandrov <razor@...ckwall.org>,
Hans Schultz <schultz.hans@...il.com>, davem@...emloft.net,
kuba@...nel.org
Cc: netdev@...r.kernel.org, Hans Schultz <schultz.hans+lkml@...il.com>,
Roopa Prabhu <roopa@...dia.com>,
Nikolay Aleksandrov <nikolay@...dia.com>,
bridge@...ts.linux-foundation.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net-next v2 5/5] net: bridge: Refactor bridge port in
locked mode to use jump labels
On tor, feb 10, 2022 at 10:31, Nikolay Aleksandrov <razor@...ckwall.org> wrote:
> On 09/02/2022 15:05, Hans Schultz wrote:
>> From: Hans Schultz <schultz.hans+lkml@...il.com>
>>
>> As the locked mode feature is in the hot path of the bridge modules
>> reception of packets, it needs to be refactored to use jump labels
>> for optimization.
>>
>> Signed-off-by: Hans Schultz <schultz.hans+lkml@...il.com>
>> Signed-off-by: Hans Schultz <schultz.hans+netdev@...il.com>
>> ---
>
> Why two (almost) identical sign-offs?
Ups, a mistake...
>
> Also, as Ido mentioned, please fold this patch into patch 01.
>
>> net/bridge/br_input.c | 22 ++++++++++++++++++----
>> net/bridge/br_netlink.c | 6 ++++++
>> net/bridge/br_private.h | 2 ++
>> 3 files changed, 26 insertions(+), 4 deletions(-)
>>
>> diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c
>> index 469e3adbce07..6fc428d6bac5 100644
>> --- a/net/bridge/br_input.c
>> +++ b/net/bridge/br_input.c
>> @@ -23,6 +23,18 @@
>> #include "br_private.h"
>> #include "br_private_tunnel.h"
>>
>> +static struct static_key_false br_input_locked_port_feature;
>> +
>> +void br_input_locked_port_add(void)
>> +{
>> + static_branch_inc(&br_input_locked_port_feature);
>> +}
>> +
>> +void br_input_locked_port_remove(void)
>> +{
>> + static_branch_dec(&br_input_locked_port_feature);
>> +}
>> +
>> static int
>> br_netif_receive_skb(struct net *net, struct sock *sk, struct sk_buff *skb)
>> {
>> @@ -91,10 +103,12 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb
>> &state, &vlan))
>> goto out;
>>
>> - if (p->flags & BR_PORT_LOCKED) {
>> - fdb_entry = br_fdb_find_rcu(br, eth_hdr(skb)->h_source, vid);
>> - if (!(fdb_entry && fdb_entry->dst == p))
>> - goto drop;
>> + if (static_branch_unlikely(&br_input_locked_port_feature)) {
>> + if (p->flags & BR_PORT_LOCKED) {
>> + fdb_entry = br_fdb_find_rcu(br, eth_hdr(skb)->h_source, vid);
>> + if (!(fdb_entry && fdb_entry->dst == p))
>> + goto drop;
>> + }
>> }
>>
>> nbp_switchdev_frame_mark(p, skb);
>> diff --git a/net/bridge/br_netlink.c b/net/bridge/br_netlink.c
>> index 7d4432ca9a20..e3dbe9fed75c 100644
>> --- a/net/bridge/br_netlink.c
>> +++ b/net/bridge/br_netlink.c
>> @@ -860,6 +860,7 @@ static int br_set_port_state(struct net_bridge_port *p, u8 state)
>> static void br_set_port_flag(struct net_bridge_port *p, struct nlattr *tb[],
>> int attrtype, unsigned long mask)
>> {
>> + bool locked = p->flags & BR_PORT_LOCKED;
>> if (!tb[attrtype])
>> return;
>>
>> @@ -867,6 +868,11 @@ static void br_set_port_flag(struct net_bridge_port *p, struct nlattr *tb[],
>> p->flags |= mask;
>> else
>> p->flags &= ~mask;
>> +
>> + if ((p->flags & BR_PORT_LOCKED) && !locked)
>> + br_input_locked_port_add();
>> + if (!(p->flags & BR_PORT_LOCKED) && locked)
>> + br_input_locked_port_remove();
>> }
>>
>> /* Process bridge protocol info on port */
>> diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h
>> index 2661dda1a92b..0ec3ef897978 100644
>> --- a/net/bridge/br_private.h
>> +++ b/net/bridge/br_private.h
>> @@ -832,6 +832,8 @@ void br_manage_promisc(struct net_bridge *br);
>> int nbp_backup_change(struct net_bridge_port *p, struct net_device *backup_dev);
>>
>> /* br_input.c */
>> +void br_input_locked_port_add(void);
>> +void br_input_locked_port_remove(void);
>> int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb);
>> rx_handler_func_t *br_get_rx_handler(const struct net_device *dev);
>>
Powered by blists - more mailing lists