| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 21 Sep 2023 21:08:58 +0200
From: Eric Dumazet <edumazet@...gle.com>
To: Ilya Maximets <i.maximets@....org>
Cc: netdev@...r.kernel.org, Jakub Kicinski <kuba@...nel.org>,
"David S. Miller" <davem@...emloft.net>, Paolo Abeni <pabeni@...hat.com>, linux-kernel@...r.kernel.org,
dev@...nvswitch.org, Pravin B Shelar <pshelar@....org>, Eelco Chaudron <echaudro@...hat.com>
Subject: Re: [PATCH net-next] openvswitch: reduce stack usage in do_execute_actions
On Thu, Sep 21, 2023 at 9:03 PM Ilya Maximets <i.maximets@....org> wrote:
>
> do_execute_actions() function can be called recursively multiple
> times while executing actions that require pipeline forking or
> recirculations. It may also be re-entered multiple times if the packet
> leaves openvswitch module and re-enters it through a different port.
>
> Currently, there is a 256-byte array allocated on stack in this
> function that is supposed to hold NSH header. Compilers tend to
> pre-allocate that space right at the beginning of the function:
>
> a88: 48 81 ec b0 01 00 00 sub $0x1b0,%rsp
>
> NSH is not a very common protocol, but the space is allocated on every
> recursive call or re-entry multiplying the wasted stack space.
>
> Move the stack allocation to push_nsh() function that is only used
> if NSH actions are actually present. push_nsh() is also a simple
> function without a possibility for re-entry, so the stack is returned
> right away.
>
> With this change the preallocated space is reduced by 256 B per call:
>
> b18: 48 81 ec b0 00 00 00 sub $0xb0,%rsp
>
> Signed-off-by: Ilya Maximets <i.maximets@....org>
> ---
> net/openvswitch/actions.c | 20 +++++++++-----------
> 1 file changed, 9 insertions(+), 11 deletions(-)
>
> diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c
> index 5f8094acd056..80cc5c512d7b 100644
> --- a/net/openvswitch/actions.c
> +++ b/net/openvswitch/actions.c
> @@ -312,10 +312,16 @@ static int push_eth(struct sk_buff *skb, struct sw_flow_key *key,
> }
>
> static int push_nsh(struct sk_buff *skb, struct sw_flow_key *key,
> - const struct nshhdr *nh)
> + const struct nlattr *a)
Presumably this function should be inlined. (one caller only)
I would add noinline_for_stack to make sure the compiler will not play
games with this attempt.
> {
> + u8 buffer[NSH_HDR_MAX_LEN];
> + struct nshhdr *nh = (struct nshhdr *)buffer;
> int err;
>
> + err = nsh_hdr_from_nlattr(a, nh, NSH_HDR_MAX_LEN);
> + if (err)
> + return err;
> +
> err = nsh_push(skb, nh);
> if (err)
> return err;
> @@ -1439,17 +1445,9 @@ static int do_execute_actions(struct datapath *dp, struct sk_buff *skb,
> err = pop_eth(skb, key);
> break;
>
> - case OVS_ACTION_ATTR_PUSH_NSH: {
> - u8 buffer[NSH_HDR_MAX_LEN];
> - struct nshhdr *nh = (struct nshhdr *)buffer;
> -
> - err = nsh_hdr_from_nlattr(nla_data(a), nh,
> - NSH_HDR_MAX_LEN);
> - if (unlikely(err))
> - break;
> - err = push_nsh(skb, key, nh);
> + case OVS_ACTION_ATTR_PUSH_NSH:
> + err = push_nsh(skb, key, nla_data(a));
> break;
> - }
>
> case OVS_ACTION_ATTR_POP_NSH:
> err = pop_nsh(skb, key);
> --
> 2.41.0
>
Powered by blists - more mailing lists