lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251112072720.5076-1-mmietus97@yahoo.com>
Date: Wed, 12 Nov 2025 08:27:06 +0100
From: Marek Mietus <mmietus97@...oo.com>
To: netdev@...r.kernel.org,
	sd@...asysnail.net,
	kuba@...nel.org
Cc: Marek Mietus <mmietus97@...oo.com>
Subject: [PATCH net-next v4 00/14] net: tunnel: introduce noref xmit flows for tunnels

Currently, tunnel xmit flows always take a reference on the dst_entry
for each xmitted packet. These atomic operations are redundant in some
flows.

This patchset introduces the infrastructure required for converting
the tunnel xmit flows to noref, and converts them where possible.

A new opaque type "dstref_t" is introduced. It represents a potentially
noref pointer to a dst_entry.
This allows for noref flows while still allowing the original referenced
flows in cases where noref can't be used.

Additionally, RCU variants for dst cache helpers are introduced,
since most tunnels rely on dst cache for dst resolution.

These changes improve tunnel performance, since less atomic operations
are used.

There are already noref optimizations in both ipv4 and ip6.
(See __ip_queue_xmit, inet6_csk_xmit)
This patchset implements similar optimizations in ip and udp tunnels.

Benchmarks:
I used a vxlan tunnel over a pair of veth peers and measured the average
throughput over multiple samples.

I ran 100 samples on a clean build, and another 100 on a patched
build. Each sample ran for 120 seconds. These were my results:

clean:      70.31 mb/sec, stddev = 1.63
patched:    73.13 mb/sec, stddev = 1.28

TL;DR - This patchset results in a 4% improvement in throughput for
vxlan. It's safe to assume that we might see similar results when testing
other tunnels.

Changes in v4:
 - Added the dst_cache_get_rcu function
 - Implemented the dstref object and used it to implement noref xmit flows
 - Converted all tunnels to use noref xmit flows
 - Fixed formatting of comments in dst_cache.h
 - Reworded some messages

Link to v3: https://lore.kernel.org/netdev/20250922110622.10368-1-mmietus97@yahoo.com/

Marek Mietus (14):
  net: dst: implement dstref object
  net: skb: use dstref for storing dst entry
  net: skb: rename skb_dstref_restore to skb_dstref_set
  net: dst_cache: add noref versions for dst_cache
  net: tunnel: use dstref in ip and udp tunnel xmit functions
  net: tunnel: return dstref in udp_tunnel{,6}_dst_lookup
  net: tunnel: make udp_tunnel{,6}_dst_lookup return a noref dst
  net: ovpn: convert ovpn_udp{4,6}_output to use a noref dst
  net: wireguard: convert send{4,6} to use a noref dst when possible
  net: tunnel: convert ip_md_tunnel_xmit to use a noref dst when
    possible
  net: tunnel: convert ip_tunnel_xmit to use a noref dst when possible
  net: sit: convert ipip6_tunnel_xmit to use a noref dst
  net: tipc: convert tipc_udp_xmit to use a noref dst
  net: sctp: convert sctp_v{4,6}_xmit to use a noref dst when possible

 drivers/net/amt.c                       |   6 +-
 drivers/net/bareudp.c                   |  63 ++++++-----
 drivers/net/geneve.c                    |  87 +++++++++-------
 drivers/net/gtp.c                       |  10 +-
 drivers/net/ovpn/udp.c                  |  12 +--
 drivers/net/vxlan/vxlan_core.c          |  80 +++++++-------
 drivers/net/wireguard/socket.c          |  34 ++++--
 include/linux/skbuff.h                  |  63 ++++-------
 include/net/dst.h                       |  48 ++++++---
 include/net/dst_cache.h                 |  71 +++++++++++++
 include/net/dst_metadata.h              |   6 +-
 include/net/dstref.h                    | 111 ++++++++++++++++++++
 include/net/ip_tunnels.h                |   2 +-
 include/net/tcp.h                       |   9 +-
 include/net/udp_tunnel.h                |  12 +--
 net/core/dst_cache.c                    | 133 ++++++++++++++++++++++--
 net/core/pktgen.c                       |   2 +-
 net/ieee802154/6lowpan/reassembly.c     |   5 +-
 net/ipv4/icmp.c                         |   6 +-
 net/ipv4/ip_fragment.c                  |   5 +-
 net/ipv4/ip_options.c                   |   8 +-
 net/ipv4/ip_tunnel.c                    |  63 ++++++-----
 net/ipv4/ip_tunnel_core.c               |   9 +-
 net/ipv4/udp_tunnel_core.c              |  42 ++++----
 net/ipv6/ip6_udp_tunnel.c               |  52 +++++----
 net/ipv6/netfilter/nf_conntrack_reasm.c |   5 +-
 net/ipv6/reassembly.c                   |   5 +-
 net/ipv6/sit.c                          |  15 +--
 net/openvswitch/actions.c               |  16 +--
 net/openvswitch/datapath.h              |   2 +-
 net/sched/sch_frag.c                    |  18 ++--
 net/sctp/ipv6.c                         |   6 +-
 net/sctp/protocol.c                     |   6 +-
 net/tipc/udp_media.c                    |  14 +--
 34 files changed, 684 insertions(+), 342 deletions(-)
 create mode 100644 include/net/dstref.h

-- 
2.51.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ