lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <m2msihiou0.fsf@chopps.org>
Date: Sat, 02 Nov 2024 16:26:35 +0000
From: Christian Hopps <chopps@...pps.org>
To: Steffen Klassert <steffen.klassert@...unet.com>
Cc: Christian Hopps <chopps@...pps.org>, devel@...ux-ipsec.org,
 netdev@...r.kernel.org, Florian Westphal <fw@...len.de>, Sabrina Dubroca
 <sd@...asysnail.net>, Simon Horman <horms@...nel.org>, Antony Antony
 <antony@...nome.org>, Christian Hopps <chopps@...n.net>
Subject: Re: [PATCH ipsec-next v12 14/16] xfrm: iptfs: add skb-fragment
 sharing code


Steffen Klassert <steffen.klassert@...unet.com> writes:

> On Mon, Oct 07, 2024 at 09:59:26AM -0400, Christian Hopps wrote:
>> From: Christian Hopps <chopps@...n.net>
>>
>> Avoid copying the inner packet data by sharing the skb data fragments
>> from the output packet skb into new inner packet skb.
>>
>> Signed-off-by: Christian Hopps <chopps@...n.net>
>> ---
>>  net/xfrm/xfrm_iptfs.c | 312 ++++++++++++++++++++++++++++++++++++++++--
>>  1 file changed, 304 insertions(+), 8 deletions(-)
>>
>> diff --git a/net/xfrm/xfrm_iptfs.c b/net/xfrm/xfrm_iptfs.c
>> index 4c95656d7492..ef4c23159471 100644
>> --- a/net/xfrm/xfrm_iptfs.c
>> +++ b/net/xfrm/xfrm_iptfs.c
>> @@ -81,6 +81,9 @@
>>  #define XFRM_IPTFS_MIN_L3HEADROOM 128
>>  #define XFRM_IPTFS_MIN_L2HEADROOM (L1_CACHE_BYTES > 64 ? 64 : 64 + 16)
>>
>> +/* Min to try to share outer iptfs skb data vs copying into new skb */
>> +#define IPTFS_PKT_SHARE_MIN 129
>> +
>>  #define NSECS_IN_USEC 1000
>>
>>  #define IPTFS_HRTIMER_MODE HRTIMER_MODE_REL_SOFT
>> @@ -236,10 +239,261 @@ static void iptfs_skb_head_to_frag(const struct sk_buff *skb, skb_frag_t *frag)
>>  	skb_frag_fill_page_desc(frag, page, skb->data - addr, skb_headlen(skb));
>>  }
>>
>> +/**
>> + * struct iptfs_skb_frag_walk - use to track a walk through fragments
>> + * @fragi: current fragment index
>> + * @past: length of data in fragments before @fragi
>> + * @total: length of data in all fragments
>> + * @nr_frags: number of fragments present in array
>> + * @initial_offset: the value passed in to skb_prepare_frag_walk()
>> + * @pp_recycle: copy of skb->pp_recycle
>> + * @frags: the page fragments inc. room for head page
>> + */
>> +struct iptfs_skb_frag_walk {
>> +	u32 fragi;
>> +	u32 past;
>> +	u32 total;
>> +	u32 nr_frags;
>> +	u32 initial_offset;
>> +	bool pp_recycle;
>
> This boll creates a 3 byte hole. Better to put it to the end.

Moved.

Thanks,
Chris.

>> +	skb_frag_t frags[MAX_SKB_FRAGS + 1];
>> +};

Download attachment "signature.asc" of type "application/pgp-signature" (858 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ