| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m2msihiou0.fsf@chopps.org>
Date: Sat, 02 Nov 2024 16:26:35 +0000
From: Christian Hopps <chopps@...pps.org>
To: Steffen Klassert <steffen.klassert@...unet.com>
Cc: Christian Hopps <chopps@...pps.org>, devel@...ux-ipsec.org,
netdev@...r.kernel.org, Florian Westphal <fw@...len.de>, Sabrina Dubroca
<sd@...asysnail.net>, Simon Horman <horms@...nel.org>, Antony Antony
<antony@...nome.org>, Christian Hopps <chopps@...n.net>
Subject: Re: [PATCH ipsec-next v12 14/16] xfrm: iptfs: add skb-fragment
sharing code
Steffen Klassert <steffen.klassert@...unet.com> writes:
> On Mon, Oct 07, 2024 at 09:59:26AM -0400, Christian Hopps wrote:
>> From: Christian Hopps <chopps@...n.net>
>>
>> Avoid copying the inner packet data by sharing the skb data fragments
>> from the output packet skb into new inner packet skb.
>>
>> Signed-off-by: Christian Hopps <chopps@...n.net>
>> ---
>> net/xfrm/xfrm_iptfs.c | 312 ++++++++++++++++++++++++++++++++++++++++--
>> 1 file changed, 304 insertions(+), 8 deletions(-)
>>
>> diff --git a/net/xfrm/xfrm_iptfs.c b/net/xfrm/xfrm_iptfs.c
>> index 4c95656d7492..ef4c23159471 100644
>> --- a/net/xfrm/xfrm_iptfs.c
>> +++ b/net/xfrm/xfrm_iptfs.c
>> @@ -81,6 +81,9 @@
>> #define XFRM_IPTFS_MIN_L3HEADROOM 128
>> #define XFRM_IPTFS_MIN_L2HEADROOM (L1_CACHE_BYTES > 64 ? 64 : 64 + 16)
>>
>> +/* Min to try to share outer iptfs skb data vs copying into new skb */
>> +#define IPTFS_PKT_SHARE_MIN 129
>> +
>> #define NSECS_IN_USEC 1000
>>
>> #define IPTFS_HRTIMER_MODE HRTIMER_MODE_REL_SOFT
>> @@ -236,10 +239,261 @@ static void iptfs_skb_head_to_frag(const struct sk_buff *skb, skb_frag_t *frag)
>> skb_frag_fill_page_desc(frag, page, skb->data - addr, skb_headlen(skb));
>> }
>>
>> +/**
>> + * struct iptfs_skb_frag_walk - use to track a walk through fragments
>> + * @fragi: current fragment index
>> + * @past: length of data in fragments before @fragi
>> + * @total: length of data in all fragments
>> + * @nr_frags: number of fragments present in array
>> + * @initial_offset: the value passed in to skb_prepare_frag_walk()
>> + * @pp_recycle: copy of skb->pp_recycle
>> + * @frags: the page fragments inc. room for head page
>> + */
>> +struct iptfs_skb_frag_walk {
>> + u32 fragi;
>> + u32 past;
>> + u32 total;
>> + u32 nr_frags;
>> + u32 initial_offset;
>> + bool pp_recycle;
>
> This boll creates a 3 byte hole. Better to put it to the end.
Moved.
Thanks,
Chris.
>> + skb_frag_t frags[MAX_SKB_FRAGS + 1];
>> +};
Download attachment "signature.asc" of type "application/pgp-signature" (858 bytes)
Powered by blists - more mailing lists