lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 15 Feb 2023 09:37:09 -0500
From:   Willem de Bruijn <willemb@...gle.com>
To:     Florian Westphal <fw@...len.de>
Cc:     Jakub Kicinski <kuba@...nel.org>, davem@...emloft.net,
        netdev@...r.kernel.org, edumazet@...gle.com, pabeni@...hat.com
Subject: Re: [RFC] net: skbuff: let struct skb_ext live inside the head

On Wed, Feb 15, 2023 at 4:43 AM Florian Westphal <fw@...len.de> wrote:
>
> Jakub Kicinski <kuba@...nel.org> wrote:
> > This is a bit more crazy than the previous patch. For drivers
> > which already use build_skb() it's relatively easy to add more
> > space to the shinfo. Use this approach to place skb_ext inside
> > the head. No allocation needed.
> >
> > This approach is a bit slower in trivial benchmarks than the recycling
> > because it requires extra cache line accesses (12.1% loss, ->18.6Gbps).
> >
> > In-place skb_ext may be shorter than a full skb_ext object.
> > The driver only reserves space for exts it may use.
> > Any later addition will reallocate the space via CoW,
> > abandoning the in-place skb_ext and copying the data to
> > a full slab object.
>
> I think the cleaner solution would be to move the new extension ids
> into sk_buff itself (at the end, uninitialized data unless used).

Grow struct sk_buff?

> Those extensions would always reside there and not in the slab object.
> Obviously that only makes sense for extensions where we assume
> that typical workload will require them, which might be a hard call to
> make.
>
> I concur with Paolo that the napi-caching is nicer/less intrusive,
> I think we have to wait and see if it helps with psp (async crypto
> needed?) when it lands.

How much data does psp need? The google version [1] embeds structs
psp_skb, which may include a 256b key. If on tx the key is looked up
from skb->sk, then on rx the only truly required field is the 32-bit
SPI, to match a decrypted packet's session key to the socket. With a
pointer hack on the lowest bits of skb->extensions such a tiny
extension could perhaps be embedded in the pointer field itself.

https://github.com/google/psp/blob/linux-v5.15-psp-v1.0/include/net/psp_defs.h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ