lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8e6b83b3-c986-4d6e-b61a-363e13bf1ddc@yahoo.com>
Date: Tue, 9 Sep 2025 16:43:01 +0200
From: Marek Mietus <mmietus97@...oo.com>
To: Antonio Quartulli <antonio@...nvpn.net>, netdev@...r.kernel.org
Cc: openvpn-devel@...ts.sourceforge.net
Subject: Re: [PATCH net-next 0/3] net: tunnel: introduce noref xmit flows for
 tunnels

W dniu 9/9/25 o 13:17, Antonio Quartulli pisze:
> On 09/09/2025 07:43, Marek Mietus wrote:
>> Currently, all xmit flows use dst_cache in a way that references
>> its dst_entry for each xmitted packet. These atomic operations
>> are redundant in some flows.
> 
> Can you elaborate on the current limits/drawbacks and explain what we gain with this new approach?
> 
> It may be obvious for some, but it's not for me.
> 

The only difference with the new approach is that we avoid taking an unnecessary
reference on dst_entry. This is possible since the entire flow is protected by RCU.
This change reduces an atomic write operation on every xmit, resulting in a performance
improvement.

There are other flows in the kernel where a similar approach is used (e.g. __ip_queue_xmit
uses skb_dst_set_noref).

> Also it sounded as if more tunnels were affected, but in the end only ovpn is being changed.
> Does it mean all other tunnels don't need this?
> 

More tunneling code can be updated to utilize these new helpers. I only worked
on OpenVPN, as I am more familiar with it. It was very easy to implement the
changes in OpenVPN because it doesn't use the udp_tunnel_dst_lookup helper
that adds some complexity.

I hope to incorporate these changes in more tunnels in the future.

> 
> Regards,
> 
>>
>> This patchset introduces new noref xmit helpers, and incorporates
>> them in the OpenVPN driver.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ