2019-05-27 09:55:01 +03:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2005-04-17 02:20:36 +04:00
|
|
|
/*
|
|
|
|
* Definitions for the 'struct sk_buff' memory handlers.
|
|
|
|
*
|
|
|
|
* Authors:
|
|
|
|
* Alan Cox, <gw4pts@gw4pts.ampr.org>
|
|
|
|
* Florian La Roche, <rzsfl@rz.uni-sb.de>
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef _LINUX_SKBUFF_H
|
|
|
|
#define _LINUX_SKBUFF_H
|
|
|
|
|
|
|
|
#include <linux/kernel.h>
|
|
|
|
#include <linux/compiler.h>
|
|
|
|
#include <linux/time.h>
|
2011-11-24 05:12:59 +04:00
|
|
|
#include <linux/bug.h>
|
2019-07-23 06:08:31 +03:00
|
|
|
#include <linux/bvec.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <linux/cache.h>
|
2014-11-03 19:19:53 +03:00
|
|
|
#include <linux/rbtree.h>
|
2014-11-06 00:46:40 +03:00
|
|
|
#include <linux/socket.h>
|
2017-09-01 02:48:22 +03:00
|
|
|
#include <linux/refcount.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2011-07-27 03:09:06 +04:00
|
|
|
#include <linux/atomic.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <asm/types.h>
|
|
|
|
#include <linux/spinlock.h>
|
|
|
|
#include <linux/net.h>
|
2005-06-24 08:00:17 +04:00
|
|
|
#include <linux/textsearch.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
#include <net/checksum.h>
|
2006-12-04 23:41:19 +03:00
|
|
|
#include <linux/rcupdate.h>
|
2007-04-20 03:16:32 +04:00
|
|
|
#include <linux/hrtimer.h>
|
2011-08-19 10:25:00 +04:00
|
|
|
#include <linux/dma-mapping.h>
|
2011-11-15 19:29:55 +04:00
|
|
|
#include <linux/netdev_features.h>
|
2014-02-27 02:02:11 +04:00
|
|
|
#include <linux/sched.h>
|
2017-02-01 18:36:40 +03:00
|
|
|
#include <linux/sched/clock.h>
|
2015-05-12 15:56:07 +03:00
|
|
|
#include <net/flow_dissector.h>
|
2015-05-21 18:00:00 +03:00
|
|
|
#include <linux/splice.h>
|
2015-05-30 16:27:40 +03:00
|
|
|
#include <linux/in6.h>
|
2016-07-02 13:43:14 +03:00
|
|
|
#include <linux/if_packet.h>
|
tcp: defer skb freeing after socket lock is released
tcp recvmsg() (or rx zerocopy) spends a fair amount of time
freeing skbs after their payload has been consumed.
A typical ~64KB GRO packet has to release ~45 page
references, eventually going to page allocator
for each of them.
Currently, this freeing is performed while socket lock
is held, meaning that there is a high chance that
BH handler has to queue incoming packets to tcp socket backlog.
This can cause additional latencies, because the user
thread has to process the backlog at release_sock() time,
and while doing so, additional frames can be added
by BH handler.
This patch adds logic to defer these frees after socket
lock is released, or directly from BH handler if possible.
Being able to free these skbs from BH handler helps a lot,
because this avoids the usual alloc/free assymetry,
when BH handler and user thread do not run on same cpu or
NUMA node.
One cpu can now be fully utilized for the kernel->user copy,
and another cpu is handling BH processing and skb/page
allocs/frees (assuming RFS is not forcing use of a single CPU)
Tested:
100Gbit NIC
Max throughput for one TCP_STREAM flow, over 10 runs
MTU : 1500
Before: 55 Gbit
After: 66 Gbit
MTU : 4096+(headers)
Before: 82 Gbit
After: 95 Gbit
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-11-15 22:02:46 +03:00
|
|
|
#include <linux/llist.h>
|
2015-08-01 02:52:10 +03:00
|
|
|
#include <net/flow.h>
|
2021-06-07 22:02:38 +03:00
|
|
|
#include <net/page_pool.h>
|
2019-09-13 11:13:14 +03:00
|
|
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
|
|
|
#include <linux/netfilter/nf_conntrack_common.h>
|
|
|
|
#endif
|
2022-05-10 06:57:39 +03:00
|
|
|
#include <net/net_debug.h>
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2022-05-09 19:04:56 +03:00
|
|
|
/**
|
|
|
|
* DOC: skb checksums
|
|
|
|
*
|
|
|
|
* The interface for checksum offload between the stack and networking drivers
|
2015-12-14 22:19:47 +03:00
|
|
|
* is as follows...
|
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* IP checksum related features
|
|
|
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
2015-12-14 22:19:47 +03:00
|
|
|
*
|
|
|
|
* Drivers advertise checksum offload capabilities in the features of a device.
|
2020-04-06 04:59:24 +03:00
|
|
|
* From the stack's point of view these are capabilities offered by the driver.
|
|
|
|
* A driver typically only advertises features that it is capable of offloading
|
2015-12-14 22:19:47 +03:00
|
|
|
* to its device.
|
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* .. flat-table:: Checksum related device features
|
|
|
|
* :widths: 1 10
|
|
|
|
*
|
|
|
|
* * - %NETIF_F_HW_CSUM
|
|
|
|
* - The driver (or its device) is able to compute one
|
|
|
|
* IP (one's complement) checksum for any combination
|
|
|
|
* of protocols or protocol layering. The checksum is
|
|
|
|
* computed and set in a packet per the CHECKSUM_PARTIAL
|
|
|
|
* interface (see below).
|
|
|
|
*
|
|
|
|
* * - %NETIF_F_IP_CSUM
|
|
|
|
* - Driver (device) is only able to checksum plain
|
|
|
|
* TCP or UDP packets over IPv4. These are specifically
|
|
|
|
* unencapsulated packets of the form IPv4|TCP or
|
|
|
|
* IPv4|UDP where the Protocol field in the IPv4 header
|
|
|
|
* is TCP or UDP. The IPv4 header may contain IP options.
|
|
|
|
* This feature cannot be set in features for a device
|
|
|
|
* with NETIF_F_HW_CSUM also set. This feature is being
|
|
|
|
* DEPRECATED (see below).
|
|
|
|
*
|
|
|
|
* * - %NETIF_F_IPV6_CSUM
|
|
|
|
* - Driver (device) is only able to checksum plain
|
|
|
|
* TCP or UDP packets over IPv6. These are specifically
|
|
|
|
* unencapsulated packets of the form IPv6|TCP or
|
|
|
|
* IPv6|UDP where the Next Header field in the IPv6
|
|
|
|
* header is either TCP or UDP. IPv6 extension headers
|
|
|
|
* are not supported with this feature. This feature
|
|
|
|
* cannot be set in features for a device with
|
|
|
|
* NETIF_F_HW_CSUM also set. This feature is being
|
|
|
|
* DEPRECATED (see below).
|
|
|
|
*
|
|
|
|
* * - %NETIF_F_RXCSUM
|
|
|
|
* - Driver (device) performs receive checksum offload.
|
|
|
|
* This flag is only used to disable the RX checksum
|
|
|
|
* feature for a device. The stack will accept receive
|
|
|
|
* checksum indication in packets received on a device
|
|
|
|
* regardless of whether NETIF_F_RXCSUM is set.
|
|
|
|
*
|
|
|
|
* Checksumming of received packets by device
|
|
|
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
*
|
|
|
|
* Indication of checksum verification is set in &sk_buff.ip_summed.
|
|
|
|
* Possible values are:
|
|
|
|
*
|
|
|
|
* - %CHECKSUM_NONE
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2015-12-14 22:19:47 +03:00
|
|
|
* Device did not checksum this packet e.g. due to lack of capabilities.
|
2013-12-17 02:27:09 +04:00
|
|
|
* The packet contains full (though not verified) checksum in packet but
|
|
|
|
* not in skb->csum. Thus, skb->csum is undefined in this case.
|
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* - %CHECKSUM_UNNECESSARY
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
|
|
|
* The hardware you're dealing with doesn't calculate the full checksum
|
2022-05-09 19:04:56 +03:00
|
|
|
* (as in %CHECKSUM_COMPLETE), but it does parse headers and verify checksums
|
|
|
|
* for specific protocols. For such packets it will set %CHECKSUM_UNNECESSARY
|
|
|
|
* if their checksums are okay. &sk_buff.csum is still undefined in this case
|
2015-12-14 22:19:47 +03:00
|
|
|
* though. A driver or device must never modify the checksum field in the
|
|
|
|
* packet even if checksum is verified.
|
2014-08-28 08:26:46 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* %CHECKSUM_UNNECESSARY is applicable to following protocols:
|
|
|
|
*
|
|
|
|
* - TCP: IPv6 and IPv4.
|
|
|
|
* - UDP: IPv4 and IPv6. A device may apply CHECKSUM_UNNECESSARY to a
|
2014-08-28 08:26:46 +04:00
|
|
|
* zero UDP checksum for either IPv4 or IPv6, the networking stack
|
|
|
|
* may perform further validation in this case.
|
2022-05-09 19:04:56 +03:00
|
|
|
* - GRE: only if the checksum is present in the header.
|
|
|
|
* - SCTP: indicates the CRC in SCTP header has been validated.
|
|
|
|
* - FCOE: indicates the CRC in FC frame has been validated.
|
2014-08-28 08:26:46 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* &sk_buff.csum_level indicates the number of consecutive checksums found in
|
|
|
|
* the packet minus one that have been verified as %CHECKSUM_UNNECESSARY.
|
2014-08-28 08:26:46 +04:00
|
|
|
* For instance if a device receives an IPv6->UDP->GRE->IPv4->TCP packet
|
|
|
|
* and a device is able to verify the checksums for UDP (possibly zero),
|
2022-05-09 19:04:56 +03:00
|
|
|
* GRE (checksum flag is set) and TCP, &sk_buff.csum_level would be set to
|
2014-08-28 08:26:46 +04:00
|
|
|
* two. If the device were only able to verify the UDP checksum and not
|
2020-04-06 04:59:24 +03:00
|
|
|
* GRE, either because it doesn't support GRE checksum or because GRE
|
2014-08-28 08:26:46 +04:00
|
|
|
* checksum is bad, skb->csum_level would be set to zero (TCP checksum is
|
|
|
|
* not considered in this case).
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* - %CHECKSUM_COMPLETE
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
|
|
|
* This is the most generic way. The device supplied checksum of the _whole_
|
2022-05-09 19:04:56 +03:00
|
|
|
* packet as seen by netif_rx() and fills in &sk_buff.csum. This means the
|
2013-12-17 02:27:09 +04:00
|
|
|
* hardware doesn't need to parse L3/L4 headers to implement this.
|
|
|
|
*
|
2017-05-18 16:44:43 +03:00
|
|
|
* Notes:
|
2022-05-09 19:04:56 +03:00
|
|
|
*
|
2017-05-18 16:44:43 +03:00
|
|
|
* - Even if device supports only some protocols, but is able to produce
|
|
|
|
* skb->csum, it MUST use CHECKSUM_COMPLETE, not CHECKSUM_UNNECESSARY.
|
|
|
|
* - CHECKSUM_COMPLETE is not applicable to SCTP and FCoE protocols.
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* - %CHECKSUM_PARTIAL
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2015-02-11 03:30:28 +03:00
|
|
|
* A checksum is set up to be offloaded to a device as described in the
|
|
|
|
* output description for CHECKSUM_PARTIAL. This may occur on a packet
|
2013-12-17 02:27:09 +04:00
|
|
|
* received directly from another Linux OS, e.g., a virtualized Linux kernel
|
2015-02-11 03:30:28 +03:00
|
|
|
* on the same host, or it may be set in the input path in GRO or remote
|
|
|
|
* checksum offload. For the purposes of checksum verification, the checksum
|
|
|
|
* referred to by skb->csum_start + skb->csum_offset and any preceding
|
|
|
|
* checksums in the packet are considered verified. Any checksums in the
|
|
|
|
* packet that are after the checksum being offloaded are not considered to
|
|
|
|
* be verified.
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* Checksumming on transmit for non-GSO
|
|
|
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* The stack requests checksum offload in the &sk_buff.ip_summed for a packet.
|
|
|
|
* Values are:
|
|
|
|
*
|
|
|
|
* - %CHECKSUM_PARTIAL
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2015-12-14 22:19:47 +03:00
|
|
|
* The driver is required to checksum the packet as seen by hard_start_xmit()
|
2022-05-09 19:04:56 +03:00
|
|
|
* from &sk_buff.csum_start up to the end, and to record/write the checksum at
|
|
|
|
* offset &sk_buff.csum_start + &sk_buff.csum_offset.
|
|
|
|
* A driver may verify that the
|
2015-12-14 22:19:47 +03:00
|
|
|
* csum_start and csum_offset values are valid values given the length and
|
2020-04-06 04:59:24 +03:00
|
|
|
* offset of the packet, but it should not attempt to validate that the
|
|
|
|
* checksum refers to a legitimate transport layer checksum -- it is the
|
2015-12-14 22:19:47 +03:00
|
|
|
* purview of the stack to validate that csum_start and csum_offset are set
|
|
|
|
* correctly.
|
|
|
|
*
|
|
|
|
* When the stack requests checksum offload for a packet, the driver MUST
|
|
|
|
* ensure that the checksum is set correctly. A driver can either offload the
|
|
|
|
* checksum calculation to the device, or call skb_checksum_help (in the case
|
|
|
|
* that the device does not support offload for a particular checksum).
|
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* %NETIF_F_IP_CSUM and %NETIF_F_IPV6_CSUM are being deprecated in favor of
|
|
|
|
* %NETIF_F_HW_CSUM. New devices should use %NETIF_F_HW_CSUM to indicate
|
2017-05-18 16:44:41 +03:00
|
|
|
* checksum offload capability.
|
2022-05-09 19:04:56 +03:00
|
|
|
* skb_csum_hwoffload_help() can be called to resolve %CHECKSUM_PARTIAL based
|
2017-05-18 16:44:41 +03:00
|
|
|
* on network device checksumming capabilities: if a packet does not match
|
2022-05-09 19:04:56 +03:00
|
|
|
* them, skb_checksum_help() or skb_crc32c_help() (depending on the value of
|
|
|
|
* &sk_buff.csum_not_inet, see :ref:`crc`)
|
|
|
|
* is called to resolve the checksum.
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* - %CHECKSUM_NONE
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2015-12-14 22:19:47 +03:00
|
|
|
* The skb was already checksummed by the protocol, or a checksum is not
|
|
|
|
* required.
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* - %CHECKSUM_UNNECESSARY
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2020-04-06 04:59:24 +03:00
|
|
|
* This has the same meaning as CHECKSUM_NONE for checksum offload on
|
2015-12-14 22:19:47 +03:00
|
|
|
* output.
|
2013-12-17 02:27:09 +04:00
|
|
|
*
|
2022-05-09 19:04:56 +03:00
|
|
|
* - %CHECKSUM_COMPLETE
|
|
|
|
*
|
2015-12-14 22:19:47 +03:00
|
|
|
* Not used in checksum output. If a driver observes a packet with this value
|
2022-05-09 19:04:56 +03:00
|
|
|
* set in skbuff, it should treat the packet as if %CHECKSUM_NONE were set.
|
|
|
|
*
|
|
|
|
* .. _crc:
|
|
|
|
*
|
|
|
|
* Non-IP checksum (CRC) offloads
|
|
|
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
*
|
|
|
|
* .. flat-table::
|
|
|
|
* :widths: 1 10
|
|
|
|
*
|
|
|
|
* * - %NETIF_F_SCTP_CRC
|
|
|
|
* - This feature indicates that a device is capable of
|
|
|
|
* offloading the SCTP CRC in a packet. To perform this offload the stack
|
|
|
|
* will set csum_start and csum_offset accordingly, set ip_summed to
|
|
|
|
* %CHECKSUM_PARTIAL and set csum_not_inet to 1, to provide an indication
|
|
|
|
* in the skbuff that the %CHECKSUM_PARTIAL refers to CRC32c.
|
|
|
|
* A driver that supports both IP checksum offload and SCTP CRC32c offload
|
|
|
|
* must verify which offload is configured for a packet by testing the
|
|
|
|
* value of &sk_buff.csum_not_inet; skb_crc32c_csum_help() is provided to
|
|
|
|
* resolve %CHECKSUM_PARTIAL on skbs where csum_not_inet is set to 1.
|
|
|
|
*
|
|
|
|
* * - %NETIF_F_FCOE_CRC
|
|
|
|
* - This feature indicates that a device is capable of offloading the FCOE
|
|
|
|
* CRC in a packet. To perform this offload the stack will set ip_summed
|
|
|
|
* to %CHECKSUM_PARTIAL and set csum_start and csum_offset
|
|
|
|
* accordingly. Note that there is no indication in the skbuff that the
|
|
|
|
* %CHECKSUM_PARTIAL refers to an FCOE checksum, so a driver that supports
|
|
|
|
* both IP checksum offload and FCOE CRC offload must verify which offload
|
|
|
|
* is configured for a packet, presumably by inspecting packet headers.
|
|
|
|
*
|
|
|
|
* Checksumming on output with GSO
|
|
|
|
* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
*
|
|
|
|
* In the case of a GSO packet (skb_is_gso() is true), checksum offload
|
2015-12-14 22:19:47 +03:00
|
|
|
* is implied by the SKB_GSO_* flags in gso_type. Most obviously, if the
|
2022-05-09 19:04:56 +03:00
|
|
|
* gso_type is %SKB_GSO_TCPV4 or %SKB_GSO_TCPV6, TCP checksum offload as
|
2015-12-14 22:19:47 +03:00
|
|
|
* part of the GSO operation is implied. If a checksum is being offloaded
|
2022-05-09 19:04:56 +03:00
|
|
|
* with GSO then ip_summed is %CHECKSUM_PARTIAL, and both csum_start and
|
2020-04-06 04:59:24 +03:00
|
|
|
* csum_offset are set to refer to the outermost checksum being offloaded
|
|
|
|
* (two offloaded checksums are possible with UDP encapsulation).
|
2013-12-17 02:27:09 +04:00
|
|
|
*/
|
|
|
|
|
2007-04-09 22:59:39 +04:00
|
|
|
/* Don't change this without changing skb_csum_unnecessary! */
|
2013-12-17 02:27:09 +04:00
|
|
|
#define CHECKSUM_NONE 0
|
|
|
|
#define CHECKSUM_UNNECESSARY 1
|
|
|
|
#define CHECKSUM_COMPLETE 2
|
|
|
|
#define CHECKSUM_PARTIAL 3
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2014-08-28 08:26:46 +04:00
|
|
|
/* Maximum value in skb->csum_level */
|
|
|
|
#define SKB_MAX_CSUM_LEVEL 3
|
|
|
|
|
2014-07-22 14:06:23 +04:00
|
|
|
#define SKB_DATA_ALIGN(X) ALIGN(X, SMP_CACHE_BYTES)
|
2007-03-26 07:27:59 +04:00
|
|
|
#define SKB_WITH_OVERHEAD(X) \
|
2007-10-22 03:27:46 +04:00
|
|
|
((X) - SKB_DATA_ALIGN(sizeof(struct skb_shared_info)))
|
2007-03-26 07:27:59 +04:00
|
|
|
#define SKB_MAX_ORDER(X, ORDER) \
|
|
|
|
SKB_WITH_OVERHEAD((PAGE_SIZE << (ORDER)) - (X))
|
2005-04-17 02:20:36 +04:00
|
|
|
#define SKB_MAX_HEAD(X) (SKB_MAX_ORDER((X), 0))
|
|
|
|
#define SKB_MAX_ALLOC (SKB_MAX_ORDER(0, 2))
|
|
|
|
|
2011-10-13 11:28:54 +04:00
|
|
|
/* return minimum truesize of one skb containing X bytes of data */
|
|
|
|
#define SKB_TRUESIZE(X) ((X) + \
|
|
|
|
SKB_DATA_ALIGN(sizeof(struct sk_buff)) + \
|
|
|
|
SKB_DATA_ALIGN(sizeof(struct skb_shared_info)))
|
|
|
|
|
2020-06-12 09:57:37 +03:00
|
|
|
struct ahash_request;
|
2005-04-17 02:20:36 +04:00
|
|
|
struct net_device;
|
2007-04-03 07:19:53 +04:00
|
|
|
struct scatterlist;
|
2007-11-07 10:30:13 +03:00
|
|
|
struct pipe_inode_info;
|
2014-11-07 16:22:22 +03:00
|
|
|
struct iov_iter;
|
2014-12-10 06:40:49 +03:00
|
|
|
struct napi_struct;
|
2018-09-14 17:46:18 +03:00
|
|
|
struct bpf_prog;
|
|
|
|
union bpf_attr;
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
struct skb_ext;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2014-09-18 13:29:03 +04:00
|
|
|
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
|
2005-04-17 02:20:36 +04:00
|
|
|
struct nf_bridge_info {
|
2015-04-02 15:31:44 +03:00
|
|
|
enum {
|
|
|
|
BRNF_PROTO_UNCHANGED,
|
|
|
|
BRNF_PROTO_8021Q,
|
|
|
|
BRNF_PROTO_PPPOE
|
2015-05-03 23:05:28 +03:00
|
|
|
} orig_proto:8;
|
2015-07-23 17:21:30 +03:00
|
|
|
u8 pkt_otherhost:1;
|
|
|
|
u8 in_prerouting:1;
|
|
|
|
u8 bridged_dnat:1;
|
2015-05-30 16:28:28 +03:00
|
|
|
__u16 frag_max_size;
|
2012-04-19 03:19:25 +04:00
|
|
|
struct net_device *physindev;
|
2015-09-14 18:06:27 +03:00
|
|
|
|
|
|
|
/* always valid & non-NULL from FORWARD on, for physdev match */
|
|
|
|
struct net_device *physoutdev;
|
2015-05-03 23:05:28 +03:00
|
|
|
union {
|
2015-07-23 17:21:30 +03:00
|
|
|
/* prerouting: detect dnat in orig/reply direction */
|
2015-05-30 16:27:40 +03:00
|
|
|
__be32 ipv4_daddr;
|
|
|
|
struct in6_addr ipv6_daddr;
|
2015-07-23 17:21:30 +03:00
|
|
|
|
|
|
|
/* after prerouting + nat detected: store original source
|
|
|
|
* mac since neigh resolution overwrites it, only used while
|
|
|
|
* skb is out in neigh layer.
|
|
|
|
*/
|
|
|
|
char neigh_header[8];
|
2015-05-30 16:27:40 +03:00
|
|
|
};
|
2005-04-17 02:20:36 +04:00
|
|
|
};
|
|
|
|
#endif
|
|
|
|
|
net: openvswitch: Set OvS recirc_id from tc chain index
Offloaded OvS datapath rules are translated one to one to tc rules,
for example the following simplified OvS rule:
recirc_id(0),in_port(dev1),eth_type(0x0800),ct_state(-trk) actions:ct(),recirc(2)
Will be translated to the following tc rule:
$ tc filter add dev dev1 ingress \
prio 1 chain 0 proto ip \
flower tcp ct_state -trk \
action ct pipe \
action goto chain 2
Received packets will first travel though tc, and if they aren't stolen
by it, like in the above rule, they will continue to OvS datapath.
Since we already did some actions (action ct in this case) which might
modify the packets, and updated action stats, we would like to continue
the proccessing with the correct recirc_id in OvS (here recirc_id(2))
where we left off.
To support this, introduce a new skb extension for tc, which
will be used for translating tc chain to ovs recirc_id to
handle these miss cases. Last tc chain index will be set
by tc goto chain action and read by OvS datapath.
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Signed-off-by: Vlad Buslov <vladbu@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-09-04 16:56:37 +03:00
|
|
|
#if IS_ENABLED(CONFIG_NET_TC_SKB_EXT)
|
|
|
|
/* Chain in tc_skb_ext will be used to share the tc chain with
|
|
|
|
* ovs recirc_id. It will be set to the current chain by tc
|
|
|
|
* and read by ovs to recirc_id.
|
|
|
|
*/
|
|
|
|
struct tc_skb_ext {
|
|
|
|
__u32 chain;
|
2020-07-31 05:45:01 +03:00
|
|
|
__u16 mru;
|
2021-12-14 20:24:35 +03:00
|
|
|
__u16 zone;
|
2022-01-06 18:38:04 +03:00
|
|
|
u8 post_ct:1;
|
|
|
|
u8 post_ct_snat:1;
|
|
|
|
u8 post_ct_dnat:1;
|
net: openvswitch: Set OvS recirc_id from tc chain index
Offloaded OvS datapath rules are translated one to one to tc rules,
for example the following simplified OvS rule:
recirc_id(0),in_port(dev1),eth_type(0x0800),ct_state(-trk) actions:ct(),recirc(2)
Will be translated to the following tc rule:
$ tc filter add dev dev1 ingress \
prio 1 chain 0 proto ip \
flower tcp ct_state -trk \
action ct pipe \
action goto chain 2
Received packets will first travel though tc, and if they aren't stolen
by it, like in the above rule, they will continue to OvS datapath.
Since we already did some actions (action ct in this case) which might
modify the packets, and updated action stats, we would like to continue
the proccessing with the correct recirc_id in OvS (here recirc_id(2))
where we left off.
To support this, introduce a new skb extension for tc, which
will be used for translating tc chain to ovs recirc_id to
handle these miss cases. Last tc chain index will be set
by tc goto chain action and read by OvS datapath.
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Signed-off-by: Vlad Buslov <vladbu@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-09-04 16:56:37 +03:00
|
|
|
};
|
|
|
|
#endif
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
struct sk_buff_head {
|
skbuff: Extract list pointers to silence compiler warnings
Under both -Warray-bounds and the object_size sanitizer, the compiler is
upset about accessing prev/next of sk_buff when the object it thinks it
is coming from is sk_buff_head. The warning is a false positive due to
the compiler taking a conservative approach, opting to warn at casting
time rather than access time.
However, in support of enabling -Warray-bounds globally (which has
found many real bugs), arrange things for sk_buff so that the compiler
can unambiguously see that there is no intention to access anything
except prev/next. Introduce and cast to a separate struct sk_buff_list,
which contains _only_ the first two fields, silencing the warnings:
In file included from ./include/net/net_namespace.h:39,
from ./include/linux/netdevice.h:37,
from net/core/netpoll.c:17:
net/core/netpoll.c: In function 'refill_skbs':
./include/linux/skbuff.h:2086:9: warning: array subscript 'struct sk_buff[0]' is partly outside array bounds of 'struct sk_buff_head[1]' [-Warray-bounds]
2086 | __skb_insert(newsk, next->prev, next, list);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/core/netpoll.c:49:28: note: while referencing 'skb_pool'
49 | static struct sk_buff_head skb_pool;
| ^~~~~~~~
This change results in no executable instruction differences.
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20211207062758.2324338-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-07 09:27:58 +03:00
|
|
|
/* These two members must be first to match sk_buff. */
|
|
|
|
struct_group_tagged(sk_buff_list, list,
|
|
|
|
struct sk_buff *next;
|
|
|
|
struct sk_buff *prev;
|
|
|
|
);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
__u32 qlen;
|
|
|
|
spinlock_t lock;
|
|
|
|
};
|
|
|
|
|
|
|
|
struct sk_buff;
|
|
|
|
|
2022-01-09 09:36:26 +03:00
|
|
|
/* The reason of skb drop, which is used in kfree_skb_reason().
|
|
|
|
* en...maybe they should be splited by group?
|
|
|
|
*
|
|
|
|
* Each item here should also be in 'TRACE_SKB_DROP_REASON', which is
|
|
|
|
* used to translate the reason to string.
|
|
|
|
*/
|
|
|
|
enum skb_drop_reason {
|
2022-03-08 03:44:21 +03:00
|
|
|
SKB_NOT_DROPPED_YET = 0,
|
2022-02-05 10:47:33 +03:00
|
|
|
SKB_DROP_REASON_NOT_SPECIFIED, /* drop reason is not specified */
|
|
|
|
SKB_DROP_REASON_NO_SOCKET, /* socket not found */
|
|
|
|
SKB_DROP_REASON_PKT_TOO_SMALL, /* packet size is too small */
|
|
|
|
SKB_DROP_REASON_TCP_CSUM, /* TCP checksum error */
|
|
|
|
SKB_DROP_REASON_SOCKET_FILTER, /* dropped by socket filter */
|
|
|
|
SKB_DROP_REASON_UDP_CSUM, /* UDP checksum error */
|
2022-02-05 10:47:34 +03:00
|
|
|
SKB_DROP_REASON_NETFILTER_DROP, /* dropped by netfilter */
|
2022-02-05 10:47:35 +03:00
|
|
|
SKB_DROP_REASON_OTHERHOST, /* packet don't belong to current
|
|
|
|
* host (interface is in promisc
|
|
|
|
* mode)
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_IP_CSUM, /* IP checksum error */
|
|
|
|
SKB_DROP_REASON_IP_INHDR, /* there is something wrong with
|
|
|
|
* IP header (see
|
|
|
|
* IPSTATS_MIB_INHDRERRORS)
|
|
|
|
*/
|
2022-02-05 10:47:36 +03:00
|
|
|
SKB_DROP_REASON_IP_RPFILTER, /* IP rpfilter validate failed.
|
|
|
|
* see the document for rp_filter
|
|
|
|
* in ip-sysctl.rst for more
|
|
|
|
* information
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_UNICAST_IN_L2_MULTICAST, /* destination address of L2
|
|
|
|
* is multicast, but L3 is
|
|
|
|
* unicast.
|
|
|
|
*/
|
2022-02-05 10:47:37 +03:00
|
|
|
SKB_DROP_REASON_XFRM_POLICY, /* xfrm policy check failed */
|
|
|
|
SKB_DROP_REASON_IP_NOPROTO, /* no support for IP protocol */
|
2022-02-05 10:47:39 +03:00
|
|
|
SKB_DROP_REASON_SOCKET_RCVBUFF, /* socket receive buff is full */
|
|
|
|
SKB_DROP_REASON_PROTO_MEM, /* proto memory limition, such as
|
|
|
|
* udp packet drop out of
|
|
|
|
* udp_memory_allocated.
|
|
|
|
*/
|
2022-02-20 10:06:32 +03:00
|
|
|
SKB_DROP_REASON_TCP_MD5NOTFOUND, /* no MD5 hash and one
|
|
|
|
* expected, corresponding
|
|
|
|
* to LINUX_MIB_TCPMD5NOTFOUND
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TCP_MD5UNEXPECTED, /* MD5 hash and we're not
|
|
|
|
* expecting one, corresponding
|
|
|
|
* to LINUX_MIB_TCPMD5UNEXPECTED
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TCP_MD5FAILURE, /* MD5 hash and its wrong,
|
|
|
|
* corresponding to
|
|
|
|
* LINUX_MIB_TCPMD5FAILURE
|
|
|
|
*/
|
2022-02-20 10:06:33 +03:00
|
|
|
SKB_DROP_REASON_SOCKET_BACKLOG, /* failed to add skb to socket
|
|
|
|
* backlog (see
|
|
|
|
* LINUX_MIB_TCPBACKLOGDROP)
|
|
|
|
*/
|
2022-02-20 10:06:35 +03:00
|
|
|
SKB_DROP_REASON_TCP_FLAGS, /* TCP flags invalid */
|
2022-02-20 10:06:36 +03:00
|
|
|
SKB_DROP_REASON_TCP_ZEROWINDOW, /* TCP receive window size is zero,
|
|
|
|
* see LINUX_MIB_TCPZEROWINDOWDROP
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TCP_OLD_DATA, /* the TCP data reveived is already
|
|
|
|
* received before (spurious retrans
|
|
|
|
* may happened), see
|
|
|
|
* LINUX_MIB_DELAYEDACKLOST
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TCP_OVERWINDOW, /* the TCP data is out of window,
|
|
|
|
* the seq of the first byte exceed
|
|
|
|
* the right edges of receive
|
|
|
|
* window
|
|
|
|
*/
|
2022-02-20 10:06:37 +03:00
|
|
|
SKB_DROP_REASON_TCP_OFOMERGE, /* the data of skb is already in
|
|
|
|
* the ofo queue, corresponding to
|
|
|
|
* LINUX_MIB_TCPOFOMERGE
|
|
|
|
*/
|
2022-04-16 03:10:41 +03:00
|
|
|
SKB_DROP_REASON_TCP_RFC7323_PAWS, /* PAWS check, corresponding to
|
|
|
|
* LINUX_MIB_PAWSESTABREJECTED
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TCP_INVALID_SEQUENCE, /* Not acceptable SEQ field */
|
|
|
|
SKB_DROP_REASON_TCP_RESET, /* Invalid RST packet */
|
|
|
|
SKB_DROP_REASON_TCP_INVALID_SYN, /* Incoming packet has unexpected SYN flag */
|
2022-04-16 03:10:43 +03:00
|
|
|
SKB_DROP_REASON_TCP_CLOSE, /* TCP socket in CLOSE state */
|
|
|
|
SKB_DROP_REASON_TCP_FASTOPEN, /* dropped by FASTOPEN request socket */
|
|
|
|
SKB_DROP_REASON_TCP_OLD_ACK, /* TCP ACK is old, but in window */
|
2022-04-16 03:10:44 +03:00
|
|
|
SKB_DROP_REASON_TCP_TOO_OLD_ACK, /* TCP ACK is too old */
|
|
|
|
SKB_DROP_REASON_TCP_ACK_UNSENT_DATA, /* TCP ACK for data we haven't sent yet */
|
2022-04-16 03:10:45 +03:00
|
|
|
SKB_DROP_REASON_TCP_OFO_QUEUE_PRUNE, /* pruned from TCP OFO queue */
|
2022-04-16 03:10:48 +03:00
|
|
|
SKB_DROP_REASON_TCP_OFO_DROP, /* data already in receive queue */
|
2022-02-26 07:18:29 +03:00
|
|
|
SKB_DROP_REASON_IP_OUTNOROUTES, /* route lookup failed */
|
|
|
|
SKB_DROP_REASON_BPF_CGROUP_EGRESS, /* dropped by
|
|
|
|
* BPF_PROG_TYPE_CGROUP_SKB
|
|
|
|
* eBPF program
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_IPV6DISABLED, /* IPv6 is disabled on the device */
|
|
|
|
SKB_DROP_REASON_NEIGH_CREATEFAIL, /* failed to create neigh
|
|
|
|
* entry
|
|
|
|
*/
|
2022-02-26 07:18:30 +03:00
|
|
|
SKB_DROP_REASON_NEIGH_FAILED, /* neigh entry in failed state */
|
|
|
|
SKB_DROP_REASON_NEIGH_QUEUEFULL, /* arp_queue for neigh
|
|
|
|
* entry is full
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_NEIGH_DEAD, /* neigh entry is dead */
|
2022-03-04 09:00:40 +03:00
|
|
|
SKB_DROP_REASON_TC_EGRESS, /* dropped in TC egress HOOK */
|
2022-03-04 09:00:42 +03:00
|
|
|
SKB_DROP_REASON_QDISC_DROP, /* dropped by qdisc when packet
|
|
|
|
* outputting (failed to enqueue to
|
|
|
|
* current qdisc)
|
|
|
|
*/
|
2022-03-04 09:00:43 +03:00
|
|
|
SKB_DROP_REASON_CPU_BACKLOG, /* failed to enqueue the skb to
|
|
|
|
* the per CPU backlog queue. This
|
|
|
|
* can be caused by backlog queue
|
|
|
|
* full (see netdev_max_backlog in
|
|
|
|
* net.rst) or RPS flow limit
|
|
|
|
*/
|
2022-03-04 09:00:44 +03:00
|
|
|
SKB_DROP_REASON_XDP, /* dropped by XDP in input path */
|
2022-03-04 09:00:45 +03:00
|
|
|
SKB_DROP_REASON_TC_INGRESS, /* dropped in TC ingress HOOK */
|
2022-04-07 09:20:50 +03:00
|
|
|
SKB_DROP_REASON_UNHANDLED_PROTO, /* protocol not implemented
|
|
|
|
* or not supported
|
|
|
|
*/
|
2022-03-04 17:55:05 +03:00
|
|
|
SKB_DROP_REASON_SKB_CSUM, /* sk_buff checksum computation
|
|
|
|
* error
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_SKB_GSO_SEG, /* gso segmentation error */
|
|
|
|
SKB_DROP_REASON_SKB_UCOPY_FAULT, /* failed to copy data from
|
|
|
|
* user space, e.g., via
|
|
|
|
* zerocopy_sg_from_iter()
|
|
|
|
* or skb_orphan_frags_rx()
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_DEV_HDR, /* device driver specific
|
|
|
|
* header/metadata is invalid
|
|
|
|
*/
|
2022-03-04 17:55:07 +03:00
|
|
|
/* the device is not ready to xmit/recv due to any of its data
|
|
|
|
* structure that is not up/ready/initialized, e.g., the IFF_UP is
|
|
|
|
* not set, or driver specific tun->tfiles[txq] is not initialized
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_DEV_READY,
|
2022-03-04 17:55:05 +03:00
|
|
|
SKB_DROP_REASON_FULL_RING, /* ring buffer is full */
|
2022-03-04 17:55:07 +03:00
|
|
|
SKB_DROP_REASON_NOMEM, /* error due to OOM */
|
|
|
|
SKB_DROP_REASON_HDR_TRUNC, /* failed to trunc/extract the header
|
|
|
|
* from networking data, e.g., failed
|
|
|
|
* to pull the protocol header from
|
|
|
|
* frags via pskb_may_pull()
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TAP_FILTER, /* dropped by (ebpf) filter directly
|
|
|
|
* attached to tun/tap, e.g., via
|
|
|
|
* TUNSETFILTEREBPF
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_TAP_TXFILTER, /* dropped by tx filter implemented
|
|
|
|
* at tun/tap, e.g., check_filter()
|
|
|
|
*/
|
2022-04-07 09:20:52 +03:00
|
|
|
SKB_DROP_REASON_ICMP_CSUM, /* ICMP checksum error */
|
|
|
|
SKB_DROP_REASON_INVALID_PROTO, /* the packet doesn't follow RFC
|
|
|
|
* 2211, such as a broadcasts
|
|
|
|
* ICMP_TIMESTAMP
|
|
|
|
*/
|
2022-04-13 11:15:53 +03:00
|
|
|
SKB_DROP_REASON_IP_INADDRERRORS, /* host unreachable, corresponding
|
|
|
|
* to IPSTATS_MIB_INADDRERRORS
|
|
|
|
*/
|
|
|
|
SKB_DROP_REASON_IP_INNOROUTES, /* network unreachable, corresponding
|
|
|
|
* to IPSTATS_MIB_INADDRERRORS
|
|
|
|
*/
|
2022-04-13 11:15:55 +03:00
|
|
|
SKB_DROP_REASON_PKT_TOO_BIG, /* packet size is too big (maybe exceed
|
|
|
|
* the MTU)
|
|
|
|
*/
|
2022-01-09 09:36:26 +03:00
|
|
|
SKB_DROP_REASON_MAX,
|
|
|
|
};
|
|
|
|
|
2022-04-13 11:15:52 +03:00
|
|
|
#define SKB_DR_INIT(name, reason) \
|
|
|
|
enum skb_drop_reason name = SKB_DROP_REASON_##reason
|
|
|
|
#define SKB_DR(name) \
|
|
|
|
SKB_DR_INIT(name, NOT_SPECIFIED)
|
|
|
|
#define SKB_DR_SET(name, reason) \
|
|
|
|
(name = SKB_DROP_REASON_##reason)
|
|
|
|
#define SKB_DR_OR(name, reason) \
|
|
|
|
do { \
|
2022-05-13 06:03:38 +03:00
|
|
|
if (name == SKB_DROP_REASON_NOT_SPECIFIED || \
|
|
|
|
name == SKB_NOT_DROPPED_YET) \
|
2022-04-13 11:15:52 +03:00
|
|
|
SKB_DR_SET(name, reason); \
|
|
|
|
} while (0)
|
|
|
|
|
2011-12-23 03:39:14 +04:00
|
|
|
/* To allow 64K frame to be packed as single skb without frag_list we
|
|
|
|
* require 64K/PAGE_SIZE pages plus 1 additional page to allow for
|
|
|
|
* buffers which do not start on a page boundary.
|
|
|
|
*
|
|
|
|
* Since GRO uses frags we allocate at least 16 regardless of page
|
|
|
|
* size.
|
2011-03-27 18:57:26 +04:00
|
|
|
*/
|
2011-12-23 03:39:14 +04:00
|
|
|
#if (65536/PAGE_SIZE + 1) < 16
|
2011-03-30 10:34:08 +04:00
|
|
|
#define MAX_SKB_FRAGS 16UL
|
2011-03-27 18:57:26 +04:00
|
|
|
#else
|
2011-12-23 03:39:14 +04:00
|
|
|
#define MAX_SKB_FRAGS (65536/PAGE_SIZE + 1)
|
2011-03-27 18:57:26 +04:00
|
|
|
#endif
|
2016-02-03 11:26:57 +03:00
|
|
|
extern int sysctl_max_skb_frags;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2016-06-02 21:05:40 +03:00
|
|
|
/* Set skb_shinfo(skb)->gso_size to this in case you want skb_segment to
|
|
|
|
* segment using its current segmentation instead.
|
|
|
|
*/
|
|
|
|
#define GSO_BY_FRAGS 0xFFFF
|
|
|
|
|
2019-07-23 06:08:31 +03:00
|
|
|
typedef struct bio_vec skb_frag_t;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
2019-07-30 17:40:32 +03:00
|
|
|
* skb_frag_size() - Returns the size of a skb fragment
|
2019-03-05 17:35:54 +03:00
|
|
|
* @frag: skb fragment
|
|
|
|
*/
|
2011-10-19 01:00:24 +04:00
|
|
|
static inline unsigned int skb_frag_size(const skb_frag_t *frag)
|
|
|
|
{
|
2019-07-23 06:08:30 +03:00
|
|
|
return frag->bv_len;
|
2011-10-19 01:00:24 +04:00
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
2019-07-30 17:40:32 +03:00
|
|
|
* skb_frag_size_set() - Sets the size of a skb fragment
|
2019-03-05 17:35:54 +03:00
|
|
|
* @frag: skb fragment
|
|
|
|
* @size: size of fragment
|
|
|
|
*/
|
2011-10-19 01:00:24 +04:00
|
|
|
static inline void skb_frag_size_set(skb_frag_t *frag, unsigned int size)
|
|
|
|
{
|
2019-07-23 06:08:30 +03:00
|
|
|
frag->bv_len = size;
|
2011-10-19 01:00:24 +04:00
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
2019-07-30 17:40:32 +03:00
|
|
|
* skb_frag_size_add() - Increments the size of a skb fragment by @delta
|
2019-03-05 17:35:54 +03:00
|
|
|
* @frag: skb fragment
|
|
|
|
* @delta: value to add
|
|
|
|
*/
|
2011-10-19 01:00:24 +04:00
|
|
|
static inline void skb_frag_size_add(skb_frag_t *frag, int delta)
|
|
|
|
{
|
2019-07-23 06:08:30 +03:00
|
|
|
frag->bv_len += delta;
|
2011-10-19 01:00:24 +04:00
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
2019-07-30 17:40:32 +03:00
|
|
|
* skb_frag_size_sub() - Decrements the size of a skb fragment by @delta
|
2019-03-05 17:35:54 +03:00
|
|
|
* @frag: skb fragment
|
|
|
|
* @delta: value to subtract
|
|
|
|
*/
|
2011-10-19 01:00:24 +04:00
|
|
|
static inline void skb_frag_size_sub(skb_frag_t *frag, int delta)
|
|
|
|
{
|
2019-07-23 06:08:30 +03:00
|
|
|
frag->bv_len -= delta;
|
2011-10-19 01:00:24 +04:00
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* skb_frag_must_loop - Test if %p is a high memory page
|
|
|
|
* @p: fragment's page
|
|
|
|
*/
|
2017-07-31 15:15:47 +03:00
|
|
|
static inline bool skb_frag_must_loop(struct page *p)
|
|
|
|
{
|
|
|
|
#if defined(CONFIG_HIGHMEM)
|
2021-01-10 01:18:32 +03:00
|
|
|
if (IS_ENABLED(CONFIG_DEBUG_KMAP_LOCAL_FORCE_MAP) || PageHighMem(p))
|
2017-07-31 15:15:47 +03:00
|
|
|
return true;
|
|
|
|
#endif
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_foreach_page - loop over pages in a fragment
|
|
|
|
*
|
|
|
|
* @f: skb frag to operate on
|
2019-07-23 06:08:29 +03:00
|
|
|
* @f_off: offset from start of f->bv_page
|
2017-07-31 15:15:47 +03:00
|
|
|
* @f_len: length from f_off to loop over
|
|
|
|
* @p: (temp var) current page
|
|
|
|
* @p_off: (temp var) offset from start of current page,
|
|
|
|
* non-zero only on first page.
|
|
|
|
* @p_len: (temp var) length in current page,
|
|
|
|
* < PAGE_SIZE only on first and last page.
|
|
|
|
* @copied: (temp var) length so far, excluding current p_len.
|
|
|
|
*
|
|
|
|
* A fragment can hold a compound page, in which case per-page
|
|
|
|
* operations, notably kmap_atomic, must be called for each
|
|
|
|
* regular page.
|
|
|
|
*/
|
|
|
|
#define skb_frag_foreach_page(f, f_off, f_len, p, p_off, p_len, copied) \
|
|
|
|
for (p = skb_frag_page(f) + ((f_off) >> PAGE_SHIFT), \
|
|
|
|
p_off = (f_off) & (PAGE_SIZE - 1), \
|
|
|
|
p_len = skb_frag_must_loop(p) ? \
|
|
|
|
min_t(u32, f_len, PAGE_SIZE - p_off) : f_len, \
|
|
|
|
copied = 0; \
|
|
|
|
copied < f_len; \
|
|
|
|
copied += p_len, p++, p_off = 0, \
|
|
|
|
p_len = min_t(u32, f_len - copied, PAGE_SIZE)) \
|
|
|
|
|
2009-02-12 08:03:37 +03:00
|
|
|
#define HAVE_HW_TIME_STAMP
|
|
|
|
|
|
|
|
/**
|
2009-03-02 14:15:58 +03:00
|
|
|
* struct skb_shared_hwtstamps - hardware time stamps
|
2022-05-06 23:01:40 +03:00
|
|
|
* @hwtstamp: hardware time stamp transformed into duration
|
|
|
|
* since arbitrary point in time
|
|
|
|
* @netdev_data: address/cookie of network device driver used as
|
|
|
|
* reference to actual hardware time stamp
|
2009-02-12 08:03:37 +03:00
|
|
|
*
|
|
|
|
* Software time stamps generated by ktime_get_real() are stored in
|
2014-07-26 02:01:32 +04:00
|
|
|
* skb->tstamp.
|
2009-02-12 08:03:37 +03:00
|
|
|
*
|
|
|
|
* hwtstamps can only be compared against other hwtstamps from
|
|
|
|
* the same device.
|
|
|
|
*
|
|
|
|
* This structure is attached to packets as part of the
|
|
|
|
* &skb_shared_info. Use skb_hwtstamps() to get a pointer.
|
|
|
|
*/
|
|
|
|
struct skb_shared_hwtstamps {
|
2022-05-06 23:01:40 +03:00
|
|
|
union {
|
|
|
|
ktime_t hwtstamp;
|
|
|
|
void *netdev_data;
|
|
|
|
};
|
2009-02-12 08:03:37 +03:00
|
|
|
};
|
|
|
|
|
2010-08-17 12:59:14 +04:00
|
|
|
/* Definitions for tx_flags in struct skb_shared_info */
|
|
|
|
enum {
|
|
|
|
/* generate hardware time stamp */
|
|
|
|
SKBTX_HW_TSTAMP = 1 << 0,
|
|
|
|
|
2014-08-05 06:11:48 +04:00
|
|
|
/* generate software time stamp when queueing packet to NIC */
|
2010-08-17 12:59:14 +04:00
|
|
|
SKBTX_SW_TSTAMP = 1 << 1,
|
|
|
|
|
|
|
|
/* device driver is going to provide hardware time stamp */
|
|
|
|
SKBTX_IN_PROGRESS = 1 << 2,
|
|
|
|
|
2022-05-06 23:01:38 +03:00
|
|
|
/* generate hardware time stamp based on cycles if supported */
|
|
|
|
SKBTX_HW_TSTAMP_USE_CYCLES = 1 << 3,
|
|
|
|
|
2011-11-09 13:15:42 +04:00
|
|
|
/* generate wifi status information (where possible) */
|
2012-06-14 10:42:44 +04:00
|
|
|
SKBTX_WIFI_STATUS = 1 << 4,
|
2013-02-11 13:27:41 +04:00
|
|
|
|
2022-05-06 23:01:40 +03:00
|
|
|
/* determine hardware time stamp based on time or cycles */
|
|
|
|
SKBTX_HW_TSTAMP_NETDEV = 1 << 5,
|
|
|
|
|
2014-08-05 06:11:48 +04:00
|
|
|
/* generate software time stamp when entering packet scheduling */
|
|
|
|
SKBTX_SCHED_TSTAMP = 1 << 6,
|
2011-07-06 16:22:12 +04:00
|
|
|
};
|
|
|
|
|
2014-08-05 06:11:50 +04:00
|
|
|
#define SKBTX_ANY_SW_TSTAMP (SKBTX_SW_TSTAMP | \
|
2016-04-28 06:39:01 +03:00
|
|
|
SKBTX_SCHED_TSTAMP)
|
2022-05-06 23:01:38 +03:00
|
|
|
#define SKBTX_ANY_TSTAMP (SKBTX_HW_TSTAMP | \
|
|
|
|
SKBTX_HW_TSTAMP_USE_CYCLES | \
|
|
|
|
SKBTX_ANY_SW_TSTAMP)
|
2014-08-05 06:11:45 +04:00
|
|
|
|
2021-01-07 01:18:38 +03:00
|
|
|
/* Definitions for flags in struct skb_shared_info */
|
|
|
|
enum {
|
|
|
|
/* use zcopy routines */
|
|
|
|
SKBFL_ZEROCOPY_ENABLE = BIT(0),
|
|
|
|
|
|
|
|
/* This indicates at least one fragment might be overwritten
|
|
|
|
* (as in vmsplice(), sendfile() ...)
|
|
|
|
* If we need to compute a TX checksum, we'll need to copy
|
|
|
|
* all frags to avoid possible bad checksum
|
|
|
|
*/
|
|
|
|
SKBFL_SHARED_FRAG = BIT(1),
|
2021-11-03 05:58:44 +03:00
|
|
|
|
|
|
|
/* segment contains only zerocopy data and should not be
|
|
|
|
* charged to the kernel memory.
|
|
|
|
*/
|
|
|
|
SKBFL_PURE_ZEROCOPY = BIT(2),
|
2022-07-12 23:52:28 +03:00
|
|
|
|
|
|
|
SKBFL_DONT_ORPHAN = BIT(3),
|
2021-01-07 01:18:38 +03:00
|
|
|
};
|
|
|
|
|
|
|
|
#define SKBFL_ZEROCOPY_FRAG (SKBFL_ZEROCOPY_ENABLE | SKBFL_SHARED_FRAG)
|
2022-07-12 23:52:28 +03:00
|
|
|
#define SKBFL_ALL_ZEROCOPY (SKBFL_ZEROCOPY_FRAG | SKBFL_PURE_ZEROCOPY | \
|
|
|
|
SKBFL_DONT_ORPHAN)
|
2021-01-07 01:18:38 +03:00
|
|
|
|
2011-07-06 16:22:12 +04:00
|
|
|
/*
|
|
|
|
* The callback notifies userspace to release buffers when skb DMA is done in
|
|
|
|
* lower device, the skb last reference should be 0 when calling this.
|
2012-11-01 13:16:22 +04:00
|
|
|
* The zerocopy_success argument is true if zero copy transmit occurred,
|
|
|
|
* false on data copy or out of memory error caused by data copy attempt.
|
2012-04-09 04:24:02 +04:00
|
|
|
* The ctx field is used to track device context.
|
|
|
|
* The desc field is used to track userspace buffer index.
|
2011-07-06 16:22:12 +04:00
|
|
|
*/
|
|
|
|
struct ubuf_info {
|
2021-01-07 01:18:34 +03:00
|
|
|
void (*callback)(struct sk_buff *, struct ubuf_info *,
|
|
|
|
bool zerocopy_success);
|
2017-08-03 23:29:42 +03:00
|
|
|
union {
|
|
|
|
struct {
|
|
|
|
unsigned long desc;
|
|
|
|
void *ctx;
|
|
|
|
};
|
|
|
|
struct {
|
|
|
|
u32 id;
|
|
|
|
u16 len;
|
|
|
|
u16 zerocopy:1;
|
|
|
|
u32 bytelen;
|
|
|
|
};
|
|
|
|
};
|
2017-09-01 02:48:22 +03:00
|
|
|
refcount_t refcnt;
|
2021-01-07 01:18:39 +03:00
|
|
|
u8 flags;
|
2017-08-03 23:29:43 +03:00
|
|
|
|
|
|
|
struct mmpin {
|
|
|
|
struct user_struct *user;
|
|
|
|
unsigned int num_pg;
|
|
|
|
} mmp;
|
2009-02-12 08:03:37 +03:00
|
|
|
};
|
|
|
|
|
2017-08-03 23:29:39 +03:00
|
|
|
#define skb_uarg(SKB) ((struct ubuf_info *)(skb_shinfo(SKB)->destructor_arg))
|
|
|
|
|
2018-02-15 21:49:32 +03:00
|
|
|
int mm_account_pinned_pages(struct mmpin *mmp, size_t size);
|
|
|
|
void mm_unaccount_pinned_pages(struct mmpin *mmp);
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/* This data is invariant across clones and lives at
|
|
|
|
* the end of the header data, ie. at skb->end.
|
|
|
|
*/
|
|
|
|
struct skb_shared_info {
|
2021-01-07 01:18:38 +03:00
|
|
|
__u8 flags;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
__u8 meta_len;
|
|
|
|
__u8 nr_frags;
|
2012-01-05 11:13:39 +04:00
|
|
|
__u8 tx_flags;
|
2006-06-22 13:40:14 +04:00
|
|
|
unsigned short gso_size;
|
|
|
|
/* Warning: this field is not always filled in (UFO)! */
|
|
|
|
unsigned short gso_segs;
|
2005-04-17 02:20:36 +04:00
|
|
|
struct sk_buff *frag_list;
|
2009-02-12 08:03:37 +03:00
|
|
|
struct skb_shared_hwtstamps hwtstamps;
|
skbuff: Extend gso_type to unsigned int.
All available gso_type flags are currently in use, so
extend gso_type from 'unsigned short' to 'unsigned int'
to be able to add further flags.
We reorder the struct skb_shared_info to use
two bytes of the four byte hole before dataref.
All fields before dataref are cleared, i.e.
four bytes more than before the change.
The remaining two byte hole is moved to the
beginning of the structure, this protects us
from immediate overwites on out of bound writes
to the sk_buff head.
Structure layout on x86-64 before the change:
struct skb_shared_info {
unsigned char nr_frags; /* 0 1 */
__u8 tx_flags; /* 1 1 */
short unsigned int gso_size; /* 2 2 */
short unsigned int gso_segs; /* 4 2 */
short unsigned int gso_type; /* 6 2 */
struct sk_buff * frag_list; /* 8 8 */
struct skb_shared_hwtstamps hwtstamps; /* 16 8 */
u32 tskey; /* 24 4 */
__be32 ip6_frag_id; /* 28 4 */
atomic_t dataref; /* 32 4 */
/* XXX 4 bytes hole, try to pack */
void * destructor_arg; /* 40 8 */
skb_frag_t frags[17]; /* 48 272 */
/* --- cacheline 5 boundary (320 bytes) --- */
/* size: 320, cachelines: 5, members: 12 */
/* sum members: 316, holes: 1, sum holes: 4 */
};
Structure layout on x86-64 after the change:
struct skb_shared_info {
short unsigned int _unused; /* 0 2 */
unsigned char nr_frags; /* 2 1 */
__u8 tx_flags; /* 3 1 */
short unsigned int gso_size; /* 4 2 */
short unsigned int gso_segs; /* 6 2 */
struct sk_buff * frag_list; /* 8 8 */
struct skb_shared_hwtstamps hwtstamps; /* 16 8 */
unsigned int gso_type; /* 24 4 */
u32 tskey; /* 28 4 */
__be32 ip6_frag_id; /* 32 4 */
atomic_t dataref; /* 36 4 */
void * destructor_arg; /* 40 8 */
skb_frag_t frags[17]; /* 48 272 */
/* --- cacheline 5 boundary (320 bytes) --- */
/* size: 320, cachelines: 5, members: 13 */
};
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-04-08 21:36:24 +03:00
|
|
|
unsigned int gso_type;
|
2014-08-05 06:11:47 +04:00
|
|
|
u32 tskey;
|
2010-05-05 12:07:37 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Warning : all fields before dataref are cleared in __alloc_skb()
|
|
|
|
*/
|
|
|
|
atomic_t dataref;
|
2022-01-21 13:09:44 +03:00
|
|
|
unsigned int xdp_frags_size;
|
2010-05-05 12:07:37 +04:00
|
|
|
|
2009-05-19 09:11:22 +04:00
|
|
|
/* Intermediate layers must ensure that destructor_arg
|
|
|
|
* remains valid until skb destructor */
|
|
|
|
void * destructor_arg;
|
2011-07-06 16:22:12 +04:00
|
|
|
|
2010-07-22 23:09:08 +04:00
|
|
|
/* must be last field, see pskb_expand_head() */
|
|
|
|
skb_frag_t frags[MAX_SKB_FRAGS];
|
2005-04-17 02:20:36 +04:00
|
|
|
};
|
|
|
|
|
2022-05-09 19:04:55 +03:00
|
|
|
/**
|
|
|
|
* DOC: dataref and headerless skbs
|
|
|
|
*
|
|
|
|
* Transport layers send out clones of payload skbs they hold for
|
|
|
|
* retransmissions. To allow lower layers of the stack to prepend their headers
|
|
|
|
* we split &skb_shared_info.dataref into two halves.
|
|
|
|
* The lower 16 bits count the overall number of references.
|
|
|
|
* The higher 16 bits indicate how many of the references are payload-only.
|
|
|
|
* skb_header_cloned() checks if skb is allowed to add / write the headers.
|
|
|
|
*
|
|
|
|
* The creator of the skb (e.g. TCP) marks its skb as &sk_buff.nohdr
|
|
|
|
* (via __skb_header_release()). Any clone created from marked skb will get
|
|
|
|
* &sk_buff.hdr_len populated with the available headroom.
|
|
|
|
* If there's the only clone in existence it's able to modify the headroom
|
|
|
|
* at will. The sequence of calls inside the transport layer is::
|
|
|
|
*
|
|
|
|
* <alloc skb>
|
|
|
|
* skb_reserve()
|
|
|
|
* __skb_header_release()
|
|
|
|
* skb_clone()
|
|
|
|
* // send the clone down the stack
|
|
|
|
*
|
|
|
|
* This is not a very generic construct and it depends on the transport layers
|
|
|
|
* doing the right thing. In practice there's usually only one payload-only skb.
|
|
|
|
* Having multiple payload-only skbs with different lengths of hdr_len is not
|
|
|
|
* possible. The payload-only skbs should never leave their owner.
|
2005-04-17 02:20:36 +04:00
|
|
|
*/
|
|
|
|
#define SKB_DATAREF_SHIFT 16
|
|
|
|
#define SKB_DATAREF_MASK ((1 << SKB_DATAREF_SHIFT) - 1)
|
|
|
|
|
2005-08-18 01:57:30 +04:00
|
|
|
|
|
|
|
enum {
|
2014-10-02 21:00:43 +04:00
|
|
|
SKB_FCLONE_UNAVAILABLE, /* skb has no fclone (from head_cache) */
|
|
|
|
SKB_FCLONE_ORIG, /* orig skb (from fclone_cache) */
|
|
|
|
SKB_FCLONE_CLONE, /* companion fclone skb (from fclone_cache) */
|
2005-08-18 01:57:30 +04:00
|
|
|
};
|
|
|
|
|
2006-06-22 13:40:14 +04:00
|
|
|
enum {
|
|
|
|
SKB_GSO_TCPV4 = 1 << 0,
|
2006-06-28 00:22:38 +04:00
|
|
|
|
|
|
|
/* This indicates the skb is from an untrusted source. */
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_DODGY = 1 << 1,
|
2006-06-29 23:30:00 +04:00
|
|
|
|
|
|
|
/* This indicates the tcp segment has CWR set. */
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_TCP_ECN = 1 << 2,
|
2006-07-01 00:37:03 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_TCP_FIXEDID = 1 << 3,
|
2009-02-28 01:06:49 +03:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_TCPV6 = 1 << 4,
|
2013-02-14 18:02:41 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_FCOE = 1 << 5,
|
2013-03-07 17:21:51 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_GRE = 1 << 6,
|
2013-05-24 01:02:52 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_GRE_CSUM = 1 << 7,
|
2013-10-19 22:42:57 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_IPXIP4 = 1 << 8,
|
2013-10-21 07:47:30 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_IPXIP6 = 1 << 9,
|
2014-06-05 04:20:16 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_UDP_TUNNEL = 1 << 10,
|
2014-06-05 04:20:23 +04:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_UDP_TUNNEL_CSUM = 1 << 11,
|
2016-04-11 04:44:51 +03:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_PARTIAL = 1 << 12,
|
2016-04-11 04:45:03 +03:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_TUNNEL_REMCSUM = 1 << 13,
|
2016-06-02 21:05:43 +03:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_SCTP = 1 << 14,
|
2017-04-14 11:05:36 +03:00
|
|
|
|
2017-07-03 17:31:57 +03:00
|
|
|
SKB_GSO_ESP = 1 << 15,
|
net: accept UFO datagrams from tuntap and packet
Tuntap and similar devices can inject GSO packets. Accept type
VIRTIO_NET_HDR_GSO_UDP, even though not generating UFO natively.
Processes are expected to use feature negotiation such as TUNSETOFFLOAD
to detect supported offload types and refrain from injecting other
packets. This process breaks down with live migration: guest kernels
do not renegotiate flags, so destination hosts need to expose all
features that the source host does.
Partially revert the UFO removal from 182e0b6b5846~1..d9d30adf5677.
This patch introduces nearly(*) no new code to simplify verification.
It brings back verbatim tuntap UFO negotiation, VIRTIO_NET_HDR_GSO_UDP
insertion and software UFO segmentation.
It does not reinstate protocol stack support, hardware offload
(NETIF_F_UFO), SKB_GSO_UDP tunneling in SKB_GSO_SOFTWARE or reception
of VIRTIO_NET_HDR_GSO_UDP packets in tuntap.
To support SKB_GSO_UDP reappearing in the stack, also reinstate
logic in act_csum and openvswitch. Achieve equivalence with v4.13 HEAD
by squashing in commit 939912216fa8 ("net: skb_needs_check() removes
CHECKSUM_UNNECESSARY check for tx.") and reverting commit 8d63bee643f1
("net: avoid skb_warn_bad_offload false positives on UFO").
(*) To avoid having to bring back skb_shinfo(skb)->ip6_frag_id,
ipv6_proxy_select_ident is changed to return a __be32 and this is
assigned directly to the frag_hdr. Also, SKB_GSO_UDP is inserted
at the end of the enum to minimize code churn.
Tested
Booted a v4.13 guest kernel with QEMU. On a host kernel before this
patch `ethtool -k eth0` shows UFO disabled. After the patch, it is
enabled, same as on a v4.13 host kernel.
A UFO packet sent from the guest appears on the tap device:
host:
nc -l -p -u 8000 &
tcpdump -n -i tap0
guest:
dd if=/dev/zero of=payload.txt bs=1 count=2000
nc -u 192.16.1.1 8000 < payload.txt
Direct tap to tap transmission of VIRTIO_NET_HDR_GSO_UDP succeeds,
packets arriving fragmented:
./with_tap_pair.sh ./tap_send_ufo tap0 tap1
(from https://github.com/wdebruij/kerneltools/tree/master/tests)
Changes
v1 -> v2
- simplified set_offload change (review comment)
- documented test procedure
Link: http://lkml.kernel.org/r/<CAF=yD-LuUeDuL9YWPJD9ykOZ0QCjNeznPDr6whqZ9NGMNF12Mw@mail.gmail.com>
Fixes: fb652fdfe837 ("macvlan/macvtap: Remove NETIF_F_UFO advertisement.")
Reported-by: Michal Kubecek <mkubecek@suse.cz>
Signed-off-by: Willem de Bruijn <willemb@google.com>
Acked-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-11-21 18:22:25 +03:00
|
|
|
|
|
|
|
SKB_GSO_UDP = 1 << 16,
|
2018-04-26 20:42:16 +03:00
|
|
|
|
|
|
|
SKB_GSO_UDP_L4 = 1 << 17,
|
2020-01-25 13:26:42 +03:00
|
|
|
|
|
|
|
SKB_GSO_FRAGLIST = 1 << 18,
|
2006-06-22 13:40:14 +04:00
|
|
|
};
|
|
|
|
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
#if BITS_PER_LONG > 32
|
|
|
|
#define NET_SKBUFF_DATA_USES_OFFSET 1
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#ifdef NET_SKBUFF_DATA_USES_OFFSET
|
|
|
|
typedef unsigned int sk_buff_data_t;
|
|
|
|
#else
|
|
|
|
typedef unsigned char *sk_buff_data_t;
|
|
|
|
#endif
|
|
|
|
|
2022-05-09 19:04:54 +03:00
|
|
|
/**
|
|
|
|
* DOC: Basic sk_buff geometry
|
|
|
|
*
|
|
|
|
* struct sk_buff itself is a metadata structure and does not hold any packet
|
|
|
|
* data. All the data is held in associated buffers.
|
|
|
|
*
|
|
|
|
* &sk_buff.head points to the main "head" buffer. The head buffer is divided
|
|
|
|
* into two parts:
|
|
|
|
*
|
|
|
|
* - data buffer, containing headers and sometimes payload;
|
|
|
|
* this is the part of the skb operated on by the common helpers
|
|
|
|
* such as skb_put() or skb_pull();
|
|
|
|
* - shared info (struct skb_shared_info) which holds an array of pointers
|
|
|
|
* to read-only data in the (page, offset, length) format.
|
|
|
|
*
|
|
|
|
* Optionally &skb_shared_info.frag_list may point to another skb.
|
|
|
|
*
|
|
|
|
* Basic diagram may look like this::
|
|
|
|
*
|
|
|
|
* ---------------
|
|
|
|
* | sk_buff |
|
|
|
|
* ---------------
|
|
|
|
* ,--------------------------- + head
|
|
|
|
* / ,----------------- + data
|
|
|
|
* / / ,----------- + tail
|
|
|
|
* | | | , + end
|
|
|
|
* | | | |
|
|
|
|
* v v v v
|
|
|
|
* -----------------------------------------------
|
|
|
|
* | headroom | data | tailroom | skb_shared_info |
|
|
|
|
* -----------------------------------------------
|
|
|
|
* + [page frag]
|
|
|
|
* + [page frag]
|
|
|
|
* + [page frag]
|
|
|
|
* + [page frag] ---------
|
|
|
|
* + frag_list --> | sk_buff |
|
|
|
|
* ---------
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
2005-04-17 02:20:36 +04:00
|
|
|
* struct sk_buff - socket buffer
|
|
|
|
* @next: Next buffer in list
|
|
|
|
* @prev: Previous buffer in list
|
2014-02-27 02:02:11 +04:00
|
|
|
* @tstamp: Time we arrived/left
|
2020-02-16 02:34:07 +03:00
|
|
|
* @skb_mstamp_ns: (aka @tstamp) earliest departure time; start point
|
|
|
|
* for retransmit timer
|
2014-11-03 19:19:53 +03:00
|
|
|
* @rbnode: RB tree node, alternative to next/prev for netem/tcp
|
2020-02-16 02:34:07 +03:00
|
|
|
* @list: queue head
|
2021-11-18 04:57:29 +03:00
|
|
|
* @ll_node: anchor in an llist (eg socket defer_list)
|
2011-07-10 18:04:04 +04:00
|
|
|
* @sk: Socket we are owned by
|
2020-02-16 02:34:07 +03:00
|
|
|
* @ip_defrag_offset: (aka @sk) alternate use of @sk, used in
|
|
|
|
* fragmentation management
|
2005-04-17 02:20:36 +04:00
|
|
|
* @dev: Device we arrived on/are leaving by
|
2020-02-16 02:34:07 +03:00
|
|
|
* @dev_scratch: (aka @dev) alternate use of @dev when @dev would be %NULL
|
2011-07-10 18:04:04 +04:00
|
|
|
* @cb: Control buffer. Free for use by every layer. Put private vars here
|
2010-05-12 03:19:48 +04:00
|
|
|
* @_skb_refdst: destination entry (with norefcount bit)
|
2005-05-01 19:59:26 +04:00
|
|
|
* @sp: the security path, used for xfrm
|
2005-04-17 02:20:36 +04:00
|
|
|
* @len: Length of actual data
|
|
|
|
* @data_len: Data length
|
|
|
|
* @mac_len: Length of link layer header
|
[SKBUFF]: Keep track of writable header len of headerless clones
Currently NAT (and others) that want to modify cloned skbs copy them,
even if in the vast majority of cases its not necessary because the
skb is a clone made by TCP and the portion NAT wants to modify is
actually writable because TCP release the header reference before
cloning.
The problem is that there is no clean way for NAT to find out how
long the writable header area is, so this patch introduces skb->hdr_len
to hold this length. When a headerless skb is cloned skb->hdr_len
is set to the current headroom, for regular clones it is copied from
the original. A new function skb_clone_writable(skb, len) returns
whether the skb is writable up to len bytes from skb->data. To avoid
enlarging the skb the mac_len field is reduced to 16 bit and the
new hdr_len field is put in the remaining 16 bit.
I've done a few rough benchmarks of NAT (not with this exact patch,
but a very similar one). As expected it saves huge amounts of system
time in case of sendfile, bringing it down to basically the same
amount as without NAT, with sendmsg it only helps on loopback,
probably because of the large MTU.
Transmit a 1GB file using sendfile/sendmsg over eth0/lo with and
without NAT:
- sendfile eth0, no NAT: sys 0m0.388s
- sendfile eth0, NAT: sys 0m1.835s
- sendfile eth0: NAT + path: sys 0m0.370s (~ -80%)
- sendfile lo, no NAT: sys 0m0.258s
- sendfile lo, NAT: sys 0m2.609s
- sendfile lo, NAT + patch: sys 0m0.260s (~ -90%)
- sendmsg eth0, no NAT: sys 0m2.508s
- sendmsg eth0, NAT: sys 0m2.539s
- sendmsg eth0, NAT + patch: sys 0m2.445s (no change)
- sendmsg lo, no NAT: sys 0m2.151s
- sendmsg lo, NAT: sys 0m3.557s
- sendmsg lo, NAT + patch: sys 0m2.159s (~ -40%)
I expect other users can see a similar performance improvement,
packet mangling iptables targets, ipip and ip_gre come to mind ..
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-25 15:35:20 +04:00
|
|
|
* @hdr_len: writable header length of cloned skb
|
2007-04-09 22:59:07 +04:00
|
|
|
* @csum: Checksum (must include start/offset pair)
|
|
|
|
* @csum_start: Offset from skb->head where checksumming should start
|
|
|
|
* @csum_offset: Offset from csum_start where checksum should be stored
|
2011-07-10 18:04:04 +04:00
|
|
|
* @priority: Packet queueing priority
|
2014-05-05 03:39:18 +04:00
|
|
|
* @ignore_df: allow local fragmentation
|
2005-04-17 02:20:36 +04:00
|
|
|
* @cloned: Head may be cloned (check refcnt to be sure)
|
2011-07-10 18:04:04 +04:00
|
|
|
* @ip_summed: Driver fed us an IP checksum
|
2005-04-17 02:20:36 +04:00
|
|
|
* @nohdr: Payload reference only, must not modify header
|
|
|
|
* @pkt_type: Packet class
|
2005-10-19 09:07:41 +04:00
|
|
|
* @fclone: skbuff clone status
|
|
|
|
* @ipvs_property: skbuff is owned by ipvs
|
2020-02-16 02:34:07 +03:00
|
|
|
* @inner_protocol_type: whether the inner protocol is
|
|
|
|
* ENCAP_TYPE_ETHER or ENCAP_TYPE_IPPROTO
|
|
|
|
* @remcsum_offload: remote checksum offload is enabled
|
2018-12-04 11:15:10 +03:00
|
|
|
* @offload_fwd_mark: Packet was L2-forwarded in hardware
|
|
|
|
* @offload_l3_fwd_mark: Packet was L3-forwarded in hardware
|
2017-01-08 01:06:35 +03:00
|
|
|
* @tc_skip_classify: do not classify packet. set by IFB device
|
2017-01-08 01:06:37 +03:00
|
|
|
* @tc_at_ingress: used within tc_classify to distinguish in/egress
|
2020-03-25 15:47:18 +03:00
|
|
|
* @redirected: packet was redirected by packet classifier
|
|
|
|
* @from_ingress: packet was redirected from the ingress path
|
netfilter: Introduce egress hook
Support classifying packets with netfilter on egress to satisfy user
requirements such as:
* outbound security policies for containers (Laura)
* filtering and mangling intra-node Direct Server Return (DSR) traffic
on a load balancer (Laura)
* filtering locally generated traffic coming in through AF_PACKET,
such as local ARP traffic generated for clustering purposes or DHCP
(Laura; the AF_PACKET plumbing is contained in a follow-up commit)
* L2 filtering from ingress and egress for AVB (Audio Video Bridging)
and gPTP with nftables (Pablo)
* in the future: in-kernel NAT64/NAT46 (Pablo)
The egress hook introduced herein complements the ingress hook added by
commit e687ad60af09 ("netfilter: add netfilter ingress hook after
handle_ing() under unique static key"). A patch for nftables to hook up
egress rules from user space has been submitted separately, so users may
immediately take advantage of the feature.
Alternatively or in addition to netfilter, packets can be classified
with traffic control (tc). On ingress, packets are classified first by
tc, then by netfilter. On egress, the order is reversed for symmetry.
Conceptually, tc and netfilter can be thought of as layers, with
netfilter layered above tc.
Traffic control is capable of redirecting packets to another interface
(man 8 tc-mirred). E.g., an ingress packet may be redirected from the
host namespace to a container via a veth connection:
tc ingress (host) -> tc egress (veth host) -> tc ingress (veth container)
In this case, netfilter egress classifying is not performed when leaving
the host namespace! That's because the packet is still on the tc layer.
If tc redirects the packet to a physical interface in the host namespace
such that it leaves the system, the packet is never subjected to
netfilter egress classifying. That is only logical since it hasn't
passed through netfilter ingress classifying either.
Packets can alternatively be redirected at the netfilter layer using
nft fwd. Such a packet *is* subjected to netfilter egress classifying
since it has reached the netfilter layer.
Internally, the skb->nf_skip_egress flag controls whether netfilter is
invoked on egress by __dev_queue_xmit(). Because __dev_queue_xmit() may
be called recursively by tunnel drivers such as vxlan, the flag is
reverted to false after sch_handle_egress(). This ensures that
netfilter is applied both on the overlay and underlying network.
Interaction between tc and netfilter is possible by setting and querying
skb->mark.
If netfilter egress classifying is not enabled on any interface, it is
patched out of the data path by way of a static_key and doesn't make a
performance difference that is discernible from noise:
Before: 1537 1538 1538 1537 1538 1537 Mb/sec
After: 1536 1534 1539 1539 1539 1540 Mb/sec
Before + tc accept: 1418 1418 1418 1419 1419 1418 Mb/sec
After + tc accept: 1419 1424 1418 1419 1422 1420 Mb/sec
Before + tc drop: 1620 1619 1619 1619 1620 1620 Mb/sec
After + tc drop: 1616 1624 1625 1624 1622 1619 Mb/sec
When netfilter egress classifying is enabled on at least one interface,
a minimal performance penalty is incurred for every egress packet, even
if the interface it's transmitted over doesn't have any netfilter egress
rules configured. That is caused by checking dev->nf_hooks_egress
against NULL.
Measurements were performed on a Core i7-3615QM. Commands to reproduce:
ip link add dev foo type dummy
ip link set dev foo up
modprobe pktgen
echo "add_device foo" > /proc/net/pktgen/kpktgend_3
samples/pktgen/pktgen_bench_xmit_mode_queue_xmit.sh -i foo -n 400000000 -m "11:11:11:11:11:11" -d 1.1.1.1
Accept all traffic with tc:
tc qdisc add dev foo clsact
tc filter add dev foo egress bpf da bytecode '1,6 0 0 0,'
Drop all traffic with tc:
tc qdisc add dev foo clsact
tc filter add dev foo egress bpf da bytecode '1,6 0 0 2,'
Apply this patch when measuring packet drops to avoid errors in dmesg:
https://lore.kernel.org/netdev/a73dda33-57f4-95d8-ea51-ed483abd6a7a@iogearbox.net/
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Cc: Laura García Liébana <nevola@gmail.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-10-08 23:06:03 +03:00
|
|
|
* @nf_skip_egress: packet shall skip nf egress - see netfilter_netdev.h
|
2008-02-19 07:52:13 +03:00
|
|
|
* @peeked: this packet has been seen already, so stats have been
|
|
|
|
* done for it, don't do them again
|
2007-07-08 09:21:23 +04:00
|
|
|
* @nf_trace: netfilter packet trace flag
|
2011-07-10 18:04:04 +04:00
|
|
|
* @protocol: Packet protocol from driver
|
|
|
|
* @destructor: Destruct function
|
2017-10-04 22:59:58 +03:00
|
|
|
* @tcp_tsorted_anchor: list structure for TCP (tp->tsorted_sent_queue)
|
2021-03-01 21:48:05 +03:00
|
|
|
* @_sk_redir: socket redirection information for skmsg
|
2017-01-23 20:21:59 +03:00
|
|
|
* @_nfct: Associated connection, if any (with nfctinfo bits)
|
2005-04-17 02:20:36 +04:00
|
|
|
* @nf_bridge: Saved data about a bridged frame - see br_netfilter.c
|
2009-11-21 02:35:04 +03:00
|
|
|
* @skb_iif: ifindex of device we arrived on
|
2005-04-17 02:20:36 +04:00
|
|
|
* @tc_index: Traffic control index
|
2014-03-25 02:34:47 +04:00
|
|
|
* @hash: the packet hash
|
2011-07-10 18:04:04 +04:00
|
|
|
* @queue_mapping: Queue mapping for multiqueue devices
|
2020-02-16 02:34:07 +03:00
|
|
|
* @head_frag: skb was allocated from page fragments,
|
|
|
|
* not allocated by kmalloc() or vmalloc().
|
net: Don't copy pfmemalloc flag in __copy_skb_header()
The pfmemalloc flag indicates that the skb was allocated from
the PFMEMALLOC reserves, and the flag is currently copied on skb
copy and clone.
However, an skb copied from an skb flagged with pfmemalloc
wasn't necessarily allocated from PFMEMALLOC reserves, and on
the other hand an skb allocated that way might be copied from an
skb that wasn't.
So we should not copy the flag on skb copy, and rather decide
whether to allow an skb to be associated with sockets unrelated
to page reclaim depending only on how it was allocated.
Move the pfmemalloc flag before headers_start[0] using an
existing 1-bit hole, so that __copy_skb_header() doesn't copy
it.
When cloning, we'll now take care of this flag explicitly,
contravening to the warning comment of __skb_clone().
While at it, restore the newline usage introduced by commit
b19372273164 ("net: reorganize sk_buff for faster
__copy_skb_header()") to visually separate bytes used in
bitfields after headers_start[0], that was gone after commit
a9e419dc7be6 ("netfilter: merge ctinfo into nfct pointer storage
area"), and describe the pfmemalloc flag in the kernel-doc
structure comment.
This doesn't change the size of sk_buff or cacheline boundaries,
but consolidates the 15 bits hole before tc_index into a 2 bytes
hole before csum, that could now be filled more easily.
Reported-by: Patrick Talbert <ptalbert@redhat.com>
Fixes: c93bdd0e03e8 ("netvm: allow skb allocation to use PFMEMALLOC reserves")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-11 15:39:42 +03:00
|
|
|
* @pfmemalloc: skbuff was allocated from PFMEMALLOC reserves
|
2021-06-07 22:02:38 +03:00
|
|
|
* @pp_recycle: mark the packet for recycling instead of freeing (implies
|
|
|
|
* page_pool support on driver)
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
* @active_extensions: active extensions (skb_ext_id types)
|
2008-04-20 21:51:01 +04:00
|
|
|
* @ndisc_nodetype: router type (from link layer)
|
2011-07-10 18:04:04 +04:00
|
|
|
* @ooo_okay: allow the mapping of a socket to a queue to be changed
|
2014-03-25 02:34:47 +04:00
|
|
|
* @l4_hash: indicate hash is a canonical 4-tuple hash over transport
|
2011-08-19 18:26:44 +04:00
|
|
|
* ports.
|
2014-07-02 08:33:17 +04:00
|
|
|
* @sw_hash: indicates hash was computed in software stack
|
2011-11-09 13:15:42 +04:00
|
|
|
* @wifi_acked_valid: wifi_acked was set
|
|
|
|
* @wifi_acked: whether frame was acked on wifi or not
|
2012-02-11 19:39:30 +04:00
|
|
|
* @no_fcs: Request NIC to treat last 4 bytes as Ethernet FCS
|
2020-02-16 02:34:07 +03:00
|
|
|
* @encapsulation: indicates the inner headers in the skbuff are valid
|
|
|
|
* @encap_hdr_csum: software checksum is needed
|
|
|
|
* @csum_valid: checksum is already valid
|
2017-05-18 16:44:40 +03:00
|
|
|
* @csum_not_inet: use CRC32c to resolve CHECKSUM_PARTIAL
|
2020-02-16 02:34:07 +03:00
|
|
|
* @csum_complete_sw: checksum was completed by software
|
|
|
|
* @csum_level: indicates the number of consecutive checksums found in
|
|
|
|
* the packet minus one that have been verified as
|
|
|
|
* CHECKSUM_UNNECESSARY (max 3)
|
2017-02-07 00:14:12 +03:00
|
|
|
* @dst_pending_confirm: need to confirm neighbour
|
2018-07-17 12:52:57 +03:00
|
|
|
* @decrypted: Decrypted SKB
|
2021-07-28 19:23:59 +03:00
|
|
|
* @slow_gro: state present at GRO time, slower prepare step required
|
2022-03-02 22:55:25 +03:00
|
|
|
* @mono_delivery_time: When set, skb->tstamp has the
|
|
|
|
* delivery_time in mono clock base (i.e. EDT). Otherwise, the
|
|
|
|
* skb->tstamp has the (rcv) timestamp at ingress and
|
|
|
|
* delivery_time at egress.
|
2019-03-05 17:35:54 +03:00
|
|
|
* @napi_id: id of the NAPI struct this skb came from
|
2020-02-16 02:34:07 +03:00
|
|
|
* @sender_cpu: (aka @napi_id) source CPU in XPS
|
net: generalize skb freeing deferral to per-cpu lists
Logic added in commit f35f821935d8 ("tcp: defer skb freeing after socket
lock is released") helped bulk TCP flows to move the cost of skbs
frees outside of critical section where socket lock was held.
But for RPC traffic, or hosts with RFS enabled, the solution is far from
being ideal.
For RPC traffic, recvmsg() has to return to user space right after
skb payload has been consumed, meaning that BH handler has no chance
to pick the skb before recvmsg() thread. This issue is more visible
with BIG TCP, as more RPC fit one skb.
For RFS, even if BH handler picks the skbs, they are still picked
from the cpu on which user thread is running.
Ideally, it is better to free the skbs (and associated page frags)
on the cpu that originally allocated them.
This patch removes the per socket anchor (sk->defer_list) and
instead uses a per-cpu list, which will hold more skbs per round.
This new per-cpu list is drained at the end of net_action_rx(),
after incoming packets have been processed, to lower latencies.
In normal conditions, skbs are added to the per-cpu list with
no further action. In the (unlikely) cases where the cpu does not
run net_action_rx() handler fast enough, we use an IPI to raise
NET_RX_SOFTIRQ on the remote cpu.
Also, we do not bother draining the per-cpu list from dev_cpu_dead()
This is because skbs in this list have no requirement on how fast
they should be freed.
Note that we can add in the future a small per-cpu cache
if we see any contention on sd->defer_lock.
Tested on a pair of hosts with 100Gbit NIC, RFS enabled,
and /proc/sys/net/ipv4/tcp_rmem[2] tuned to 16MB to work around
page recycling strategy used by NIC driver (its page pool capacity
being too small compared to number of skbs/pages held in sockets
receive queues)
Note that this tuning was only done to demonstrate worse
conditions for skb freeing for this particular test.
These conditions can happen in more general production workload.
10 runs of one TCP_STREAM flow
Before:
Average throughput: 49685 Mbit.
Kernel profiles on cpu running user thread recvmsg() show high cost for
skb freeing related functions (*)
57.81% [kernel] [k] copy_user_enhanced_fast_string
(*) 12.87% [kernel] [k] skb_release_data
(*) 4.25% [kernel] [k] __free_one_page
(*) 3.57% [kernel] [k] __list_del_entry_valid
1.85% [kernel] [k] __netif_receive_skb_core
1.60% [kernel] [k] __skb_datagram_iter
(*) 1.59% [kernel] [k] free_unref_page_commit
(*) 1.16% [kernel] [k] __slab_free
1.16% [kernel] [k] _copy_to_iter
(*) 1.01% [kernel] [k] kfree
(*) 0.88% [kernel] [k] free_unref_page
0.57% [kernel] [k] ip6_rcv_core
0.55% [kernel] [k] ip6t_do_table
0.54% [kernel] [k] flush_smp_call_function_queue
(*) 0.54% [kernel] [k] free_pcppages_bulk
0.51% [kernel] [k] llist_reverse_order
0.38% [kernel] [k] process_backlog
(*) 0.38% [kernel] [k] free_pcp_prepare
0.37% [kernel] [k] tcp_recvmsg_locked
(*) 0.37% [kernel] [k] __list_add_valid
0.34% [kernel] [k] sock_rfree
0.34% [kernel] [k] _raw_spin_lock_irq
(*) 0.33% [kernel] [k] __page_cache_release
0.33% [kernel] [k] tcp_v6_rcv
(*) 0.33% [kernel] [k] __put_page
(*) 0.29% [kernel] [k] __mod_zone_page_state
0.27% [kernel] [k] _raw_spin_lock
After patch:
Average throughput: 73076 Mbit.
Kernel profiles on cpu running user thread recvmsg() looks better:
81.35% [kernel] [k] copy_user_enhanced_fast_string
1.95% [kernel] [k] _copy_to_iter
1.95% [kernel] [k] __skb_datagram_iter
1.27% [kernel] [k] __netif_receive_skb_core
1.03% [kernel] [k] ip6t_do_table
0.60% [kernel] [k] sock_rfree
0.50% [kernel] [k] tcp_v6_rcv
0.47% [kernel] [k] ip6_rcv_core
0.45% [kernel] [k] read_tsc
0.44% [kernel] [k] _raw_spin_lock_irqsave
0.37% [kernel] [k] _raw_spin_lock
0.37% [kernel] [k] native_irq_return_iret
0.33% [kernel] [k] __inet6_lookup_established
0.31% [kernel] [k] ip6_protocol_deliver_rcu
0.29% [kernel] [k] tcp_rcv_established
0.29% [kernel] [k] llist_reverse_order
v2: kdoc issue (kernel bots)
do not defer if (alloc_cpu == smp_processor_id()) (Paolo)
replace the sk_buff_head with a single-linked list (Jakub)
add a READ_ONCE()/WRITE_ONCE() for the lockless read of sd->defer_list
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Link: https://lore.kernel.org/r/20220422201237.416238-1-eric.dumazet@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-04-22 23:12:37 +03:00
|
|
|
* @alloc_cpu: CPU which did the skb allocation.
|
2006-06-09 11:29:17 +04:00
|
|
|
* @secmark: security marking
|
2011-07-10 18:04:04 +04:00
|
|
|
* @mark: Generic packet mark
|
2020-02-16 02:34:07 +03:00
|
|
|
* @reserved_tailroom: (aka @mark) number of bytes of free space available
|
|
|
|
* at the tail of an sk_buff
|
|
|
|
* @vlan_present: VLAN tag is present
|
2013-04-19 06:04:30 +04:00
|
|
|
* @vlan_proto: vlan encapsulation protocol
|
2008-07-15 09:49:06 +04:00
|
|
|
* @vlan_tci: vlan tag control information
|
2013-05-24 01:02:52 +04:00
|
|
|
* @inner_protocol: Protocol (encapsulation)
|
2020-02-16 02:34:07 +03:00
|
|
|
* @inner_ipproto: (aka @inner_protocol) stores ipproto when
|
|
|
|
* skb->inner_protocol_type == ENCAP_TYPE_IPPROTO;
|
2012-12-07 18:14:14 +04:00
|
|
|
* @inner_transport_header: Inner transport layer header (encapsulation)
|
|
|
|
* @inner_network_header: Network layer header (encapsulation)
|
2013-03-07 17:21:46 +04:00
|
|
|
* @inner_mac_header: Link layer header (encapsulation)
|
2011-07-10 18:04:04 +04:00
|
|
|
* @transport_header: Transport layer header
|
|
|
|
* @network_header: Network layer header
|
|
|
|
* @mac_header: Link layer header
|
2020-11-26 01:48:40 +03:00
|
|
|
* @kcov_handle: KCOV remote handle for remote coverage collection
|
2011-07-10 18:04:04 +04:00
|
|
|
* @tail: Tail pointer
|
|
|
|
* @end: End pointer
|
|
|
|
* @head: Head of buffer
|
|
|
|
* @data: Data head pointer
|
|
|
|
* @truesize: Buffer size
|
|
|
|
* @users: User count - see {datagram,tcp}.c
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
* @extensions: allocated extensions, valid if active_extensions is nonzero
|
2005-04-17 02:20:36 +04:00
|
|
|
*/
|
|
|
|
|
|
|
|
struct sk_buff {
|
2014-02-27 02:02:11 +04:00
|
|
|
union {
|
2014-11-03 19:19:53 +03:00
|
|
|
struct {
|
skbuff: Extract list pointers to silence compiler warnings
Under both -Warray-bounds and the object_size sanitizer, the compiler is
upset about accessing prev/next of sk_buff when the object it thinks it
is coming from is sk_buff_head. The warning is a false positive due to
the compiler taking a conservative approach, opting to warn at casting
time rather than access time.
However, in support of enabling -Warray-bounds globally (which has
found many real bugs), arrange things for sk_buff so that the compiler
can unambiguously see that there is no intention to access anything
except prev/next. Introduce and cast to a separate struct sk_buff_list,
which contains _only_ the first two fields, silencing the warnings:
In file included from ./include/net/net_namespace.h:39,
from ./include/linux/netdevice.h:37,
from net/core/netpoll.c:17:
net/core/netpoll.c: In function 'refill_skbs':
./include/linux/skbuff.h:2086:9: warning: array subscript 'struct sk_buff[0]' is partly outside array bounds of 'struct sk_buff_head[1]' [-Warray-bounds]
2086 | __skb_insert(newsk, next->prev, next, list);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/core/netpoll.c:49:28: note: while referencing 'skb_pool'
49 | static struct sk_buff_head skb_pool;
| ^~~~~~~~
This change results in no executable instruction differences.
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20211207062758.2324338-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-07 09:27:58 +03:00
|
|
|
/* These two members must be first to match sk_buff_head. */
|
2014-11-03 19:19:53 +03:00
|
|
|
struct sk_buff *next;
|
|
|
|
struct sk_buff *prev;
|
|
|
|
|
|
|
|
union {
|
2017-09-19 15:14:24 +03:00
|
|
|
struct net_device *dev;
|
|
|
|
/* Some protocols might use this space to store information,
|
|
|
|
* while device pointer would be NULL.
|
|
|
|
* UDP receive path is one user.
|
|
|
|
*/
|
|
|
|
unsigned long dev_scratch;
|
2014-11-03 19:19:53 +03:00
|
|
|
};
|
|
|
|
};
|
2018-08-03 02:34:39 +03:00
|
|
|
struct rb_node rbnode; /* used in netem, ip4 defrag, and tcp stack */
|
2018-06-24 08:13:49 +03:00
|
|
|
struct list_head list;
|
tcp: defer skb freeing after socket lock is released
tcp recvmsg() (or rx zerocopy) spends a fair amount of time
freeing skbs after their payload has been consumed.
A typical ~64KB GRO packet has to release ~45 page
references, eventually going to page allocator
for each of them.
Currently, this freeing is performed while socket lock
is held, meaning that there is a high chance that
BH handler has to queue incoming packets to tcp socket backlog.
This can cause additional latencies, because the user
thread has to process the backlog at release_sock() time,
and while doing so, additional frames can be added
by BH handler.
This patch adds logic to defer these frees after socket
lock is released, or directly from BH handler if possible.
Being able to free these skbs from BH handler helps a lot,
because this avoids the usual alloc/free assymetry,
when BH handler and user thread do not run on same cpu or
NUMA node.
One cpu can now be fully utilized for the kernel->user copy,
and another cpu is handling BH processing and skb/page
allocs/frees (assuming RFS is not forcing use of a single CPU)
Tested:
100Gbit NIC
Max throughput for one TCP_STREAM flow, over 10 runs
MTU : 1500
Before: 55 Gbit
After: 66 Gbit
MTU : 4096+(headers)
Before: 82 Gbit
After: 95 Gbit
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-11-15 22:02:46 +03:00
|
|
|
struct llist_node ll_node;
|
2014-02-27 02:02:11 +04:00
|
|
|
};
|
2018-08-03 02:34:39 +03:00
|
|
|
|
|
|
|
union {
|
|
|
|
struct sock *sk;
|
|
|
|
int ip_defrag_offset;
|
|
|
|
};
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2016-12-08 22:41:55 +03:00
|
|
|
union {
|
2017-09-19 15:14:24 +03:00
|
|
|
ktime_t tstamp;
|
2018-09-21 18:51:50 +03:00
|
|
|
u64 skb_mstamp_ns; /* earliest departure time */
|
2016-12-08 22:41:55 +03:00
|
|
|
};
|
2005-04-17 02:20:36 +04:00
|
|
|
/*
|
|
|
|
* This is the control buffer. It is free to use for every
|
|
|
|
* layer. Please put your private variables there. If you
|
|
|
|
* want to keep them across layers you have to do a skb_clone()
|
|
|
|
* first. This is owned by whoever has the skb queued ATM.
|
|
|
|
*/
|
2010-02-23 14:45:51 +03:00
|
|
|
char cb[48] __aligned(8);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2017-10-04 22:59:58 +03:00
|
|
|
union {
|
|
|
|
struct {
|
|
|
|
unsigned long _skb_refdst;
|
|
|
|
void (*destructor)(struct sk_buff *skb);
|
|
|
|
};
|
|
|
|
struct list_head tcp_tsorted_anchor;
|
2021-02-23 21:49:29 +03:00
|
|
|
#ifdef CONFIG_NET_SOCK_MSG
|
|
|
|
unsigned long _sk_redir;
|
|
|
|
#endif
|
2017-10-04 22:59:58 +03:00
|
|
|
};
|
|
|
|
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
2017-01-23 20:21:59 +03:00
|
|
|
unsigned long _nfct;
|
2010-02-23 14:45:51 +03:00
|
|
|
#endif
|
2005-04-17 02:20:36 +04:00
|
|
|
unsigned int len,
|
[SKBUFF]: Keep track of writable header len of headerless clones
Currently NAT (and others) that want to modify cloned skbs copy them,
even if in the vast majority of cases its not necessary because the
skb is a clone made by TCP and the portion NAT wants to modify is
actually writable because TCP release the header reference before
cloning.
The problem is that there is no clean way for NAT to find out how
long the writable header area is, so this patch introduces skb->hdr_len
to hold this length. When a headerless skb is cloned skb->hdr_len
is set to the current headroom, for regular clones it is copied from
the original. A new function skb_clone_writable(skb, len) returns
whether the skb is writable up to len bytes from skb->data. To avoid
enlarging the skb the mac_len field is reduced to 16 bit and the
new hdr_len field is put in the remaining 16 bit.
I've done a few rough benchmarks of NAT (not with this exact patch,
but a very similar one). As expected it saves huge amounts of system
time in case of sendfile, bringing it down to basically the same
amount as without NAT, with sendmsg it only helps on loopback,
probably because of the large MTU.
Transmit a 1GB file using sendfile/sendmsg over eth0/lo with and
without NAT:
- sendfile eth0, no NAT: sys 0m0.388s
- sendfile eth0, NAT: sys 0m1.835s
- sendfile eth0: NAT + path: sys 0m0.370s (~ -80%)
- sendfile lo, no NAT: sys 0m0.258s
- sendfile lo, NAT: sys 0m2.609s
- sendfile lo, NAT + patch: sys 0m0.260s (~ -90%)
- sendmsg eth0, no NAT: sys 0m2.508s
- sendmsg eth0, NAT: sys 0m2.539s
- sendmsg eth0, NAT + patch: sys 0m2.445s (no change)
- sendmsg lo, no NAT: sys 0m2.151s
- sendmsg lo, NAT: sys 0m3.557s
- sendmsg lo, NAT + patch: sys 0m2.159s (~ -40%)
I expect other users can see a similar performance improvement,
packet mangling iptables targets, ipip and ip_gre come to mind ..
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-25 15:35:20 +04:00
|
|
|
data_len;
|
|
|
|
__u16 mac_len,
|
|
|
|
hdr_len;
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
|
|
|
|
/* Following fields are _not_ copied in __copy_skb_header()
|
|
|
|
* Note that queue_mapping is here mostly to fill a hole.
|
|
|
|
*/
|
|
|
|
__u16 queue_mapping;
|
bpf: direct packet write and access for helpers for clsact progs
This work implements direct packet access for helpers and direct packet
write in a similar fashion as already available for XDP types via commits
4acf6c0b84c9 ("bpf: enable direct packet data write for xdp progs") and
6841de8b0d03 ("bpf: allow helpers access the packet directly"), and as a
complementary feature to the already available direct packet read for tc
(cls/act) programs.
For enabling this, we need to introduce two helpers, bpf_skb_pull_data()
and bpf_csum_update(). The first is generally needed for both, read and
write, because they would otherwise only be limited to the current linear
skb head. Usually, when the data_end test fails, programs just bail out,
or, in the direct read case, use bpf_skb_load_bytes() as an alternative
to overcome this limitation. If such data sits in non-linear parts, we
can just pull them in once with the new helper, retest and eventually
access them.
At the same time, this also makes sure the skb is uncloned, which is, of
course, a necessary condition for direct write. As this needs to be an
invariant for the write part only, the verifier detects writes and adds
a prologue that is calling bpf_skb_pull_data() to effectively unclone the
skb from the very beginning in case it is indeed cloned. The heuristic
makes use of a similar trick that was done in 233577a22089 ("net: filter:
constify detection of pkt_type_offset"). This comes at zero cost for other
programs that do not use the direct write feature. Should a program use
this feature only sparsely and has read access for the most parts with,
for example, drop return codes, then such write action can be delegated
to a tail called program for mitigating this cost of potential uncloning
to a late point in time where it would have been paid similarly with the
bpf_skb_store_bytes() as well. Advantage of direct write is that the
writes are inlined whereas the helper cannot make any length assumptions
and thus needs to generate a call to memcpy() also for small sizes, as well
as cost of helper call itself with sanity checks are avoided. Plus, when
direct read is already used, we don't need to cache or perform rechecks
on the data boundaries (due to verifier invalidating previous checks for
helpers that change skb->data), so more complex programs using rewrites
can benefit from switching to direct read plus write.
For direct packet access to helpers, we save the otherwise needed copy into
a temp struct sitting on stack memory when use-case allows. Both facilities
are enabled via may_access_direct_pkt_data() in verifier. For now, we limit
this to map helpers and csum_diff, and can successively enable other helpers
where we find it makes sense. Helpers that definitely cannot be allowed for
this are those part of bpf_helper_changes_skb_data() since they can change
underlying data, and those that write into memory as this could happen for
packet typed args when still cloned. bpf_csum_update() helper accommodates
for the fact that we need to fixup checksum_complete when using direct write
instead of bpf_skb_store_bytes(), meaning the programs can use available
helpers like bpf_csum_diff(), and implement csum_add(), csum_sub(),
csum_block_add(), csum_block_sub() equivalents in eBPF together with the
new helper. A usage example will be provided for iproute2's examples/bpf/
directory.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-09-20 01:26:13 +03:00
|
|
|
|
|
|
|
/* if you move cloned around you also must adapt those constants */
|
|
|
|
#ifdef __BIG_ENDIAN_BITFIELD
|
|
|
|
#define CLONED_MASK (1 << 7)
|
|
|
|
#else
|
|
|
|
#define CLONED_MASK 1
|
|
|
|
#endif
|
2021-11-21 03:31:48 +03:00
|
|
|
#define CLONED_OFFSET offsetof(struct sk_buff, __cloned_offset)
|
bpf: direct packet write and access for helpers for clsact progs
This work implements direct packet access for helpers and direct packet
write in a similar fashion as already available for XDP types via commits
4acf6c0b84c9 ("bpf: enable direct packet data write for xdp progs") and
6841de8b0d03 ("bpf: allow helpers access the packet directly"), and as a
complementary feature to the already available direct packet read for tc
(cls/act) programs.
For enabling this, we need to introduce two helpers, bpf_skb_pull_data()
and bpf_csum_update(). The first is generally needed for both, read and
write, because they would otherwise only be limited to the current linear
skb head. Usually, when the data_end test fails, programs just bail out,
or, in the direct read case, use bpf_skb_load_bytes() as an alternative
to overcome this limitation. If such data sits in non-linear parts, we
can just pull them in once with the new helper, retest and eventually
access them.
At the same time, this also makes sure the skb is uncloned, which is, of
course, a necessary condition for direct write. As this needs to be an
invariant for the write part only, the verifier detects writes and adds
a prologue that is calling bpf_skb_pull_data() to effectively unclone the
skb from the very beginning in case it is indeed cloned. The heuristic
makes use of a similar trick that was done in 233577a22089 ("net: filter:
constify detection of pkt_type_offset"). This comes at zero cost for other
programs that do not use the direct write feature. Should a program use
this feature only sparsely and has read access for the most parts with,
for example, drop return codes, then such write action can be delegated
to a tail called program for mitigating this cost of potential uncloning
to a late point in time where it would have been paid similarly with the
bpf_skb_store_bytes() as well. Advantage of direct write is that the
writes are inlined whereas the helper cannot make any length assumptions
and thus needs to generate a call to memcpy() also for small sizes, as well
as cost of helper call itself with sanity checks are avoided. Plus, when
direct read is already used, we don't need to cache or perform rechecks
on the data boundaries (due to verifier invalidating previous checks for
helpers that change skb->data), so more complex programs using rewrites
can benefit from switching to direct read plus write.
For direct packet access to helpers, we save the otherwise needed copy into
a temp struct sitting on stack memory when use-case allows. Both facilities
are enabled via may_access_direct_pkt_data() in verifier. For now, we limit
this to map helpers and csum_diff, and can successively enable other helpers
where we find it makes sense. Helpers that definitely cannot be allowed for
this are those part of bpf_helper_changes_skb_data() since they can change
underlying data, and those that write into memory as this could happen for
packet typed args when still cloned. bpf_csum_update() helper accommodates
for the fact that we need to fixup checksum_complete when using direct write
instead of bpf_skb_store_bytes(), meaning the programs can use available
helpers like bpf_csum_diff(), and implement csum_add(), csum_sub(),
csum_block_add(), csum_block_sub() equivalents in eBPF together with the
new helper. A usage example will be provided for iproute2's examples/bpf/
directory.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-09-20 01:26:13 +03:00
|
|
|
|
2020-02-16 02:34:07 +03:00
|
|
|
/* private: */
|
bpf: direct packet write and access for helpers for clsact progs
This work implements direct packet access for helpers and direct packet
write in a similar fashion as already available for XDP types via commits
4acf6c0b84c9 ("bpf: enable direct packet data write for xdp progs") and
6841de8b0d03 ("bpf: allow helpers access the packet directly"), and as a
complementary feature to the already available direct packet read for tc
(cls/act) programs.
For enabling this, we need to introduce two helpers, bpf_skb_pull_data()
and bpf_csum_update(). The first is generally needed for both, read and
write, because they would otherwise only be limited to the current linear
skb head. Usually, when the data_end test fails, programs just bail out,
or, in the direct read case, use bpf_skb_load_bytes() as an alternative
to overcome this limitation. If such data sits in non-linear parts, we
can just pull them in once with the new helper, retest and eventually
access them.
At the same time, this also makes sure the skb is uncloned, which is, of
course, a necessary condition for direct write. As this needs to be an
invariant for the write part only, the verifier detects writes and adds
a prologue that is calling bpf_skb_pull_data() to effectively unclone the
skb from the very beginning in case it is indeed cloned. The heuristic
makes use of a similar trick that was done in 233577a22089 ("net: filter:
constify detection of pkt_type_offset"). This comes at zero cost for other
programs that do not use the direct write feature. Should a program use
this feature only sparsely and has read access for the most parts with,
for example, drop return codes, then such write action can be delegated
to a tail called program for mitigating this cost of potential uncloning
to a late point in time where it would have been paid similarly with the
bpf_skb_store_bytes() as well. Advantage of direct write is that the
writes are inlined whereas the helper cannot make any length assumptions
and thus needs to generate a call to memcpy() also for small sizes, as well
as cost of helper call itself with sanity checks are avoided. Plus, when
direct read is already used, we don't need to cache or perform rechecks
on the data boundaries (due to verifier invalidating previous checks for
helpers that change skb->data), so more complex programs using rewrites
can benefit from switching to direct read plus write.
For direct packet access to helpers, we save the otherwise needed copy into
a temp struct sitting on stack memory when use-case allows. Both facilities
are enabled via may_access_direct_pkt_data() in verifier. For now, we limit
this to map helpers and csum_diff, and can successively enable other helpers
where we find it makes sense. Helpers that definitely cannot be allowed for
this are those part of bpf_helper_changes_skb_data() since they can change
underlying data, and those that write into memory as this could happen for
packet typed args when still cloned. bpf_csum_update() helper accommodates
for the fact that we need to fixup checksum_complete when using direct write
instead of bpf_skb_store_bytes(), meaning the programs can use available
helpers like bpf_csum_diff(), and implement csum_add(), csum_sub(),
csum_block_add(), csum_block_sub() equivalents in eBPF together with the
new helper. A usage example will be provided for iproute2's examples/bpf/
directory.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-09-20 01:26:13 +03:00
|
|
|
__u8 __cloned_offset[0];
|
2020-02-16 02:34:07 +03:00
|
|
|
/* public: */
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
__u8 cloned:1,
|
2005-08-10 06:24:19 +04:00
|
|
|
nohdr:1,
|
2005-11-21 08:19:21 +03:00
|
|
|
fclone:2,
|
2007-12-05 12:53:40 +03:00
|
|
|
peeked:1,
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
head_frag:1,
|
2021-06-07 22:02:38 +03:00
|
|
|
pfmemalloc:1,
|
|
|
|
pp_recycle:1; /* page_pool recycle indicator */
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
#ifdef CONFIG_SKB_EXTENSIONS
|
|
|
|
__u8 active_extensions;
|
|
|
|
#endif
|
2021-06-07 22:02:38 +03:00
|
|
|
|
2021-11-21 03:31:49 +03:00
|
|
|
/* Fields enclosed in headers group are copied
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
* using a single memcpy() in __copy_skb_header()
|
|
|
|
*/
|
2021-11-21 03:31:49 +03:00
|
|
|
struct_group(headers,
|
2012-01-27 10:22:53 +04:00
|
|
|
|
2020-02-16 02:34:07 +03:00
|
|
|
/* private: */
|
2014-09-12 16:04:43 +04:00
|
|
|
__u8 __pkt_type_offset[0];
|
2020-02-16 02:34:07 +03:00
|
|
|
/* public: */
|
2021-11-21 03:31:48 +03:00
|
|
|
__u8 pkt_type:3; /* see PKT_TYPE_MAX */
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
__u8 ignore_df:1;
|
|
|
|
__u8 nf_trace:1;
|
|
|
|
__u8 ip_summed:2;
|
2010-11-21 16:17:29 +03:00
|
|
|
__u8 ooo_okay:1;
|
net: Don't copy pfmemalloc flag in __copy_skb_header()
The pfmemalloc flag indicates that the skb was allocated from
the PFMEMALLOC reserves, and the flag is currently copied on skb
copy and clone.
However, an skb copied from an skb flagged with pfmemalloc
wasn't necessarily allocated from PFMEMALLOC reserves, and on
the other hand an skb allocated that way might be copied from an
skb that wasn't.
So we should not copy the flag on skb copy, and rather decide
whether to allow an skb to be associated with sockets unrelated
to page reclaim depending only on how it was allocated.
Move the pfmemalloc flag before headers_start[0] using an
existing 1-bit hole, so that __copy_skb_header() doesn't copy
it.
When cloning, we'll now take care of this flag explicitly,
contravening to the warning comment of __skb_clone().
While at it, restore the newline usage introduced by commit
b19372273164 ("net: reorganize sk_buff for faster
__copy_skb_header()") to visually separate bytes used in
bitfields after headers_start[0], that was gone after commit
a9e419dc7be6 ("netfilter: merge ctinfo into nfct pointer storage
area"), and describe the pfmemalloc flag in the kernel-doc
structure comment.
This doesn't change the size of sk_buff or cacheline boundaries,
but consolidates the 15 bits hole before tc_index into a 2 bytes
hole before csum, that could now be filled more easily.
Reported-by: Patrick Talbert <ptalbert@redhat.com>
Fixes: c93bdd0e03e8 ("netvm: allow skb allocation to use PFMEMALLOC reserves")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-11 15:39:42 +03:00
|
|
|
|
2014-03-25 02:34:47 +04:00
|
|
|
__u8 l4_hash:1;
|
2014-07-02 08:33:17 +04:00
|
|
|
__u8 sw_hash:1;
|
2011-11-09 13:15:42 +04:00
|
|
|
__u8 wifi_acked_valid:1;
|
|
|
|
__u8 wifi_acked:1;
|
2012-02-11 19:39:30 +04:00
|
|
|
__u8 no_fcs:1;
|
2014-08-28 08:26:46 +04:00
|
|
|
/* Indicates the inner headers are valid in the skbuff. */
|
2012-12-07 18:14:14 +04:00
|
|
|
__u8 encapsulation:1;
|
2014-06-05 04:20:02 +04:00
|
|
|
__u8 encap_hdr_csum:1;
|
2014-06-11 05:54:13 +04:00
|
|
|
__u8 csum_valid:1;
|
net: Don't copy pfmemalloc flag in __copy_skb_header()
The pfmemalloc flag indicates that the skb was allocated from
the PFMEMALLOC reserves, and the flag is currently copied on skb
copy and clone.
However, an skb copied from an skb flagged with pfmemalloc
wasn't necessarily allocated from PFMEMALLOC reserves, and on
the other hand an skb allocated that way might be copied from an
skb that wasn't.
So we should not copy the flag on skb copy, and rather decide
whether to allow an skb to be associated with sockets unrelated
to page reclaim depending only on how it was allocated.
Move the pfmemalloc flag before headers_start[0] using an
existing 1-bit hole, so that __copy_skb_header() doesn't copy
it.
When cloning, we'll now take care of this flag explicitly,
contravening to the warning comment of __skb_clone().
While at it, restore the newline usage introduced by commit
b19372273164 ("net: reorganize sk_buff for faster
__copy_skb_header()") to visually separate bytes used in
bitfields after headers_start[0], that was gone after commit
a9e419dc7be6 ("netfilter: merge ctinfo into nfct pointer storage
area"), and describe the pfmemalloc flag in the kernel-doc
structure comment.
This doesn't change the size of sk_buff or cacheline boundaries,
but consolidates the 15 bits hole before tc_index into a 2 bytes
hole before csum, that could now be filled more easily.
Reported-by: Patrick Talbert <ptalbert@redhat.com>
Fixes: c93bdd0e03e8 ("netvm: allow skb allocation to use PFMEMALLOC reserves")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-11 15:39:42 +03:00
|
|
|
|
2020-02-16 02:34:07 +03:00
|
|
|
/* private: */
|
2018-11-10 21:58:36 +03:00
|
|
|
__u8 __pkt_vlan_present_offset[0];
|
2020-02-16 02:34:07 +03:00
|
|
|
/* public: */
|
2021-11-21 03:31:48 +03:00
|
|
|
__u8 vlan_present:1; /* See PKT_VLAN_PRESENT_BIT */
|
2014-06-11 05:54:19 +04:00
|
|
|
__u8 csum_complete_sw:1;
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
__u8 csum_level:2;
|
2017-02-07 00:14:12 +03:00
|
|
|
__u8 dst_pending_confirm:1;
|
2022-03-09 12:04:50 +03:00
|
|
|
__u8 mono_delivery_time:1; /* See SKB_MONO_DELIVERY_TIME_MASK */
|
bpf: Keep the (rcv) timestamp behavior for the existing tc-bpf@ingress
The current tc-bpf@ingress reads and writes the __sk_buff->tstamp
as a (rcv) timestamp which currently could either be 0 (not available)
or ktime_get_real(). This patch is to backward compatible with the
(rcv) timestamp expectation at ingress. If the skb->tstamp has
the delivery_time, the bpf insn rewrite will read 0 for tc-bpf
running at ingress as it is not available. When writing at ingress,
it will also clear the skb->mono_delivery_time bit.
/* BPF_READ: a = __sk_buff->tstamp */
if (!skb->tc_at_ingress || !skb->mono_delivery_time)
a = skb->tstamp;
else
a = 0
/* BPF_WRITE: __sk_buff->tstamp = a */
if (skb->tc_at_ingress)
skb->mono_delivery_time = 0;
skb->tstamp = a;
[ A note on the BPF_CGROUP_INET_INGRESS which can also access
skb->tstamp. At that point, the skb is delivered locally
and skb_clear_delivery_time() has already been done,
so the skb->tstamp will only have the (rcv) timestamp. ]
If the tc-bpf@egress writes 0 to skb->tstamp, the skb->mono_delivery_time
has to be cleared also. It could be done together during
convert_ctx_access(). However, the latter patch will also expose
the skb->mono_delivery_time bit as __sk_buff->delivery_time_type.
Changing the delivery_time_type in the background may surprise
the user, e.g. the 2nd read on __sk_buff->delivery_time_type
may need a READ_ONCE() to avoid compiler optimization. Thus,
in expecting the needs in the latter patch, this patch does a
check on !skb->tstamp after running the tc-bpf and clears the
skb->mono_delivery_time bit if needed. The earlier discussion
on v4 [0].
The bpf insn rewrite requires the skb's mono_delivery_time bit and
tc_at_ingress bit. They are moved up in sk_buff so that bpf rewrite
can be done at a fixed offset. tc_skip_classify is moved together with
tc_at_ingress. To get one bit for mono_delivery_time, csum_not_inet is
moved down and this bit is currently used by sctp.
[0]: https://lore.kernel.org/bpf/20220217015043.khqwqklx45c4m4se@kafai-mbp.dhcp.thefacebook.com/
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-03-02 22:56:28 +03:00
|
|
|
#ifdef CONFIG_NET_CLS_ACT
|
|
|
|
__u8 tc_skip_classify:1;
|
2022-03-09 12:04:50 +03:00
|
|
|
__u8 tc_at_ingress:1; /* See TC_AT_INGRESS_MASK */
|
bpf: Keep the (rcv) timestamp behavior for the existing tc-bpf@ingress
The current tc-bpf@ingress reads and writes the __sk_buff->tstamp
as a (rcv) timestamp which currently could either be 0 (not available)
or ktime_get_real(). This patch is to backward compatible with the
(rcv) timestamp expectation at ingress. If the skb->tstamp has
the delivery_time, the bpf insn rewrite will read 0 for tc-bpf
running at ingress as it is not available. When writing at ingress,
it will also clear the skb->mono_delivery_time bit.
/* BPF_READ: a = __sk_buff->tstamp */
if (!skb->tc_at_ingress || !skb->mono_delivery_time)
a = skb->tstamp;
else
a = 0
/* BPF_WRITE: __sk_buff->tstamp = a */
if (skb->tc_at_ingress)
skb->mono_delivery_time = 0;
skb->tstamp = a;
[ A note on the BPF_CGROUP_INET_INGRESS which can also access
skb->tstamp. At that point, the skb is delivered locally
and skb_clear_delivery_time() has already been done,
so the skb->tstamp will only have the (rcv) timestamp. ]
If the tc-bpf@egress writes 0 to skb->tstamp, the skb->mono_delivery_time
has to be cleared also. It could be done together during
convert_ctx_access(). However, the latter patch will also expose
the skb->mono_delivery_time bit as __sk_buff->delivery_time_type.
Changing the delivery_time_type in the background may surprise
the user, e.g. the 2nd read on __sk_buff->delivery_time_type
may need a READ_ONCE() to avoid compiler optimization. Thus,
in expecting the needs in the latter patch, this patch does a
check on !skb->tstamp after running the tc-bpf and clears the
skb->mono_delivery_time bit if needed. The earlier discussion
on v4 [0].
The bpf insn rewrite requires the skb's mono_delivery_time bit and
tc_at_ingress bit. They are moved up in sk_buff so that bpf rewrite
can be done at a fixed offset. tc_skip_classify is moved together with
tc_at_ingress. To get one bit for mono_delivery_time, csum_not_inet is
moved down and this bit is currently used by sctp.
[0]: https://lore.kernel.org/bpf/20220217015043.khqwqklx45c4m4se@kafai-mbp.dhcp.thefacebook.com/
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-03-02 22:56:28 +03:00
|
|
|
#endif
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
#ifdef CONFIG_IPV6_NDISC_NODETYPE
|
|
|
|
__u8 ndisc_nodetype:2;
|
|
|
|
#endif
|
net: Don't copy pfmemalloc flag in __copy_skb_header()
The pfmemalloc flag indicates that the skb was allocated from
the PFMEMALLOC reserves, and the flag is currently copied on skb
copy and clone.
However, an skb copied from an skb flagged with pfmemalloc
wasn't necessarily allocated from PFMEMALLOC reserves, and on
the other hand an skb allocated that way might be copied from an
skb that wasn't.
So we should not copy the flag on skb copy, and rather decide
whether to allow an skb to be associated with sockets unrelated
to page reclaim depending only on how it was allocated.
Move the pfmemalloc flag before headers_start[0] using an
existing 1-bit hole, so that __copy_skb_header() doesn't copy
it.
When cloning, we'll now take care of this flag explicitly,
contravening to the warning comment of __skb_clone().
While at it, restore the newline usage introduced by commit
b19372273164 ("net: reorganize sk_buff for faster
__copy_skb_header()") to visually separate bytes used in
bitfields after headers_start[0], that was gone after commit
a9e419dc7be6 ("netfilter: merge ctinfo into nfct pointer storage
area"), and describe the pfmemalloc flag in the kernel-doc
structure comment.
This doesn't change the size of sk_buff or cacheline boundaries,
but consolidates the 15 bits hole before tc_index into a 2 bytes
hole before csum, that could now be filled more easily.
Reported-by: Patrick Talbert <ptalbert@redhat.com>
Fixes: c93bdd0e03e8 ("netvm: allow skb allocation to use PFMEMALLOC reserves")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-07-11 15:39:42 +03:00
|
|
|
|
2018-11-10 21:58:36 +03:00
|
|
|
__u8 ipvs_property:1;
|
2014-09-30 07:22:29 +04:00
|
|
|
__u8 inner_protocol_type:1;
|
2014-11-04 20:06:54 +03:00
|
|
|
__u8 remcsum_offload:1;
|
2016-08-25 19:42:37 +03:00
|
|
|
#ifdef CONFIG_NET_SWITCHDEV
|
|
|
|
__u8 offload_fwd_mark:1;
|
2018-12-04 11:15:10 +03:00
|
|
|
__u8 offload_l3_fwd_mark:1;
|
2020-03-25 15:47:18 +03:00
|
|
|
#endif
|
|
|
|
__u8 redirected:1;
|
2021-07-02 14:18:23 +03:00
|
|
|
#ifdef CONFIG_NET_REDIRECT
|
2020-03-25 15:47:18 +03:00
|
|
|
__u8 from_ingress:1;
|
2017-01-08 01:06:35 +03:00
|
|
|
#endif
|
netfilter: Introduce egress hook
Support classifying packets with netfilter on egress to satisfy user
requirements such as:
* outbound security policies for containers (Laura)
* filtering and mangling intra-node Direct Server Return (DSR) traffic
on a load balancer (Laura)
* filtering locally generated traffic coming in through AF_PACKET,
such as local ARP traffic generated for clustering purposes or DHCP
(Laura; the AF_PACKET plumbing is contained in a follow-up commit)
* L2 filtering from ingress and egress for AVB (Audio Video Bridging)
and gPTP with nftables (Pablo)
* in the future: in-kernel NAT64/NAT46 (Pablo)
The egress hook introduced herein complements the ingress hook added by
commit e687ad60af09 ("netfilter: add netfilter ingress hook after
handle_ing() under unique static key"). A patch for nftables to hook up
egress rules from user space has been submitted separately, so users may
immediately take advantage of the feature.
Alternatively or in addition to netfilter, packets can be classified
with traffic control (tc). On ingress, packets are classified first by
tc, then by netfilter. On egress, the order is reversed for symmetry.
Conceptually, tc and netfilter can be thought of as layers, with
netfilter layered above tc.
Traffic control is capable of redirecting packets to another interface
(man 8 tc-mirred). E.g., an ingress packet may be redirected from the
host namespace to a container via a veth connection:
tc ingress (host) -> tc egress (veth host) -> tc ingress (veth container)
In this case, netfilter egress classifying is not performed when leaving
the host namespace! That's because the packet is still on the tc layer.
If tc redirects the packet to a physical interface in the host namespace
such that it leaves the system, the packet is never subjected to
netfilter egress classifying. That is only logical since it hasn't
passed through netfilter ingress classifying either.
Packets can alternatively be redirected at the netfilter layer using
nft fwd. Such a packet *is* subjected to netfilter egress classifying
since it has reached the netfilter layer.
Internally, the skb->nf_skip_egress flag controls whether netfilter is
invoked on egress by __dev_queue_xmit(). Because __dev_queue_xmit() may
be called recursively by tunnel drivers such as vxlan, the flag is
reverted to false after sch_handle_egress(). This ensures that
netfilter is applied both on the overlay and underlying network.
Interaction between tc and netfilter is possible by setting and querying
skb->mark.
If netfilter egress classifying is not enabled on any interface, it is
patched out of the data path by way of a static_key and doesn't make a
performance difference that is discernible from noise:
Before: 1537 1538 1538 1537 1538 1537 Mb/sec
After: 1536 1534 1539 1539 1539 1540 Mb/sec
Before + tc accept: 1418 1418 1418 1419 1419 1418 Mb/sec
After + tc accept: 1419 1424 1418 1419 1422 1420 Mb/sec
Before + tc drop: 1620 1619 1619 1619 1620 1620 Mb/sec
After + tc drop: 1616 1624 1625 1624 1622 1619 Mb/sec
When netfilter egress classifying is enabled on at least one interface,
a minimal performance penalty is incurred for every egress packet, even
if the interface it's transmitted over doesn't have any netfilter egress
rules configured. That is caused by checking dev->nf_hooks_egress
against NULL.
Measurements were performed on a Core i7-3615QM. Commands to reproduce:
ip link add dev foo type dummy
ip link set dev foo up
modprobe pktgen
echo "add_device foo" > /proc/net/pktgen/kpktgend_3
samples/pktgen/pktgen_bench_xmit_mode_queue_xmit.sh -i foo -n 400000000 -m "11:11:11:11:11:11" -d 1.1.1.1
Accept all traffic with tc:
tc qdisc add dev foo clsact
tc filter add dev foo egress bpf da bytecode '1,6 0 0 0,'
Drop all traffic with tc:
tc qdisc add dev foo clsact
tc filter add dev foo egress bpf da bytecode '1,6 0 0 2,'
Apply this patch when measuring packet drops to avoid errors in dmesg:
https://lore.kernel.org/netdev/a73dda33-57f4-95d8-ea51-ed483abd6a7a@iogearbox.net/
Signed-off-by: Lukas Wunner <lukas@wunner.de>
Cc: Laura García Liébana <nevola@gmail.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2021-10-08 23:06:03 +03:00
|
|
|
#ifdef CONFIG_NETFILTER_SKIP_EGRESS
|
|
|
|
__u8 nf_skip_egress:1;
|
|
|
|
#endif
|
2018-07-17 12:52:57 +03:00
|
|
|
#ifdef CONFIG_TLS_DEVICE
|
|
|
|
__u8 decrypted:1;
|
|
|
|
#endif
|
2021-07-28 19:23:59 +03:00
|
|
|
__u8 slow_gro:1;
|
bpf: Keep the (rcv) timestamp behavior for the existing tc-bpf@ingress
The current tc-bpf@ingress reads and writes the __sk_buff->tstamp
as a (rcv) timestamp which currently could either be 0 (not available)
or ktime_get_real(). This patch is to backward compatible with the
(rcv) timestamp expectation at ingress. If the skb->tstamp has
the delivery_time, the bpf insn rewrite will read 0 for tc-bpf
running at ingress as it is not available. When writing at ingress,
it will also clear the skb->mono_delivery_time bit.
/* BPF_READ: a = __sk_buff->tstamp */
if (!skb->tc_at_ingress || !skb->mono_delivery_time)
a = skb->tstamp;
else
a = 0
/* BPF_WRITE: __sk_buff->tstamp = a */
if (skb->tc_at_ingress)
skb->mono_delivery_time = 0;
skb->tstamp = a;
[ A note on the BPF_CGROUP_INET_INGRESS which can also access
skb->tstamp. At that point, the skb is delivered locally
and skb_clear_delivery_time() has already been done,
so the skb->tstamp will only have the (rcv) timestamp. ]
If the tc-bpf@egress writes 0 to skb->tstamp, the skb->mono_delivery_time
has to be cleared also. It could be done together during
convert_ctx_access(). However, the latter patch will also expose
the skb->mono_delivery_time bit as __sk_buff->delivery_time_type.
Changing the delivery_time_type in the background may surprise
the user, e.g. the 2nd read on __sk_buff->delivery_time_type
may need a READ_ONCE() to avoid compiler optimization. Thus,
in expecting the needs in the latter patch, this patch does a
check on !skb->tstamp after running the tc-bpf and clears the
skb->mono_delivery_time bit if needed. The earlier discussion
on v4 [0].
The bpf insn rewrite requires the skb's mono_delivery_time bit and
tc_at_ingress bit. They are moved up in sk_buff so that bpf rewrite
can be done at a fixed offset. tc_skip_classify is moved together with
tc_at_ingress. To get one bit for mono_delivery_time, csum_not_inet is
moved down and this bit is currently used by sctp.
[0]: https://lore.kernel.org/bpf/20220217015043.khqwqklx45c4m4se@kafai-mbp.dhcp.thefacebook.com/
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-03-02 22:56:28 +03:00
|
|
|
__u8 csum_not_inet:1;
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
|
|
|
|
#ifdef CONFIG_NET_SCHED
|
|
|
|
__u16 tc_index; /* traffic control index */
|
|
|
|
#endif
|
2008-08-30 14:16:35 +04:00
|
|
|
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
union {
|
|
|
|
__wsum csum;
|
|
|
|
struct {
|
|
|
|
__u16 csum_start;
|
|
|
|
__u16 csum_offset;
|
|
|
|
};
|
|
|
|
};
|
|
|
|
__u32 priority;
|
|
|
|
int skb_iif;
|
|
|
|
__u32 hash;
|
|
|
|
__be16 vlan_proto;
|
|
|
|
__u16 vlan_tci;
|
xps: fix xps for stacked devices
A typical qdisc setup is the following :
bond0 : bonding device, using HTB hierarchy
eth1/eth2 : slaves, multiqueue NIC, using MQ + FQ qdisc
XPS allows to spread packets on specific tx queues, based on the cpu
doing the send.
Problem is that dequeues from bond0 qdisc can happen on random cpus,
due to the fact that qdisc_run() can dequeue a batch of packets.
CPUA -> queue packet P1 on bond0 qdisc, P1->ooo_okay=1
CPUA -> queue packet P2 on bond0 qdisc, P2->ooo_okay=0
CPUB -> dequeue packet P1 from bond0
enqueue packet on eth1/eth2
CPUC -> dequeue packet P2 from bond0
enqueue packet on eth1/eth2 using sk cache (ooo_okay is 0)
get_xps_queue() then might select wrong queue for P1, since current cpu
might be different than CPUA.
P2 might be sent on the old queue (stored in sk->sk_tx_queue_mapping),
if CPUC runs a bit faster (or CPUB spins a bit on qdisc lock)
Effect of this bug is TCP reorders, and more generally not optimal
TX queue placement. (A victim bulk flow can be migrated to the wrong TX
queue for a while)
To fix this, we have to record sender cpu number the first time
dev_queue_xmit() is called for one tx skb.
We can union napi_id (used on receive path) and sender_cpu,
granted we clear sender_cpu in skb_scrub_packet() (credit to Willem for
this union idea)
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Willem de Bruijn <willemb@google.com>
Cc: Nandita Dukkipati <nanditad@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2015-02-04 10:48:24 +03:00
|
|
|
#if defined(CONFIG_NET_RX_BUSY_POLL) || defined(CONFIG_XPS)
|
|
|
|
union {
|
|
|
|
unsigned int napi_id;
|
|
|
|
unsigned int sender_cpu;
|
|
|
|
};
|
2006-05-24 04:55:33 +04:00
|
|
|
#endif
|
net: generalize skb freeing deferral to per-cpu lists
Logic added in commit f35f821935d8 ("tcp: defer skb freeing after socket
lock is released") helped bulk TCP flows to move the cost of skbs
frees outside of critical section where socket lock was held.
But for RPC traffic, or hosts with RFS enabled, the solution is far from
being ideal.
For RPC traffic, recvmsg() has to return to user space right after
skb payload has been consumed, meaning that BH handler has no chance
to pick the skb before recvmsg() thread. This issue is more visible
with BIG TCP, as more RPC fit one skb.
For RFS, even if BH handler picks the skbs, they are still picked
from the cpu on which user thread is running.
Ideally, it is better to free the skbs (and associated page frags)
on the cpu that originally allocated them.
This patch removes the per socket anchor (sk->defer_list) and
instead uses a per-cpu list, which will hold more skbs per round.
This new per-cpu list is drained at the end of net_action_rx(),
after incoming packets have been processed, to lower latencies.
In normal conditions, skbs are added to the per-cpu list with
no further action. In the (unlikely) cases where the cpu does not
run net_action_rx() handler fast enough, we use an IPI to raise
NET_RX_SOFTIRQ on the remote cpu.
Also, we do not bother draining the per-cpu list from dev_cpu_dead()
This is because skbs in this list have no requirement on how fast
they should be freed.
Note that we can add in the future a small per-cpu cache
if we see any contention on sd->defer_lock.
Tested on a pair of hosts with 100Gbit NIC, RFS enabled,
and /proc/sys/net/ipv4/tcp_rmem[2] tuned to 16MB to work around
page recycling strategy used by NIC driver (its page pool capacity
being too small compared to number of skbs/pages held in sockets
receive queues)
Note that this tuning was only done to demonstrate worse
conditions for skb freeing for this particular test.
These conditions can happen in more general production workload.
10 runs of one TCP_STREAM flow
Before:
Average throughput: 49685 Mbit.
Kernel profiles on cpu running user thread recvmsg() show high cost for
skb freeing related functions (*)
57.81% [kernel] [k] copy_user_enhanced_fast_string
(*) 12.87% [kernel] [k] skb_release_data
(*) 4.25% [kernel] [k] __free_one_page
(*) 3.57% [kernel] [k] __list_del_entry_valid
1.85% [kernel] [k] __netif_receive_skb_core
1.60% [kernel] [k] __skb_datagram_iter
(*) 1.59% [kernel] [k] free_unref_page_commit
(*) 1.16% [kernel] [k] __slab_free
1.16% [kernel] [k] _copy_to_iter
(*) 1.01% [kernel] [k] kfree
(*) 0.88% [kernel] [k] free_unref_page
0.57% [kernel] [k] ip6_rcv_core
0.55% [kernel] [k] ip6t_do_table
0.54% [kernel] [k] flush_smp_call_function_queue
(*) 0.54% [kernel] [k] free_pcppages_bulk
0.51% [kernel] [k] llist_reverse_order
0.38% [kernel] [k] process_backlog
(*) 0.38% [kernel] [k] free_pcp_prepare
0.37% [kernel] [k] tcp_recvmsg_locked
(*) 0.37% [kernel] [k] __list_add_valid
0.34% [kernel] [k] sock_rfree
0.34% [kernel] [k] _raw_spin_lock_irq
(*) 0.33% [kernel] [k] __page_cache_release
0.33% [kernel] [k] tcp_v6_rcv
(*) 0.33% [kernel] [k] __put_page
(*) 0.29% [kernel] [k] __mod_zone_page_state
0.27% [kernel] [k] _raw_spin_lock
After patch:
Average throughput: 73076 Mbit.
Kernel profiles on cpu running user thread recvmsg() looks better:
81.35% [kernel] [k] copy_user_enhanced_fast_string
1.95% [kernel] [k] _copy_to_iter
1.95% [kernel] [k] __skb_datagram_iter
1.27% [kernel] [k] __netif_receive_skb_core
1.03% [kernel] [k] ip6t_do_table
0.60% [kernel] [k] sock_rfree
0.50% [kernel] [k] tcp_v6_rcv
0.47% [kernel] [k] ip6_rcv_core
0.45% [kernel] [k] read_tsc
0.44% [kernel] [k] _raw_spin_lock_irqsave
0.37% [kernel] [k] _raw_spin_lock
0.37% [kernel] [k] native_irq_return_iret
0.33% [kernel] [k] __inet6_lookup_established
0.31% [kernel] [k] ip6_protocol_deliver_rcu
0.29% [kernel] [k] tcp_rcv_established
0.29% [kernel] [k] llist_reverse_order
v2: kdoc issue (kernel bots)
do not defer if (alloc_cpu == smp_processor_id()) (Paolo)
replace the sk_buff_head with a single-linked list (Jakub)
add a READ_ONCE()/WRITE_ONCE() for the lockless read of sd->defer_list
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Link: https://lore.kernel.org/r/20220422201237.416238-1-eric.dumazet@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-04-22 23:12:37 +03:00
|
|
|
u16 alloc_cpu;
|
2006-06-09 11:29:17 +04:00
|
|
|
#ifdef CONFIG_NETWORK_SECMARK
|
2016-08-25 19:42:37 +03:00
|
|
|
__u32 secmark;
|
2015-07-19 04:24:48 +03:00
|
|
|
#endif
|
|
|
|
|
net: Generalize socket rx gap / receive queue overflow cmsg
Create a new socket level option to report number of queue overflows
Recently I augmented the AF_PACKET protocol to report the number of frames lost
on the socket receive queue between any two enqueued frames. This value was
exported via a SOL_PACKET level cmsg. AFter I completed that work it was
requested that this feature be generalized so that any datagram oriented socket
could make use of this option. As such I've created this patch, It creates a
new SOL_SOCKET level option called SO_RXQ_OVFL, which when enabled exports a
SOL_SOCKET level cmsg that reports the nubmer of times the sk_receive_queue
overflowed between any two given frames. It also augments the AF_PACKET
protocol to take advantage of this new feature (as it previously did not touch
sk->sk_drops, which this patch uses to record the overflow count). Tested
successfully by me.
Notes:
1) Unlike my previous patch, this patch simply records the sk_drops value, which
is not a number of drops between packets, but rather a total number of drops.
Deltas must be computed in user space.
2) While this patch currently works with datagram oriented protocols, it will
also be accepted by non-datagram oriented protocols. I'm not sure if thats
agreeable to everyone, but my argument in favor of doing so is that, for those
protocols which aren't applicable to this option, sk_drops will always be zero,
and reporting no drops on a receive queue that isn't used for those
non-participating protocols seems reasonable to me. This also saves us having
to code in a per-protocol opt in mechanism.
3) This applies cleanly to net-next assuming that commit
977750076d98c7ff6cbda51858bb5a5894a9d9ab (my af packet cmsg patch) is reverted
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-10-13 00:26:31 +04:00
|
|
|
union {
|
|
|
|
__u32 mark;
|
2013-03-14 09:40:32 +04:00
|
|
|
__u32 reserved_tailroom;
|
net: Generalize socket rx gap / receive queue overflow cmsg
Create a new socket level option to report number of queue overflows
Recently I augmented the AF_PACKET protocol to report the number of frames lost
on the socket receive queue between any two enqueued frames. This value was
exported via a SOL_PACKET level cmsg. AFter I completed that work it was
requested that this feature be generalized so that any datagram oriented socket
could make use of this option. As such I've created this patch, It creates a
new SOL_SOCKET level option called SO_RXQ_OVFL, which when enabled exports a
SOL_SOCKET level cmsg that reports the nubmer of times the sk_receive_queue
overflowed between any two given frames. It also augments the AF_PACKET
protocol to take advantage of this new feature (as it previously did not touch
sk->sk_drops, which this patch uses to record the overflow count). Tested
successfully by me.
Notes:
1) Unlike my previous patch, this patch simply records the sk_drops value, which
is not a number of drops between packets, but rather a total number of drops.
Deltas must be computed in user space.
2) While this patch currently works with datagram oriented protocols, it will
also be accepted by non-datagram oriented protocols. I'm not sure if thats
agreeable to everyone, but my argument in favor of doing so is that, for those
protocols which aren't applicable to this option, sk_drops will always be zero,
and reporting no drops on a receive queue that isn't used for those
non-participating protocols seems reasonable to me. This also saves us having
to code in a per-protocol opt in mechanism.
3) This applies cleanly to net-next assuming that commit
977750076d98c7ff6cbda51858bb5a5894a9d9ab (my af packet cmsg patch) is reverted
Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2009-10-13 00:26:31 +04:00
|
|
|
};
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2014-09-30 07:22:29 +04:00
|
|
|
union {
|
|
|
|
__be16 inner_protocol;
|
|
|
|
__u8 inner_ipproto;
|
|
|
|
};
|
|
|
|
|
2013-05-24 01:02:51 +04:00
|
|
|
__u16 inner_transport_header;
|
|
|
|
__u16 inner_network_header;
|
|
|
|
__u16 inner_mac_header;
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
|
|
|
|
__be16 protocol;
|
2013-05-24 01:02:51 +04:00
|
|
|
__u16 transport_header;
|
|
|
|
__u16 network_header;
|
|
|
|
__u16 mac_header;
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
|
2020-11-26 01:48:40 +03:00
|
|
|
#ifdef CONFIG_KCOV
|
|
|
|
u64 kcov_handle;
|
|
|
|
#endif
|
|
|
|
|
2021-11-21 03:31:49 +03:00
|
|
|
); /* end headers group */
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/* These elements must be at the end, see alloc_skb() for details. */
|
2007-04-20 07:29:13 +04:00
|
|
|
sk_buff_data_t tail;
|
2007-04-20 07:43:29 +04:00
|
|
|
sk_buff_data_t end;
|
2005-04-17 02:20:36 +04:00
|
|
|
unsigned char *head,
|
2007-04-20 07:43:29 +04:00
|
|
|
*data;
|
2007-04-20 07:29:13 +04:00
|
|
|
unsigned int truesize;
|
2017-06-30 13:07:58 +03:00
|
|
|
refcount_t users;
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
|
|
|
|
#ifdef CONFIG_SKB_EXTENSIONS
|
|
|
|
/* only useable after checking ->active_extensions != 0 */
|
|
|
|
struct skb_ext *extensions;
|
|
|
|
#endif
|
2005-04-17 02:20:36 +04:00
|
|
|
};
|
|
|
|
|
2021-11-21 03:31:48 +03:00
|
|
|
/* if you move pkt_type around you also must adapt those constants */
|
|
|
|
#ifdef __BIG_ENDIAN_BITFIELD
|
|
|
|
#define PKT_TYPE_MAX (7 << 5)
|
|
|
|
#else
|
|
|
|
#define PKT_TYPE_MAX 7
|
|
|
|
#endif
|
|
|
|
#define PKT_TYPE_OFFSET offsetof(struct sk_buff, __pkt_type_offset)
|
|
|
|
|
2022-03-09 12:04:50 +03:00
|
|
|
/* if you move pkt_vlan_present, tc_at_ingress, or mono_delivery_time
|
|
|
|
* around, you also must adapt these constants.
|
|
|
|
*/
|
2021-11-21 03:31:48 +03:00
|
|
|
#ifdef __BIG_ENDIAN_BITFIELD
|
|
|
|
#define PKT_VLAN_PRESENT_BIT 7
|
bpf: Keep the (rcv) timestamp behavior for the existing tc-bpf@ingress
The current tc-bpf@ingress reads and writes the __sk_buff->tstamp
as a (rcv) timestamp which currently could either be 0 (not available)
or ktime_get_real(). This patch is to backward compatible with the
(rcv) timestamp expectation at ingress. If the skb->tstamp has
the delivery_time, the bpf insn rewrite will read 0 for tc-bpf
running at ingress as it is not available. When writing at ingress,
it will also clear the skb->mono_delivery_time bit.
/* BPF_READ: a = __sk_buff->tstamp */
if (!skb->tc_at_ingress || !skb->mono_delivery_time)
a = skb->tstamp;
else
a = 0
/* BPF_WRITE: __sk_buff->tstamp = a */
if (skb->tc_at_ingress)
skb->mono_delivery_time = 0;
skb->tstamp = a;
[ A note on the BPF_CGROUP_INET_INGRESS which can also access
skb->tstamp. At that point, the skb is delivered locally
and skb_clear_delivery_time() has already been done,
so the skb->tstamp will only have the (rcv) timestamp. ]
If the tc-bpf@egress writes 0 to skb->tstamp, the skb->mono_delivery_time
has to be cleared also. It could be done together during
convert_ctx_access(). However, the latter patch will also expose
the skb->mono_delivery_time bit as __sk_buff->delivery_time_type.
Changing the delivery_time_type in the background may surprise
the user, e.g. the 2nd read on __sk_buff->delivery_time_type
may need a READ_ONCE() to avoid compiler optimization. Thus,
in expecting the needs in the latter patch, this patch does a
check on !skb->tstamp after running the tc-bpf and clears the
skb->mono_delivery_time bit if needed. The earlier discussion
on v4 [0].
The bpf insn rewrite requires the skb's mono_delivery_time bit and
tc_at_ingress bit. They are moved up in sk_buff so that bpf rewrite
can be done at a fixed offset. tc_skip_classify is moved together with
tc_at_ingress. To get one bit for mono_delivery_time, csum_not_inet is
moved down and this bit is currently used by sctp.
[0]: https://lore.kernel.org/bpf/20220217015043.khqwqklx45c4m4se@kafai-mbp.dhcp.thefacebook.com/
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-03-02 22:56:28 +03:00
|
|
|
#define TC_AT_INGRESS_MASK (1 << 0)
|
|
|
|
#define SKB_MONO_DELIVERY_TIME_MASK (1 << 2)
|
2021-11-21 03:31:48 +03:00
|
|
|
#else
|
|
|
|
#define PKT_VLAN_PRESENT_BIT 0
|
bpf: Keep the (rcv) timestamp behavior for the existing tc-bpf@ingress
The current tc-bpf@ingress reads and writes the __sk_buff->tstamp
as a (rcv) timestamp which currently could either be 0 (not available)
or ktime_get_real(). This patch is to backward compatible with the
(rcv) timestamp expectation at ingress. If the skb->tstamp has
the delivery_time, the bpf insn rewrite will read 0 for tc-bpf
running at ingress as it is not available. When writing at ingress,
it will also clear the skb->mono_delivery_time bit.
/* BPF_READ: a = __sk_buff->tstamp */
if (!skb->tc_at_ingress || !skb->mono_delivery_time)
a = skb->tstamp;
else
a = 0
/* BPF_WRITE: __sk_buff->tstamp = a */
if (skb->tc_at_ingress)
skb->mono_delivery_time = 0;
skb->tstamp = a;
[ A note on the BPF_CGROUP_INET_INGRESS which can also access
skb->tstamp. At that point, the skb is delivered locally
and skb_clear_delivery_time() has already been done,
so the skb->tstamp will only have the (rcv) timestamp. ]
If the tc-bpf@egress writes 0 to skb->tstamp, the skb->mono_delivery_time
has to be cleared also. It could be done together during
convert_ctx_access(). However, the latter patch will also expose
the skb->mono_delivery_time bit as __sk_buff->delivery_time_type.
Changing the delivery_time_type in the background may surprise
the user, e.g. the 2nd read on __sk_buff->delivery_time_type
may need a READ_ONCE() to avoid compiler optimization. Thus,
in expecting the needs in the latter patch, this patch does a
check on !skb->tstamp after running the tc-bpf and clears the
skb->mono_delivery_time bit if needed. The earlier discussion
on v4 [0].
The bpf insn rewrite requires the skb's mono_delivery_time bit and
tc_at_ingress bit. They are moved up in sk_buff so that bpf rewrite
can be done at a fixed offset. tc_skip_classify is moved together with
tc_at_ingress. To get one bit for mono_delivery_time, csum_not_inet is
moved down and this bit is currently used by sctp.
[0]: https://lore.kernel.org/bpf/20220217015043.khqwqklx45c4m4se@kafai-mbp.dhcp.thefacebook.com/
Signed-off-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-03-02 22:56:28 +03:00
|
|
|
#define TC_AT_INGRESS_MASK (1 << 7)
|
|
|
|
#define SKB_MONO_DELIVERY_TIME_MASK (1 << 5)
|
2021-11-21 03:31:48 +03:00
|
|
|
#endif
|
|
|
|
#define PKT_VLAN_PRESENT_OFFSET offsetof(struct sk_buff, __pkt_vlan_present_offset)
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
#ifdef __KERNEL__
|
|
|
|
/*
|
|
|
|
* Handling routines are only of interest to the kernel
|
|
|
|
*/
|
|
|
|
|
2012-08-01 03:44:19 +04:00
|
|
|
#define SKB_ALLOC_FCLONE 0x01
|
|
|
|
#define SKB_ALLOC_RX 0x02
|
2014-12-10 06:40:49 +03:00
|
|
|
#define SKB_ALLOC_NAPI 0x04
|
2012-08-01 03:44:19 +04:00
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* skb_pfmemalloc - Test if the skb was allocated from PFMEMALLOC reserves
|
|
|
|
* @skb: buffer
|
|
|
|
*/
|
2012-08-01 03:44:19 +04:00
|
|
|
static inline bool skb_pfmemalloc(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return unlikely(skb->pfmemalloc);
|
|
|
|
}
|
|
|
|
|
2010-05-12 03:19:48 +04:00
|
|
|
/*
|
|
|
|
* skb might have a dst pointer attached, refcounted or not.
|
|
|
|
* _skb_refdst low order bit is set if refcount was _not_ taken
|
|
|
|
*/
|
|
|
|
#define SKB_DST_NOREF 1UL
|
|
|
|
#define SKB_DST_PTRMASK ~(SKB_DST_NOREF)
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_dst - returns skb dst_entry
|
|
|
|
* @skb: buffer
|
|
|
|
*
|
|
|
|
* Returns skb dst_entry, regardless of reference taken or not.
|
|
|
|
*/
|
2009-06-02 09:19:30 +04:00
|
|
|
static inline struct dst_entry *skb_dst(const struct sk_buff *skb)
|
|
|
|
{
|
2019-03-05 17:35:54 +03:00
|
|
|
/* If refdst was not refcounted, check we still are in a
|
2010-05-12 03:19:48 +04:00
|
|
|
* rcu_read_lock section
|
|
|
|
*/
|
|
|
|
WARN_ON((skb->_skb_refdst & SKB_DST_NOREF) &&
|
|
|
|
!rcu_read_lock_held() &&
|
|
|
|
!rcu_read_lock_bh_held());
|
|
|
|
return (struct dst_entry *)(skb->_skb_refdst & SKB_DST_PTRMASK);
|
2009-06-02 09:19:30 +04:00
|
|
|
}
|
|
|
|
|
2010-05-12 03:19:48 +04:00
|
|
|
/**
|
|
|
|
* skb_dst_set - sets skb dst
|
|
|
|
* @skb: buffer
|
|
|
|
* @dst: dst entry
|
|
|
|
*
|
|
|
|
* Sets skb dst, assuming a reference was taken on dst and should
|
|
|
|
* be released by skb_dst_drop()
|
|
|
|
*/
|
2009-06-02 09:19:30 +04:00
|
|
|
static inline void skb_dst_set(struct sk_buff *skb, struct dst_entry *dst)
|
|
|
|
{
|
2021-07-28 19:24:00 +03:00
|
|
|
skb->slow_gro |= !!dst;
|
2010-05-12 03:19:48 +04:00
|
|
|
skb->_skb_refdst = (unsigned long)dst;
|
|
|
|
}
|
|
|
|
|
2013-03-21 13:57:58 +04:00
|
|
|
/**
|
|
|
|
* skb_dst_set_noref - sets skb dst, hopefully, without taking reference
|
|
|
|
* @skb: buffer
|
|
|
|
* @dst: dst entry
|
|
|
|
*
|
|
|
|
* Sets skb dst, assuming a reference was not taken on dst.
|
|
|
|
* If dst entry is cached, we do not take reference and dst_release
|
|
|
|
* will be avoided by refdst_drop. If dst entry is not cached, we take
|
|
|
|
* reference, so that last dst_release can destroy the dst immediately.
|
|
|
|
*/
|
|
|
|
static inline void skb_dst_set_noref(struct sk_buff *skb, struct dst_entry *dst)
|
|
|
|
{
|
2014-12-06 21:19:42 +03:00
|
|
|
WARN_ON(!rcu_read_lock_held() && !rcu_read_lock_bh_held());
|
2021-07-30 19:30:53 +03:00
|
|
|
skb->slow_gro |= !!dst;
|
2014-12-06 21:19:42 +03:00
|
|
|
skb->_skb_refdst = (unsigned long)dst | SKB_DST_NOREF;
|
2013-03-21 13:57:58 +04:00
|
|
|
}
|
2010-05-12 03:19:48 +04:00
|
|
|
|
|
|
|
/**
|
2011-03-31 05:57:33 +04:00
|
|
|
* skb_dst_is_noref - Test if skb dst isn't refcounted
|
2010-05-12 03:19:48 +04:00
|
|
|
* @skb: buffer
|
|
|
|
*/
|
|
|
|
static inline bool skb_dst_is_noref(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return (skb->_skb_refdst & SKB_DST_NOREF) && skb_dst(skb);
|
2009-06-02 09:19:30 +04:00
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* skb_rtable - Returns the skb &rtable
|
|
|
|
* @skb: buffer
|
|
|
|
*/
|
2009-06-02 09:14:27 +04:00
|
|
|
static inline struct rtable *skb_rtable(const struct sk_buff *skb)
|
|
|
|
{
|
2009-06-02 09:19:30 +04:00
|
|
|
return (struct rtable *)skb_dst(skb);
|
2009-06-02 09:14:27 +04:00
|
|
|
}
|
|
|
|
|
2016-07-02 13:43:14 +03:00
|
|
|
/* For mangling skb->pkt_type from user space side from applications
|
|
|
|
* such as nft, tc, etc, we only allow a conservative subset of
|
|
|
|
* possible pkt_types to be set.
|
|
|
|
*/
|
|
|
|
static inline bool skb_pkt_type_ok(u32 ptype)
|
|
|
|
{
|
|
|
|
return ptype <= PACKET_OTHERHOST;
|
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* skb_napi_id - Returns the skb's NAPI id
|
|
|
|
* @skb: buffer
|
|
|
|
*/
|
2017-05-19 18:52:37 +03:00
|
|
|
static inline unsigned int skb_napi_id(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
#ifdef CONFIG_NET_RX_BUSY_POLL
|
|
|
|
return skb->napi_id;
|
|
|
|
#else
|
|
|
|
return 0;
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* skb_unref - decrement the skb's reference count
|
|
|
|
* @skb: buffer
|
|
|
|
*
|
|
|
|
* Returns true if we can free the skb.
|
|
|
|
*/
|
2017-06-12 12:23:41 +03:00
|
|
|
static inline bool skb_unref(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (unlikely(!skb))
|
|
|
|
return false;
|
2017-06-30 13:07:58 +03:00
|
|
|
if (likely(refcount_read(&skb->users) == 1))
|
2017-06-12 12:23:41 +03:00
|
|
|
smp_rmb();
|
2017-06-30 13:07:58 +03:00
|
|
|
else if (likely(!refcount_dec_and_test(&skb->users)))
|
2017-06-12 12:23:41 +03:00
|
|
|
return false;
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2022-01-09 09:36:26 +03:00
|
|
|
void kfree_skb_reason(struct sk_buff *skb, enum skb_drop_reason reason);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* kfree_skb - free an sk_buff with 'NOT_SPECIFIED' reason
|
|
|
|
* @skb: buffer to free
|
|
|
|
*/
|
|
|
|
static inline void kfree_skb(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
kfree_skb_reason(skb, SKB_DROP_REASON_NOT_SPECIFIED);
|
|
|
|
}
|
|
|
|
|
2017-06-12 12:23:42 +03:00
|
|
|
void skb_release_head_state(struct sk_buff *skb);
|
2022-03-04 09:00:41 +03:00
|
|
|
void kfree_skb_list_reason(struct sk_buff *segs,
|
|
|
|
enum skb_drop_reason reason);
|
2019-07-07 12:51:55 +03:00
|
|
|
void skb_dump(const char *level, const struct sk_buff *skb, bool full_pkt);
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_tx_error(struct sk_buff *skb);
|
2020-08-22 01:23:29 +03:00
|
|
|
|
2022-03-04 09:00:41 +03:00
|
|
|
static inline void kfree_skb_list(struct sk_buff *segs)
|
|
|
|
{
|
|
|
|
kfree_skb_list_reason(segs, SKB_DROP_REASON_NOT_SPECIFIED);
|
|
|
|
}
|
|
|
|
|
2020-08-22 01:23:29 +03:00
|
|
|
#ifdef CONFIG_TRACEPOINTS
|
2013-09-27 01:48:15 +04:00
|
|
|
void consume_skb(struct sk_buff *skb);
|
2020-08-22 01:23:29 +03:00
|
|
|
#else
|
|
|
|
static inline void consume_skb(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return kfree_skb(skb);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2017-09-06 15:44:36 +03:00
|
|
|
void __consume_stateless_skb(struct sk_buff *skb);
|
2013-09-27 01:48:15 +04:00
|
|
|
void __kfree_skb(struct sk_buff *skb);
|
2012-04-30 12:10:34 +04:00
|
|
|
extern struct kmem_cache *skbuff_head_cache;
|
2012-05-19 07:02:02 +04:00
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void kfree_skb_partial(struct sk_buff *skb, bool head_stolen);
|
|
|
|
bool skb_try_coalesce(struct sk_buff *to, struct sk_buff *from,
|
|
|
|
bool *fragstolen, int *delta_truesize);
|
2012-05-19 07:02:02 +04:00
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *__alloc_skb(unsigned int size, gfp_t priority, int flags,
|
|
|
|
int node);
|
2015-04-25 02:05:01 +03:00
|
|
|
struct sk_buff *__build_skb(void *data, unsigned int frag_size);
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *build_skb(void *data, unsigned int frag_size);
|
2019-04-12 18:07:37 +03:00
|
|
|
struct sk_buff *build_skb_around(struct sk_buff *skb,
|
|
|
|
void *data, unsigned int frag_size);
|
net: generalize skb freeing deferral to per-cpu lists
Logic added in commit f35f821935d8 ("tcp: defer skb freeing after socket
lock is released") helped bulk TCP flows to move the cost of skbs
frees outside of critical section where socket lock was held.
But for RPC traffic, or hosts with RFS enabled, the solution is far from
being ideal.
For RPC traffic, recvmsg() has to return to user space right after
skb payload has been consumed, meaning that BH handler has no chance
to pick the skb before recvmsg() thread. This issue is more visible
with BIG TCP, as more RPC fit one skb.
For RFS, even if BH handler picks the skbs, they are still picked
from the cpu on which user thread is running.
Ideally, it is better to free the skbs (and associated page frags)
on the cpu that originally allocated them.
This patch removes the per socket anchor (sk->defer_list) and
instead uses a per-cpu list, which will hold more skbs per round.
This new per-cpu list is drained at the end of net_action_rx(),
after incoming packets have been processed, to lower latencies.
In normal conditions, skbs are added to the per-cpu list with
no further action. In the (unlikely) cases where the cpu does not
run net_action_rx() handler fast enough, we use an IPI to raise
NET_RX_SOFTIRQ on the remote cpu.
Also, we do not bother draining the per-cpu list from dev_cpu_dead()
This is because skbs in this list have no requirement on how fast
they should be freed.
Note that we can add in the future a small per-cpu cache
if we see any contention on sd->defer_lock.
Tested on a pair of hosts with 100Gbit NIC, RFS enabled,
and /proc/sys/net/ipv4/tcp_rmem[2] tuned to 16MB to work around
page recycling strategy used by NIC driver (its page pool capacity
being too small compared to number of skbs/pages held in sockets
receive queues)
Note that this tuning was only done to demonstrate worse
conditions for skb freeing for this particular test.
These conditions can happen in more general production workload.
10 runs of one TCP_STREAM flow
Before:
Average throughput: 49685 Mbit.
Kernel profiles on cpu running user thread recvmsg() show high cost for
skb freeing related functions (*)
57.81% [kernel] [k] copy_user_enhanced_fast_string
(*) 12.87% [kernel] [k] skb_release_data
(*) 4.25% [kernel] [k] __free_one_page
(*) 3.57% [kernel] [k] __list_del_entry_valid
1.85% [kernel] [k] __netif_receive_skb_core
1.60% [kernel] [k] __skb_datagram_iter
(*) 1.59% [kernel] [k] free_unref_page_commit
(*) 1.16% [kernel] [k] __slab_free
1.16% [kernel] [k] _copy_to_iter
(*) 1.01% [kernel] [k] kfree
(*) 0.88% [kernel] [k] free_unref_page
0.57% [kernel] [k] ip6_rcv_core
0.55% [kernel] [k] ip6t_do_table
0.54% [kernel] [k] flush_smp_call_function_queue
(*) 0.54% [kernel] [k] free_pcppages_bulk
0.51% [kernel] [k] llist_reverse_order
0.38% [kernel] [k] process_backlog
(*) 0.38% [kernel] [k] free_pcp_prepare
0.37% [kernel] [k] tcp_recvmsg_locked
(*) 0.37% [kernel] [k] __list_add_valid
0.34% [kernel] [k] sock_rfree
0.34% [kernel] [k] _raw_spin_lock_irq
(*) 0.33% [kernel] [k] __page_cache_release
0.33% [kernel] [k] tcp_v6_rcv
(*) 0.33% [kernel] [k] __put_page
(*) 0.29% [kernel] [k] __mod_zone_page_state
0.27% [kernel] [k] _raw_spin_lock
After patch:
Average throughput: 73076 Mbit.
Kernel profiles on cpu running user thread recvmsg() looks better:
81.35% [kernel] [k] copy_user_enhanced_fast_string
1.95% [kernel] [k] _copy_to_iter
1.95% [kernel] [k] __skb_datagram_iter
1.27% [kernel] [k] __netif_receive_skb_core
1.03% [kernel] [k] ip6t_do_table
0.60% [kernel] [k] sock_rfree
0.50% [kernel] [k] tcp_v6_rcv
0.47% [kernel] [k] ip6_rcv_core
0.45% [kernel] [k] read_tsc
0.44% [kernel] [k] _raw_spin_lock_irqsave
0.37% [kernel] [k] _raw_spin_lock
0.37% [kernel] [k] native_irq_return_iret
0.33% [kernel] [k] __inet6_lookup_established
0.31% [kernel] [k] ip6_protocol_deliver_rcu
0.29% [kernel] [k] tcp_rcv_established
0.29% [kernel] [k] llist_reverse_order
v2: kdoc issue (kernel bots)
do not defer if (alloc_cpu == smp_processor_id()) (Paolo)
replace the sk_buff_head with a single-linked list (Jakub)
add a READ_ONCE()/WRITE_ONCE() for the lockless read of sd->defer_list
Signed-off-by: Eric Dumazet <edumazet@google.com>
Acked-by: Paolo Abeni <pabeni@redhat.com>
Link: https://lore.kernel.org/r/20220422201237.416238-1-eric.dumazet@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2022-04-22 23:12:37 +03:00
|
|
|
void skb_attempt_defer_free(struct sk_buff *skb);
|
2019-03-05 17:35:54 +03:00
|
|
|
|
skbuff: introduce {,__}napi_build_skb() which reuses NAPI cache heads
Instead of just bulk-flushing skbuff_heads queued up through
napi_consume_skb() or __kfree_skb_defer(), try to reuse them
on allocation path.
If the cache is empty on allocation, bulk-allocate the first
16 elements, which is more efficient than per-skb allocation.
If the cache is full on freeing, bulk-wipe the second half of
the cache (32 elements).
This also includes custom KASAN poisoning/unpoisoning to be
double sure there are no use-after-free cases.
To not change current behaviour, introduce a new function,
napi_build_skb(), to optionally use a new approach later
in drivers.
Note on selected bulk size, 16:
- this equals to XDP_BULK_QUEUE_SIZE, DEV_MAP_BULK_SIZE
and especially VETH_XDP_BATCH, which is also used to
bulk-allocate skbuff_heads and was tested on powerful
setups;
- this also showed the best performance in the actual
test series (from the array of {8, 16, 32}).
Suggested-by: Edward Cree <ecree.xilinx@gmail.com> # Divide on two halves
Suggested-by: Eric Dumazet <edumazet@google.com> # KASAN poisoning
Cc: Dmitry Vyukov <dvyukov@google.com> # Help with KASAN
Cc: Paolo Abeni <pabeni@redhat.com> # Reduced batch size
Signed-off-by: Alexander Lobakin <alobakin@pm.me>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-02-13 17:12:25 +03:00
|
|
|
struct sk_buff *napi_build_skb(void *data, unsigned int frag_size);
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* alloc_skb - allocate a network buffer
|
|
|
|
* @size: size to allocate
|
|
|
|
* @priority: allocation mask
|
|
|
|
*
|
|
|
|
* This function is a convenient wrapper around __alloc_skb().
|
|
|
|
*/
|
2005-08-18 01:57:30 +04:00
|
|
|
static inline struct sk_buff *alloc_skb(unsigned int size,
|
2005-10-07 10:46:04 +04:00
|
|
|
gfp_t priority)
|
2005-08-18 01:57:30 +04:00
|
|
|
{
|
2010-10-11 23:05:25 +04:00
|
|
|
return __alloc_skb(size, priority, 0, NUMA_NO_NODE);
|
2005-08-18 01:57:30 +04:00
|
|
|
}
|
|
|
|
|
2014-09-17 15:49:49 +04:00
|
|
|
struct sk_buff *alloc_skb_with_frags(unsigned long header_len,
|
|
|
|
unsigned long data_len,
|
|
|
|
int max_page_order,
|
|
|
|
int *errcode,
|
|
|
|
gfp_t gfp_mask);
|
2019-06-04 01:16:58 +03:00
|
|
|
struct sk_buff *alloc_skb_for_msg(struct sk_buff *first);
|
2014-09-17 15:49:49 +04:00
|
|
|
|
2014-09-30 00:29:15 +04:00
|
|
|
/* Layout of fast clones : [skb1][skb2][fclone_ref] */
|
|
|
|
struct sk_buff_fclones {
|
|
|
|
struct sk_buff skb1;
|
|
|
|
|
|
|
|
struct sk_buff skb2;
|
|
|
|
|
2017-06-30 13:07:59 +03:00
|
|
|
refcount_t fclone_ref;
|
2014-09-30 00:29:15 +04:00
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_fclone_busy - check if fclone is busy
|
2016-10-23 19:28:29 +03:00
|
|
|
* @sk: socket
|
2014-09-30 00:29:15 +04:00
|
|
|
* @skb: buffer
|
|
|
|
*
|
2015-12-13 10:53:02 +03:00
|
|
|
* Returns true if skb is a fast clone, and its clone is not freed.
|
2014-10-30 20:32:34 +03:00
|
|
|
* Some drivers call skb_orphan() in their ndo_start_xmit(),
|
|
|
|
* so we also check that this didnt happen.
|
2014-09-30 00:29:15 +04:00
|
|
|
*/
|
2014-10-30 20:32:34 +03:00
|
|
|
static inline bool skb_fclone_busy(const struct sock *sk,
|
|
|
|
const struct sk_buff *skb)
|
2014-09-30 00:29:15 +04:00
|
|
|
{
|
|
|
|
const struct sk_buff_fclones *fclones;
|
|
|
|
|
|
|
|
fclones = container_of(skb, struct sk_buff_fclones, skb1);
|
|
|
|
|
|
|
|
return skb->fclone == SKB_FCLONE_ORIG &&
|
2017-06-30 13:07:59 +03:00
|
|
|
refcount_read(&fclones->fclone_ref) > 1 &&
|
2021-03-11 23:35:04 +03:00
|
|
|
READ_ONCE(fclones->skb2.sk) == sk;
|
2014-09-30 00:29:15 +04:00
|
|
|
}
|
|
|
|
|
2019-03-05 17:35:54 +03:00
|
|
|
/**
|
|
|
|
* alloc_skb_fclone - allocate a network buffer from fclone cache
|
|
|
|
* @size: size to allocate
|
|
|
|
* @priority: allocation mask
|
|
|
|
*
|
|
|
|
* This function is a convenient wrapper around __alloc_skb().
|
|
|
|
*/
|
2005-08-18 01:57:30 +04:00
|
|
|
static inline struct sk_buff *alloc_skb_fclone(unsigned int size,
|
2005-10-07 10:46:04 +04:00
|
|
|
gfp_t priority)
|
2005-08-18 01:57:30 +04:00
|
|
|
{
|
2012-08-01 03:44:19 +04:00
|
|
|
return __alloc_skb(size, priority, SKB_ALLOC_FCLONE, NUMA_NO_NODE);
|
2005-08-18 01:57:30 +04:00
|
|
|
}
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *skb_morph(struct sk_buff *dst, struct sk_buff *src);
|
2018-08-03 10:58:09 +03:00
|
|
|
void skb_headers_offset_update(struct sk_buff *skb, int off);
|
2013-09-27 01:48:15 +04:00
|
|
|
int skb_copy_ubufs(struct sk_buff *skb, gfp_t gfp_mask);
|
|
|
|
struct sk_buff *skb_clone(struct sk_buff *skb, gfp_t priority);
|
2018-04-30 10:16:11 +03:00
|
|
|
void skb_copy_header(struct sk_buff *new, const struct sk_buff *old);
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *skb_copy(const struct sk_buff *skb, gfp_t priority);
|
2014-06-12 02:36:26 +04:00
|
|
|
struct sk_buff *__pskb_copy_fclone(struct sk_buff *skb, int headroom,
|
|
|
|
gfp_t gfp_mask, bool fclone);
|
|
|
|
static inline struct sk_buff *__pskb_copy(struct sk_buff *skb, int headroom,
|
|
|
|
gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
return __pskb_copy_fclone(skb, headroom, gfp_mask, false);
|
|
|
|
}
|
2013-09-27 01:48:15 +04:00
|
|
|
|
|
|
|
int pskb_expand_head(struct sk_buff *skb, int nhead, int ntail, gfp_t gfp_mask);
|
|
|
|
struct sk_buff *skb_realloc_headroom(struct sk_buff *skb,
|
|
|
|
unsigned int headroom);
|
2021-08-02 11:52:15 +03:00
|
|
|
struct sk_buff *skb_expand_head(struct sk_buff *skb, unsigned int headroom);
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *skb_copy_expand(const struct sk_buff *skb, int newheadroom,
|
|
|
|
int newtailroom, gfp_t priority);
|
skbuff: return -EMSGSIZE in skb_to_sgvec to prevent overflow
This is a defense-in-depth measure in response to bugs like
4d6fa57b4dab ("macsec: avoid heap overflow in skb_to_sgvec"). There's
not only a potential overflow of sglist items, but also a stack overflow
potential, so we fix this by limiting the amount of recursion this function
is allowed to do. Not actually providing a bounded base case is a future
disaster that we can easily avoid here.
As a small matter of house keeping, we take this opportunity to move the
documentation comment over the actual function the documentation is for.
While this could be implemented by using an explicit stack of skbuffs,
when implementing this, the function complexity increased considerably,
and I don't think such complexity and bloat is actually worth it. So,
instead I built this and tested it on x86, x86_64, ARM, ARM64, and MIPS,
and measured the stack usage there. I also reverted the recent MIPS
changes that give it a separate IRQ stack, so that I could experience
some worst-case situations. I found that limiting it to 24 layers deep
yielded a good stack usage with room for safety, as well as being much
deeper than any driver actually ever creates.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: David Howells <dhowells@redhat.com>
Cc: Sabrina Dubroca <sd@queasysnail.net>
Cc: "Michael S. Tsirkin" <mst@redhat.com>
Cc: Jason Wang <jasowang@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-04 05:16:22 +03:00
|
|
|
int __must_check skb_to_sgvec_nomark(struct sk_buff *skb, struct scatterlist *sg,
|
|
|
|
int offset, int len);
|
|
|
|
int __must_check skb_to_sgvec(struct sk_buff *skb, struct scatterlist *sg,
|
|
|
|
int offset, int len);
|
2013-09-27 01:48:15 +04:00
|
|
|
int skb_cow_data(struct sk_buff *skb, int tailbits, struct sk_buff **trailer);
|
2017-08-23 01:12:14 +03:00
|
|
|
int __skb_pad(struct sk_buff *skb, int pad, bool free_on_error);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_pad - zero pad the tail of an skb
|
|
|
|
* @skb: buffer to pad
|
|
|
|
* @pad: space to pad
|
|
|
|
*
|
|
|
|
* Ensure that a buffer is followed by a padding area that is zero
|
|
|
|
* filled. Used by network drivers which may DMA or transfer data
|
|
|
|
* beyond the buffer end onto the wire.
|
|
|
|
*
|
|
|
|
* May return error in out of memory cases. The skb is freed on error.
|
|
|
|
*/
|
|
|
|
static inline int skb_pad(struct sk_buff *skb, int pad)
|
|
|
|
{
|
|
|
|
return __skb_pad(skb, pad, true);
|
|
|
|
}
|
2009-03-11 12:49:55 +03:00
|
|
|
#define dev_kfree_skb(a) consume_skb(a)
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2015-05-21 17:59:58 +03:00
|
|
|
int skb_append_pagefrags(struct sk_buff *skb, struct page *page,
|
|
|
|
int offset, size_t size);
|
|
|
|
|
2009-11-04 20:50:58 +03:00
|
|
|
struct skb_seq_state {
|
2005-06-24 07:59:51 +04:00
|
|
|
__u32 lower_offset;
|
|
|
|
__u32 upper_offset;
|
|
|
|
__u32 frag_idx;
|
|
|
|
__u32 stepped_offset;
|
|
|
|
struct sk_buff *root_skb;
|
|
|
|
struct sk_buff *cur_skb;
|
|
|
|
__u8 *frag_data;
|
2021-01-10 01:18:33 +03:00
|
|
|
__u32 frag_off;
|
2005-06-24 07:59:51 +04:00
|
|
|
};
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_prepare_seq_read(struct sk_buff *skb, unsigned int from,
|
|
|
|
unsigned int to, struct skb_seq_state *st);
|
|
|
|
unsigned int skb_seq_read(unsigned int consumed, const u8 **data,
|
|
|
|
struct skb_seq_state *st);
|
|
|
|
void skb_abort_seq_read(struct skb_seq_state *st);
|
2005-06-24 07:59:51 +04:00
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
unsigned int skb_find_text(struct sk_buff *skb, unsigned int from,
|
2015-02-22 13:46:35 +03:00
|
|
|
unsigned int to, struct ts_config *config);
|
2005-06-24 08:00:17 +04:00
|
|
|
|
2013-12-16 10:16:19 +04:00
|
|
|
/*
|
|
|
|
* Packet hash types specify the type of hash in skb_set_hash.
|
|
|
|
*
|
|
|
|
* Hash types refer to the protocol layer addresses which are used to
|
|
|
|
* construct a packet's hash. The hashes are used to differentiate or identify
|
|
|
|
* flows of the protocol layer for the hash type. Hash types are either
|
|
|
|
* layer-2 (L2), layer-3 (L3), or layer-4 (L4).
|
|
|
|
*
|
|
|
|
* Properties of hashes:
|
|
|
|
*
|
|
|
|
* 1) Two packets in different flows have different hash values
|
|
|
|
* 2) Two packets in the same flow should have the same hash value
|
|
|
|
*
|
|
|
|
* A hash at a higher layer is considered to be more specific. A driver should
|
|
|
|
* set the most specific hash possible.
|
|
|
|
*
|
|
|
|
* A driver cannot indicate a more specific hash than the layer at which a hash
|
|
|
|
* was computed. For instance an L3 hash cannot be set as an L4 hash.
|
|
|
|
*
|
|
|
|
* A driver may indicate a hash level which is less specific than the
|
|
|
|
* actual layer the hash was computed on. For instance, a hash computed
|
|
|
|
* at L4 may be considered an L3 hash. This should only be done if the
|
|
|
|
* driver can't unambiguously determine that the HW computed the hash at
|
|
|
|
* the higher layer. Note that the "should" in the second property above
|
|
|
|
* permits this.
|
|
|
|
*/
|
|
|
|
enum pkt_hash_types {
|
|
|
|
PKT_HASH_TYPE_NONE, /* Undefined type */
|
|
|
|
PKT_HASH_TYPE_L2, /* Input: src_MAC, dest_MAC */
|
|
|
|
PKT_HASH_TYPE_L3, /* Input: src_IP, dst_IP */
|
|
|
|
PKT_HASH_TYPE_L4, /* Input: src_IP, dst_IP, src_port, dst_port */
|
|
|
|
};
|
|
|
|
|
2015-09-01 19:24:24 +03:00
|
|
|
static inline void skb_clear_hash(struct sk_buff *skb)
|
2013-12-16 10:16:19 +04:00
|
|
|
{
|
2015-09-01 19:24:24 +03:00
|
|
|
skb->hash = 0;
|
2014-07-02 08:33:17 +04:00
|
|
|
skb->sw_hash = 0;
|
2015-09-01 19:24:24 +03:00
|
|
|
skb->l4_hash = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_clear_hash_if_not_l4(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (!skb->l4_hash)
|
|
|
|
skb_clear_hash(skb);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void
|
|
|
|
__skb_set_hash(struct sk_buff *skb, __u32 hash, bool is_sw, bool is_l4)
|
|
|
|
{
|
|
|
|
skb->l4_hash = is_l4;
|
|
|
|
skb->sw_hash = is_sw;
|
2014-03-25 02:34:47 +04:00
|
|
|
skb->hash = hash;
|
2013-12-16 10:16:19 +04:00
|
|
|
}
|
|
|
|
|
2015-09-01 19:24:24 +03:00
|
|
|
static inline void
|
|
|
|
skb_set_hash(struct sk_buff *skb, __u32 hash, enum pkt_hash_types type)
|
|
|
|
{
|
|
|
|
/* Used by drivers to set hash from HW */
|
|
|
|
__skb_set_hash(skb, hash, false, type == PKT_HASH_TYPE_L4);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void
|
|
|
|
__skb_set_sw_hash(struct sk_buff *skb, __u32 hash, bool is_l4)
|
|
|
|
{
|
|
|
|
__skb_set_hash(skb, hash, true, is_l4);
|
|
|
|
}
|
|
|
|
|
2015-09-01 19:24:23 +03:00
|
|
|
void __skb_get_hash(struct sk_buff *skb);
|
2016-10-26 19:49:46 +03:00
|
|
|
u32 __skb_get_hash_symmetric(const struct sk_buff *skb);
|
2015-09-01 19:24:23 +03:00
|
|
|
u32 skb_get_poff(const struct sk_buff *skb);
|
2021-03-14 14:11:23 +03:00
|
|
|
u32 __skb_get_poff(const struct sk_buff *skb, const void *data,
|
2018-05-04 12:32:59 +03:00
|
|
|
const struct flow_keys_basic *keys, int hlen);
|
2015-09-01 19:24:23 +03:00
|
|
|
__be32 __skb_flow_get_ports(const struct sk_buff *skb, int thoff, u8 ip_proto,
|
2021-03-14 14:11:23 +03:00
|
|
|
const void *data, int hlen_proto);
|
2015-09-01 19:24:23 +03:00
|
|
|
|
|
|
|
static inline __be32 skb_flow_get_ports(const struct sk_buff *skb,
|
|
|
|
int thoff, u8 ip_proto)
|
|
|
|
{
|
|
|
|
return __skb_flow_get_ports(skb, thoff, ip_proto, NULL, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
void skb_flow_dissector_init(struct flow_dissector *flow_dissector,
|
|
|
|
const struct flow_dissector_key *key,
|
|
|
|
unsigned int key_count);
|
|
|
|
|
2019-04-22 18:55:44 +03:00
|
|
|
struct bpf_flow_dissector;
|
|
|
|
bool bpf_flow_dissect(struct bpf_prog *prog, struct bpf_flow_dissector *ctx,
|
2019-07-26 01:52:25 +03:00
|
|
|
__be16 proto, int nhoff, int hlen, unsigned int flags);
|
2019-04-22 18:55:44 +03:00
|
|
|
|
2019-04-22 18:55:46 +03:00
|
|
|
bool __skb_flow_dissect(const struct net *net,
|
|
|
|
const struct sk_buff *skb,
|
2015-09-01 19:24:23 +03:00
|
|
|
struct flow_dissector *flow_dissector,
|
2021-03-14 14:11:23 +03:00
|
|
|
void *target_container, const void *data,
|
|
|
|
__be16 proto, int nhoff, int hlen, unsigned int flags);
|
2015-09-01 19:24:23 +03:00
|
|
|
|
|
|
|
static inline bool skb_flow_dissect(const struct sk_buff *skb,
|
|
|
|
struct flow_dissector *flow_dissector,
|
2015-09-01 19:24:27 +03:00
|
|
|
void *target_container, unsigned int flags)
|
2015-09-01 19:24:23 +03:00
|
|
|
{
|
2019-04-22 18:55:46 +03:00
|
|
|
return __skb_flow_dissect(NULL, skb, flow_dissector,
|
|
|
|
target_container, NULL, 0, 0, 0, flags);
|
2015-09-01 19:24:23 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_flow_dissect_flow_keys(const struct sk_buff *skb,
|
2015-09-01 19:24:27 +03:00
|
|
|
struct flow_keys *flow,
|
|
|
|
unsigned int flags)
|
2015-09-01 19:24:23 +03:00
|
|
|
{
|
|
|
|
memset(flow, 0, sizeof(*flow));
|
2019-04-22 18:55:46 +03:00
|
|
|
return __skb_flow_dissect(NULL, skb, &flow_keys_dissector,
|
|
|
|
flow, NULL, 0, 0, 0, flags);
|
2015-09-01 19:24:23 +03:00
|
|
|
}
|
|
|
|
|
2018-05-04 12:32:59 +03:00
|
|
|
static inline bool
|
2019-04-22 18:55:46 +03:00
|
|
|
skb_flow_dissect_flow_keys_basic(const struct net *net,
|
|
|
|
const struct sk_buff *skb,
|
2021-03-14 14:11:23 +03:00
|
|
|
struct flow_keys_basic *flow,
|
|
|
|
const void *data, __be16 proto,
|
|
|
|
int nhoff, int hlen, unsigned int flags)
|
2015-09-01 19:24:23 +03:00
|
|
|
{
|
|
|
|
memset(flow, 0, sizeof(*flow));
|
2019-04-22 18:55:46 +03:00
|
|
|
return __skb_flow_dissect(net, skb, &flow_keys_basic_dissector, flow,
|
2015-09-01 19:24:27 +03:00
|
|
|
data, proto, nhoff, hlen, flags);
|
2015-09-01 19:24:23 +03:00
|
|
|
}
|
|
|
|
|
2019-06-19 09:41:02 +03:00
|
|
|
void skb_flow_dissect_meta(const struct sk_buff *skb,
|
|
|
|
struct flow_dissector *flow_dissector,
|
|
|
|
void *target_container);
|
|
|
|
|
2019-07-09 10:30:49 +03:00
|
|
|
/* Gets a skb connection tracking info, ctinfo map should be a
|
2020-07-15 19:42:39 +03:00
|
|
|
* map of mapsize to translate enum ip_conntrack_info states
|
2019-07-09 10:30:49 +03:00
|
|
|
* to user states.
|
|
|
|
*/
|
|
|
|
void
|
|
|
|
skb_flow_dissect_ct(const struct sk_buff *skb,
|
|
|
|
struct flow_dissector *flow_dissector,
|
|
|
|
void *target_container,
|
2021-01-19 11:31:50 +03:00
|
|
|
u16 *ctinfo_map, size_t mapsize,
|
2021-12-14 20:24:34 +03:00
|
|
|
bool post_ct, u16 zone);
|
2017-12-04 13:31:48 +03:00
|
|
|
void
|
|
|
|
skb_flow_dissect_tunnel_info(const struct sk_buff *skb,
|
|
|
|
struct flow_dissector *flow_dissector,
|
|
|
|
void *target_container);
|
|
|
|
|
2020-07-23 01:03:00 +03:00
|
|
|
void skb_flow_dissect_hash(const struct sk_buff *skb,
|
|
|
|
struct flow_dissector *flow_dissector,
|
|
|
|
void *target_container);
|
|
|
|
|
2013-12-16 10:12:06 +04:00
|
|
|
static inline __u32 skb_get_hash(struct sk_buff *skb)
|
2010-08-04 10:15:52 +04:00
|
|
|
{
|
2014-07-02 08:33:17 +04:00
|
|
|
if (!skb->l4_hash && !skb->sw_hash)
|
2013-12-16 10:12:06 +04:00
|
|
|
__skb_get_hash(skb);
|
2010-08-04 10:15:52 +04:00
|
|
|
|
2014-03-25 02:34:47 +04:00
|
|
|
return skb->hash;
|
2010-08-04 10:15:52 +04:00
|
|
|
}
|
|
|
|
|
2015-09-02 07:19:17 +03:00
|
|
|
static inline __u32 skb_get_hash_flowi6(struct sk_buff *skb, const struct flowi6 *fl6)
|
2015-08-01 02:52:10 +03:00
|
|
|
{
|
2015-09-01 19:24:25 +03:00
|
|
|
if (!skb->l4_hash && !skb->sw_hash) {
|
|
|
|
struct flow_keys keys;
|
2015-09-02 04:11:04 +03:00
|
|
|
__u32 hash = __get_hash_from_flowi6(fl6, &keys);
|
2015-09-01 19:24:25 +03:00
|
|
|
|
2015-09-02 04:11:04 +03:00
|
|
|
__skb_set_sw_hash(skb, hash, flow_keys_have_l4(&keys));
|
2015-09-01 19:24:25 +03:00
|
|
|
}
|
2015-08-01 02:52:10 +03:00
|
|
|
|
|
|
|
return skb->hash;
|
|
|
|
}
|
|
|
|
|
2019-10-22 17:57:46 +03:00
|
|
|
__u32 skb_get_hash_perturb(const struct sk_buff *skb,
|
|
|
|
const siphash_key_t *perturb);
|
2015-05-01 21:30:12 +03:00
|
|
|
|
2014-01-15 20:57:54 +04:00
|
|
|
static inline __u32 skb_get_hash_raw(const struct sk_buff *skb)
|
|
|
|
{
|
2014-03-25 02:34:47 +04:00
|
|
|
return skb->hash;
|
2014-01-15 20:57:54 +04:00
|
|
|
}
|
|
|
|
|
2013-12-16 10:16:29 +04:00
|
|
|
static inline void skb_copy_hash(struct sk_buff *to, const struct sk_buff *from)
|
|
|
|
{
|
2014-03-25 02:34:47 +04:00
|
|
|
to->hash = from->hash;
|
2014-07-02 08:33:17 +04:00
|
|
|
to->sw_hash = from->sw_hash;
|
2014-03-25 02:34:47 +04:00
|
|
|
to->l4_hash = from->l4_hash;
|
2013-12-16 10:16:29 +04:00
|
|
|
};
|
|
|
|
|
2019-08-08 03:03:59 +03:00
|
|
|
static inline void skb_copy_decrypted(struct sk_buff *to,
|
|
|
|
const struct sk_buff *from)
|
|
|
|
{
|
|
|
|
#ifdef CONFIG_TLS_DEVICE
|
|
|
|
to->decrypted = from->decrypted;
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2007-04-20 07:43:29 +04:00
|
|
|
#ifdef NET_SKBUFF_DATA_USES_OFFSET
|
|
|
|
static inline unsigned char *skb_end_pointer(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->head + skb->end;
|
|
|
|
}
|
2012-05-04 18:26:56 +04:00
|
|
|
|
|
|
|
static inline unsigned int skb_end_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->end;
|
|
|
|
}
|
2022-02-22 06:21:12 +03:00
|
|
|
|
|
|
|
static inline void skb_set_end_offset(struct sk_buff *skb, unsigned int offset)
|
|
|
|
{
|
|
|
|
skb->end = offset;
|
|
|
|
}
|
2007-04-20 07:43:29 +04:00
|
|
|
#else
|
|
|
|
static inline unsigned char *skb_end_pointer(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->end;
|
|
|
|
}
|
2012-05-04 18:26:56 +04:00
|
|
|
|
|
|
|
static inline unsigned int skb_end_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->end - skb->head;
|
|
|
|
}
|
2022-02-22 06:21:12 +03:00
|
|
|
|
|
|
|
static inline void skb_set_end_offset(struct sk_buff *skb, unsigned int offset)
|
|
|
|
{
|
|
|
|
skb->end = skb->head + offset;
|
|
|
|
}
|
2007-04-20 07:43:29 +04:00
|
|
|
#endif
|
|
|
|
|
2022-04-28 13:58:45 +03:00
|
|
|
struct ubuf_info *msg_zerocopy_realloc(struct sock *sk, size_t size,
|
|
|
|
struct ubuf_info *uarg);
|
|
|
|
|
|
|
|
void msg_zerocopy_put_abort(struct ubuf_info *uarg, bool have_uref);
|
|
|
|
|
|
|
|
void msg_zerocopy_callback(struct sk_buff *skb, struct ubuf_info *uarg,
|
|
|
|
bool success);
|
|
|
|
|
2022-07-12 23:52:30 +03:00
|
|
|
int __zerocopy_sg_from_iter(struct msghdr *msg, struct sock *sk,
|
|
|
|
struct sk_buff *skb, struct iov_iter *from,
|
|
|
|
size_t length);
|
2022-04-28 13:58:45 +03:00
|
|
|
|
|
|
|
static inline int skb_zerocopy_iter_dgram(struct sk_buff *skb,
|
|
|
|
struct msghdr *msg, int len)
|
|
|
|
{
|
2022-07-12 23:52:30 +03:00
|
|
|
return __zerocopy_sg_from_iter(msg, skb->sk, skb, &msg->msg_iter, len);
|
2022-04-28 13:58:45 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
int skb_zerocopy_iter_stream(struct sock *sk, struct sk_buff *skb,
|
|
|
|
struct msghdr *msg, int len,
|
|
|
|
struct ubuf_info *uarg);
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/* Internal */
|
2007-04-20 07:43:29 +04:00
|
|
|
#define skb_shinfo(SKB) ((struct skb_shared_info *)(skb_end_pointer(SKB)))
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2009-02-12 08:03:37 +03:00
|
|
|
static inline struct skb_shared_hwtstamps *skb_hwtstamps(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return &skb_shinfo(skb)->hwtstamps;
|
|
|
|
}
|
|
|
|
|
2017-08-03 23:29:39 +03:00
|
|
|
static inline struct ubuf_info *skb_zcopy(struct sk_buff *skb)
|
|
|
|
{
|
2021-01-07 01:18:38 +03:00
|
|
|
bool is_zcopy = skb && skb_shinfo(skb)->flags & SKBFL_ZEROCOPY_ENABLE;
|
2017-08-03 23:29:39 +03:00
|
|
|
|
|
|
|
return is_zcopy ? skb_uarg(skb) : NULL;
|
|
|
|
}
|
|
|
|
|
2021-11-03 05:58:44 +03:00
|
|
|
static inline bool skb_zcopy_pure(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_shinfo(skb)->flags & SKBFL_PURE_ZEROCOPY;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_pure_zcopy_same(const struct sk_buff *skb1,
|
|
|
|
const struct sk_buff *skb2)
|
|
|
|
{
|
|
|
|
return skb_zcopy_pure(skb1) == skb_zcopy_pure(skb2);
|
|
|
|
}
|
|
|
|
|
2021-01-07 01:18:41 +03:00
|
|
|
static inline void net_zcopy_get(struct ubuf_info *uarg)
|
2021-01-07 01:18:33 +03:00
|
|
|
{
|
|
|
|
refcount_inc(&uarg->refcnt);
|
|
|
|
}
|
|
|
|
|
2021-01-07 01:18:40 +03:00
|
|
|
static inline void skb_zcopy_init(struct sk_buff *skb, struct ubuf_info *uarg)
|
|
|
|
{
|
|
|
|
skb_shinfo(skb)->destructor_arg = uarg;
|
|
|
|
skb_shinfo(skb)->flags |= uarg->flags;
|
|
|
|
}
|
|
|
|
|
2018-11-30 23:32:40 +03:00
|
|
|
static inline void skb_zcopy_set(struct sk_buff *skb, struct ubuf_info *uarg,
|
|
|
|
bool *have_ref)
|
2017-08-03 23:29:39 +03:00
|
|
|
{
|
|
|
|
if (skb && uarg && !skb_zcopy(skb)) {
|
2018-11-30 23:32:40 +03:00
|
|
|
if (unlikely(have_ref && *have_ref))
|
|
|
|
*have_ref = false;
|
|
|
|
else
|
2021-01-07 01:18:41 +03:00
|
|
|
net_zcopy_get(uarg);
|
2021-01-07 01:18:40 +03:00
|
|
|
skb_zcopy_init(skb, uarg);
|
2017-08-03 23:29:39 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-11-20 21:00:18 +03:00
|
|
|
static inline void skb_zcopy_set_nouarg(struct sk_buff *skb, void *val)
|
|
|
|
{
|
|
|
|
skb_shinfo(skb)->destructor_arg = (void *)((uintptr_t) val | 0x1UL);
|
2021-01-07 01:18:38 +03:00
|
|
|
skb_shinfo(skb)->flags |= SKBFL_ZEROCOPY_FRAG;
|
2018-11-20 21:00:18 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_zcopy_is_nouarg(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return (uintptr_t) skb_shinfo(skb)->destructor_arg & 0x1UL;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void *skb_zcopy_get_nouarg(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return (void *)((uintptr_t) skb_shinfo(skb)->destructor_arg & ~0x1UL);
|
|
|
|
}
|
|
|
|
|
2021-01-07 01:18:41 +03:00
|
|
|
static inline void net_zcopy_put(struct ubuf_info *uarg)
|
2021-01-07 01:18:32 +03:00
|
|
|
{
|
|
|
|
if (uarg)
|
2021-01-07 01:18:34 +03:00
|
|
|
uarg->callback(NULL, uarg, true);
|
2021-01-07 01:18:32 +03:00
|
|
|
}
|
|
|
|
|
2021-01-07 01:18:41 +03:00
|
|
|
static inline void net_zcopy_put_abort(struct ubuf_info *uarg, bool have_uref)
|
2021-01-07 01:18:35 +03:00
|
|
|
{
|
|
|
|
if (uarg) {
|
2021-01-07 01:18:37 +03:00
|
|
|
if (uarg->callback == msg_zerocopy_callback)
|
|
|
|
msg_zerocopy_put_abort(uarg, have_uref);
|
2021-01-07 01:18:35 +03:00
|
|
|
else if (have_uref)
|
2021-01-07 01:18:41 +03:00
|
|
|
net_zcopy_put(uarg);
|
2021-01-07 01:18:35 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2017-08-03 23:29:39 +03:00
|
|
|
/* Release a reference on a zerocopy structure */
|
2021-01-07 01:18:34 +03:00
|
|
|
static inline void skb_zcopy_clear(struct sk_buff *skb, bool zerocopy_success)
|
2017-08-03 23:29:39 +03:00
|
|
|
{
|
|
|
|
struct ubuf_info *uarg = skb_zcopy(skb);
|
|
|
|
|
|
|
|
if (uarg) {
|
2021-01-07 01:18:34 +03:00
|
|
|
if (!skb_zcopy_is_nouarg(skb))
|
|
|
|
uarg->callback(skb, uarg, zerocopy_success);
|
2017-08-10 02:09:44 +03:00
|
|
|
|
2021-11-03 05:58:44 +03:00
|
|
|
skb_shinfo(skb)->flags &= ~SKBFL_ALL_ZEROCOPY;
|
2017-08-03 23:29:39 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2018-07-30 06:42:53 +03:00
|
|
|
static inline void skb_mark_not_on_list(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->next = NULL;
|
|
|
|
}
|
|
|
|
|
net: introduce skb_list_walk_safe for skb segment walking
As part of the continual effort to remove direct usage of skb->next and
skb->prev, this patch adds a helper for iterating through the
singly-linked variant of skb lists, which are used for lists of GSO
packet. The name "skb_list_..." has been chosen to match the existing
function, "kfree_skb_list, which also operates on these singly-linked
lists, and the "..._walk_safe" part is the same idiom as elsewhere in
the kernel.
This patch removes the helper from wireguard and puts it into
linux/skbuff.h, while making it a bit more robust for general usage. In
particular, parenthesis are added around the macro argument usage, and it
now accounts for trying to iterate through an already-null skb pointer,
which will simply run the iteration zero times. This latter enhancement
means it can be used to replace both do { ... } while and while (...)
open-coded idioms.
This should take care of these three possible usages, which match all
current methods of iterations.
skb_list_walk_safe(segs, skb, next) { ... }
skb_list_walk_safe(skb, skb, next) { ... }
skb_list_walk_safe(segs, skb, segs) { ... }
Gcc appears to generate efficient code for each of these.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-01-09 00:59:02 +03:00
|
|
|
/* Iterate through singly-linked GSO fragments of an skb. */
|
2020-01-14 02:42:26 +03:00
|
|
|
#define skb_list_walk_safe(first, skb, next_skb) \
|
|
|
|
for ((skb) = (first), (next_skb) = (skb) ? (skb)->next : NULL; (skb); \
|
|
|
|
(skb) = (next_skb), (next_skb) = (skb) ? (skb)->next : NULL)
|
net: introduce skb_list_walk_safe for skb segment walking
As part of the continual effort to remove direct usage of skb->next and
skb->prev, this patch adds a helper for iterating through the
singly-linked variant of skb lists, which are used for lists of GSO
packet. The name "skb_list_..." has been chosen to match the existing
function, "kfree_skb_list, which also operates on these singly-linked
lists, and the "..._walk_safe" part is the same idiom as elsewhere in
the kernel.
This patch removes the helper from wireguard and puts it into
linux/skbuff.h, while making it a bit more robust for general usage. In
particular, parenthesis are added around the macro argument usage, and it
now accounts for trying to iterate through an already-null skb pointer,
which will simply run the iteration zero times. This latter enhancement
means it can be used to replace both do { ... } while and while (...)
open-coded idioms.
This should take care of these three possible usages, which match all
current methods of iterations.
skb_list_walk_safe(segs, skb, next) { ... }
skb_list_walk_safe(skb, skb, next) { ... }
skb_list_walk_safe(segs, skb, segs) { ... }
Gcc appears to generate efficient code for each of these.
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-01-09 00:59:02 +03:00
|
|
|
|
2018-08-01 01:27:56 +03:00
|
|
|
static inline void skb_list_del_init(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
__list_del_entry(&skb->list);
|
|
|
|
skb_mark_not_on_list(skb);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_queue_empty - check if a queue is empty
|
|
|
|
* @list: queue head
|
|
|
|
*
|
|
|
|
* Returns true if the queue is empty, false otherwise.
|
|
|
|
*/
|
|
|
|
static inline int skb_queue_empty(const struct sk_buff_head *list)
|
|
|
|
{
|
2014-01-08 02:23:44 +04:00
|
|
|
return list->next == (const struct sk_buff *) list;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2019-10-24 08:44:48 +03:00
|
|
|
/**
|
|
|
|
* skb_queue_empty_lockless - check if a queue is empty
|
|
|
|
* @list: queue head
|
|
|
|
*
|
|
|
|
* Returns true if the queue is empty, false otherwise.
|
|
|
|
* This variant can be used in lockless contexts.
|
|
|
|
*/
|
|
|
|
static inline bool skb_queue_empty_lockless(const struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
return READ_ONCE(list->next) == (const struct sk_buff *) list;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2008-09-23 11:34:07 +04:00
|
|
|
/**
|
|
|
|
* skb_queue_is_last - check if skb is the last entry in the queue
|
|
|
|
* @list: queue head
|
|
|
|
* @skb: buffer
|
|
|
|
*
|
|
|
|
* Returns true if @skb is the last buffer on the list.
|
|
|
|
*/
|
|
|
|
static inline bool skb_queue_is_last(const struct sk_buff_head *list,
|
|
|
|
const struct sk_buff *skb)
|
|
|
|
{
|
2014-01-08 02:23:44 +04:00
|
|
|
return skb->next == (const struct sk_buff *) list;
|
2008-09-23 11:34:07 +04:00
|
|
|
}
|
|
|
|
|
tcp: Try to restore large SKBs while SACK processing
During SACK processing, most of the benefits of TSO are eaten by
the SACK blocks that one-by-one fragment SKBs to MSS sized chunks.
Then we're in problems when cleanup work for them has to be done
when a large cumulative ACK comes. Try to return back to pre-split
state already while more and more SACK info gets discovered by
combining newly discovered SACK areas with the previous skb if
that's SACKed as well.
This approach has a number of benefits:
1) The processing overhead is spread more equally over the RTT
2) Write queue has less skbs to process (affect everything
which has to walk in the queue past the sacked areas)
3) Write queue is consistent whole the time, so no other parts
of TCP has to be aware of this (this was not the case with
some other approach that was, well, quite intrusive all
around).
4) Clean_rtx_queue can release most of the pages using single
put_page instead of previous PAGE_SIZE/mss+1 calls
In case a hole is fully filled by the new SACK block, we attempt
to combine the next skb too which allows construction of skbs
that are even larger than what tso split them to and it handles
hole per on every nth patterns that often occur during slow start
overshoot pretty nicely. Though this to be really useful also
a retransmission would have to get lost since cumulative ACKs
advance one hole at a time in the most typical case.
TODO: handle upwards only merging. That should be rather easy
when segment is fully sacked but I'm leaving that as future
work item (it won't make very large difference anyway since
this current approach already covers quite a lot of normal
cases).
I was earlier thinking of some sophisticated way of tracking
timestamps of the first and the last segment but later on
realized that it won't be that necessary at all to store the
timestamp of the last segment. The cases that can occur are
basically either:
1) ambiguous => no sensible measurement can be taken anyway
2) non-ambiguous is due to reordering => having the timestamp
of the last segment there is just skewing things more off
than does some good since the ack got triggered by one of
the holes (besides some substle issues that would make
determining right hole/skb even harder problem). Anyway,
it has nothing to do with this change then.
I choose to route some abnormal looking cases with goto noop,
some could be handled differently (eg., by stopping the
walking at that skb but again). In general, they either
shouldn't happen at all or are rare enough to make no difference
in practice.
In theory this change (as whole) could cause some macroscale
regression (global) because of cache misses that are taken over
the round-trip time but it gets very likely better because of much
less (local) cache misses per other write queue walkers and the
big recovery clearing cumulative ack.
Worth to note that these benefits would be very easy to get also
without TSO/GSO being on as long as the data is in pages so that
we can merge them. Currently I won't let that happen because
DSACK splitting at fragment that would mess up pcounts due to
sk_can_gso in tcp_set_skb_tso_segs. Once DSACKs fragments gets
avoided, we have some conditions that can be made less strict.
TODO: I will probably have to convert the excessive pointer
passing to struct sacktag_state... :-)
My testing revealed that considerable amount of skbs couldn't
be shifted because they were cloned (most likely still awaiting
tx reclaim)...
[The rest is considering future work instead since I got
repeatably EFAULT to tcpdump's recvfrom when I added
pskb_expand_head to deal with clones, so I separated that
into another, later patch]
...To counter that, I gave up on the fifth advantage:
5) When growing previous SACK block, less allocs for new skbs
are done, basically a new alloc is needed only when new hole
is detected and when the previous skb runs out of frags space
...which now only happens of if reclaim is fast enough to dispose
the clone before the SACK block comes in (the window is RTT long),
otherwise we'll have to alloc some.
With clones being handled I got these numbers (will be somewhat
worse without that), taken with fine-grained mibs:
TCPSackShifted 398
TCPSackMerged 877
TCPSackShiftFallback 320
TCPSACKCOLLAPSEFALLBACKGSO 0
TCPSACKCOLLAPSEFALLBACKSKBBITS 0
TCPSACKCOLLAPSEFALLBACKSKBDATA 0
TCPSACKCOLLAPSEFALLBACKBELOW 0
TCPSACKCOLLAPSEFALLBACKFIRST 1
TCPSACKCOLLAPSEFALLBACKPREVBITS 318
TCPSACKCOLLAPSEFALLBACKMSS 1
TCPSACKCOLLAPSEFALLBACKNOHEAD 0
TCPSACKCOLLAPSEFALLBACKSHIFT 0
TCPSACKCOLLAPSENOOPSEQ 0
TCPSACKCOLLAPSENOOPSMALLPCOUNT 0
TCPSACKCOLLAPSENOOPSMALLLEN 0
TCPSACKCOLLAPSEHOLE 12
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-25 08:20:15 +03:00
|
|
|
/**
|
|
|
|
* skb_queue_is_first - check if skb is the first entry in the queue
|
|
|
|
* @list: queue head
|
|
|
|
* @skb: buffer
|
|
|
|
*
|
|
|
|
* Returns true if @skb is the first buffer on the list.
|
|
|
|
*/
|
|
|
|
static inline bool skb_queue_is_first(const struct sk_buff_head *list,
|
|
|
|
const struct sk_buff *skb)
|
|
|
|
{
|
2014-01-08 02:23:44 +04:00
|
|
|
return skb->prev == (const struct sk_buff *) list;
|
tcp: Try to restore large SKBs while SACK processing
During SACK processing, most of the benefits of TSO are eaten by
the SACK blocks that one-by-one fragment SKBs to MSS sized chunks.
Then we're in problems when cleanup work for them has to be done
when a large cumulative ACK comes. Try to return back to pre-split
state already while more and more SACK info gets discovered by
combining newly discovered SACK areas with the previous skb if
that's SACKed as well.
This approach has a number of benefits:
1) The processing overhead is spread more equally over the RTT
2) Write queue has less skbs to process (affect everything
which has to walk in the queue past the sacked areas)
3) Write queue is consistent whole the time, so no other parts
of TCP has to be aware of this (this was not the case with
some other approach that was, well, quite intrusive all
around).
4) Clean_rtx_queue can release most of the pages using single
put_page instead of previous PAGE_SIZE/mss+1 calls
In case a hole is fully filled by the new SACK block, we attempt
to combine the next skb too which allows construction of skbs
that are even larger than what tso split them to and it handles
hole per on every nth patterns that often occur during slow start
overshoot pretty nicely. Though this to be really useful also
a retransmission would have to get lost since cumulative ACKs
advance one hole at a time in the most typical case.
TODO: handle upwards only merging. That should be rather easy
when segment is fully sacked but I'm leaving that as future
work item (it won't make very large difference anyway since
this current approach already covers quite a lot of normal
cases).
I was earlier thinking of some sophisticated way of tracking
timestamps of the first and the last segment but later on
realized that it won't be that necessary at all to store the
timestamp of the last segment. The cases that can occur are
basically either:
1) ambiguous => no sensible measurement can be taken anyway
2) non-ambiguous is due to reordering => having the timestamp
of the last segment there is just skewing things more off
than does some good since the ack got triggered by one of
the holes (besides some substle issues that would make
determining right hole/skb even harder problem). Anyway,
it has nothing to do with this change then.
I choose to route some abnormal looking cases with goto noop,
some could be handled differently (eg., by stopping the
walking at that skb but again). In general, they either
shouldn't happen at all or are rare enough to make no difference
in practice.
In theory this change (as whole) could cause some macroscale
regression (global) because of cache misses that are taken over
the round-trip time but it gets very likely better because of much
less (local) cache misses per other write queue walkers and the
big recovery clearing cumulative ack.
Worth to note that these benefits would be very easy to get also
without TSO/GSO being on as long as the data is in pages so that
we can merge them. Currently I won't let that happen because
DSACK splitting at fragment that would mess up pcounts due to
sk_can_gso in tcp_set_skb_tso_segs. Once DSACKs fragments gets
avoided, we have some conditions that can be made less strict.
TODO: I will probably have to convert the excessive pointer
passing to struct sacktag_state... :-)
My testing revealed that considerable amount of skbs couldn't
be shifted because they were cloned (most likely still awaiting
tx reclaim)...
[The rest is considering future work instead since I got
repeatably EFAULT to tcpdump's recvfrom when I added
pskb_expand_head to deal with clones, so I separated that
into another, later patch]
...To counter that, I gave up on the fifth advantage:
5) When growing previous SACK block, less allocs for new skbs
are done, basically a new alloc is needed only when new hole
is detected and when the previous skb runs out of frags space
...which now only happens of if reclaim is fast enough to dispose
the clone before the SACK block comes in (the window is RTT long),
otherwise we'll have to alloc some.
With clones being handled I got these numbers (will be somewhat
worse without that), taken with fine-grained mibs:
TCPSackShifted 398
TCPSackMerged 877
TCPSackShiftFallback 320
TCPSACKCOLLAPSEFALLBACKGSO 0
TCPSACKCOLLAPSEFALLBACKSKBBITS 0
TCPSACKCOLLAPSEFALLBACKSKBDATA 0
TCPSACKCOLLAPSEFALLBACKBELOW 0
TCPSACKCOLLAPSEFALLBACKFIRST 1
TCPSACKCOLLAPSEFALLBACKPREVBITS 318
TCPSACKCOLLAPSEFALLBACKMSS 1
TCPSACKCOLLAPSEFALLBACKNOHEAD 0
TCPSACKCOLLAPSEFALLBACKSHIFT 0
TCPSACKCOLLAPSENOOPSEQ 0
TCPSACKCOLLAPSENOOPSMALLPCOUNT 0
TCPSACKCOLLAPSENOOPSMALLLEN 0
TCPSACKCOLLAPSEHOLE 12
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-25 08:20:15 +03:00
|
|
|
}
|
|
|
|
|
2008-09-23 11:44:42 +04:00
|
|
|
/**
|
|
|
|
* skb_queue_next - return the next packet in the queue
|
|
|
|
* @list: queue head
|
|
|
|
* @skb: current buffer
|
|
|
|
*
|
|
|
|
* Return the next packet in @list after @skb. It is only valid to
|
|
|
|
* call this if skb_queue_is_last() evaluates to false.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *skb_queue_next(const struct sk_buff_head *list,
|
|
|
|
const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
/* This BUG_ON may seem severe, but if we just return then we
|
|
|
|
* are going to dereference garbage.
|
|
|
|
*/
|
|
|
|
BUG_ON(skb_queue_is_last(list, skb));
|
|
|
|
return skb->next;
|
|
|
|
}
|
|
|
|
|
tcp: Try to restore large SKBs while SACK processing
During SACK processing, most of the benefits of TSO are eaten by
the SACK blocks that one-by-one fragment SKBs to MSS sized chunks.
Then we're in problems when cleanup work for them has to be done
when a large cumulative ACK comes. Try to return back to pre-split
state already while more and more SACK info gets discovered by
combining newly discovered SACK areas with the previous skb if
that's SACKed as well.
This approach has a number of benefits:
1) The processing overhead is spread more equally over the RTT
2) Write queue has less skbs to process (affect everything
which has to walk in the queue past the sacked areas)
3) Write queue is consistent whole the time, so no other parts
of TCP has to be aware of this (this was not the case with
some other approach that was, well, quite intrusive all
around).
4) Clean_rtx_queue can release most of the pages using single
put_page instead of previous PAGE_SIZE/mss+1 calls
In case a hole is fully filled by the new SACK block, we attempt
to combine the next skb too which allows construction of skbs
that are even larger than what tso split them to and it handles
hole per on every nth patterns that often occur during slow start
overshoot pretty nicely. Though this to be really useful also
a retransmission would have to get lost since cumulative ACKs
advance one hole at a time in the most typical case.
TODO: handle upwards only merging. That should be rather easy
when segment is fully sacked but I'm leaving that as future
work item (it won't make very large difference anyway since
this current approach already covers quite a lot of normal
cases).
I was earlier thinking of some sophisticated way of tracking
timestamps of the first and the last segment but later on
realized that it won't be that necessary at all to store the
timestamp of the last segment. The cases that can occur are
basically either:
1) ambiguous => no sensible measurement can be taken anyway
2) non-ambiguous is due to reordering => having the timestamp
of the last segment there is just skewing things more off
than does some good since the ack got triggered by one of
the holes (besides some substle issues that would make
determining right hole/skb even harder problem). Anyway,
it has nothing to do with this change then.
I choose to route some abnormal looking cases with goto noop,
some could be handled differently (eg., by stopping the
walking at that skb but again). In general, they either
shouldn't happen at all or are rare enough to make no difference
in practice.
In theory this change (as whole) could cause some macroscale
regression (global) because of cache misses that are taken over
the round-trip time but it gets very likely better because of much
less (local) cache misses per other write queue walkers and the
big recovery clearing cumulative ack.
Worth to note that these benefits would be very easy to get also
without TSO/GSO being on as long as the data is in pages so that
we can merge them. Currently I won't let that happen because
DSACK splitting at fragment that would mess up pcounts due to
sk_can_gso in tcp_set_skb_tso_segs. Once DSACKs fragments gets
avoided, we have some conditions that can be made less strict.
TODO: I will probably have to convert the excessive pointer
passing to struct sacktag_state... :-)
My testing revealed that considerable amount of skbs couldn't
be shifted because they were cloned (most likely still awaiting
tx reclaim)...
[The rest is considering future work instead since I got
repeatably EFAULT to tcpdump's recvfrom when I added
pskb_expand_head to deal with clones, so I separated that
into another, later patch]
...To counter that, I gave up on the fifth advantage:
5) When growing previous SACK block, less allocs for new skbs
are done, basically a new alloc is needed only when new hole
is detected and when the previous skb runs out of frags space
...which now only happens of if reclaim is fast enough to dispose
the clone before the SACK block comes in (the window is RTT long),
otherwise we'll have to alloc some.
With clones being handled I got these numbers (will be somewhat
worse without that), taken with fine-grained mibs:
TCPSackShifted 398
TCPSackMerged 877
TCPSackShiftFallback 320
TCPSACKCOLLAPSEFALLBACKGSO 0
TCPSACKCOLLAPSEFALLBACKSKBBITS 0
TCPSACKCOLLAPSEFALLBACKSKBDATA 0
TCPSACKCOLLAPSEFALLBACKBELOW 0
TCPSACKCOLLAPSEFALLBACKFIRST 1
TCPSACKCOLLAPSEFALLBACKPREVBITS 318
TCPSACKCOLLAPSEFALLBACKMSS 1
TCPSACKCOLLAPSEFALLBACKNOHEAD 0
TCPSACKCOLLAPSEFALLBACKSHIFT 0
TCPSACKCOLLAPSENOOPSEQ 0
TCPSACKCOLLAPSENOOPSMALLPCOUNT 0
TCPSACKCOLLAPSENOOPSMALLLEN 0
TCPSACKCOLLAPSEHOLE 12
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-11-25 08:20:15 +03:00
|
|
|
/**
|
|
|
|
* skb_queue_prev - return the prev packet in the queue
|
|
|
|
* @list: queue head
|
|
|
|
* @skb: current buffer
|
|
|
|
*
|
|
|
|
* Return the prev packet in @list before @skb. It is only valid to
|
|
|
|
* call this if skb_queue_is_first() evaluates to false.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *skb_queue_prev(const struct sk_buff_head *list,
|
|
|
|
const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
/* This BUG_ON may seem severe, but if we just return then we
|
|
|
|
* are going to dereference garbage.
|
|
|
|
*/
|
|
|
|
BUG_ON(skb_queue_is_first(list, skb));
|
|
|
|
return skb->prev;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_get - reference buffer
|
|
|
|
* @skb: buffer to reference
|
|
|
|
*
|
|
|
|
* Makes another reference to a socket buffer and returns a pointer
|
|
|
|
* to the buffer.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *skb_get(struct sk_buff *skb)
|
|
|
|
{
|
2017-06-30 13:07:58 +03:00
|
|
|
refcount_inc(&skb->users);
|
2005-04-17 02:20:36 +04:00
|
|
|
return skb;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
2017-11-30 16:33:56 +03:00
|
|
|
* If users == 1, we are the only owner and can avoid redundant atomic changes.
|
2005-04-17 02:20:36 +04:00
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_cloned - is the buffer a clone
|
|
|
|
* @skb: buffer to check
|
|
|
|
*
|
|
|
|
* Returns true if the buffer was generated with skb_clone() and is
|
|
|
|
* one of multiple shared copies of the buffer. Cloned buffers are
|
|
|
|
* shared data so must not be written to under normal circumstances.
|
|
|
|
*/
|
|
|
|
static inline int skb_cloned(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->cloned &&
|
|
|
|
(atomic_read(&skb_shinfo(skb)->dataref) & SKB_DATAREF_MASK) != 1;
|
|
|
|
}
|
|
|
|
|
2013-02-14 13:44:49 +04:00
|
|
|
static inline int skb_unclone(struct sk_buff *skb, gfp_t pri)
|
|
|
|
{
|
2015-11-07 03:28:21 +03:00
|
|
|
might_sleep_if(gfpflags_allow_blocking(pri));
|
2013-02-14 13:44:49 +04:00
|
|
|
|
|
|
|
if (skb_cloned(skb))
|
|
|
|
return pskb_expand_head(skb, 0, 0, pri);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2022-02-22 06:21:13 +03:00
|
|
|
/* This variant of skb_unclone() makes sure skb->truesize
|
|
|
|
* and skb_end_offset() are not changed, whenever a new skb->head is needed.
|
|
|
|
*
|
|
|
|
* Indeed there is no guarantee that ksize(kmalloc(X)) == ksize(kmalloc(X))
|
|
|
|
* when various debugging features are in place.
|
|
|
|
*/
|
|
|
|
int __skb_unclone_keeptruesize(struct sk_buff *skb, gfp_t pri);
|
2021-11-02 03:45:55 +03:00
|
|
|
static inline int skb_unclone_keeptruesize(struct sk_buff *skb, gfp_t pri)
|
|
|
|
{
|
|
|
|
might_sleep_if(gfpflags_allow_blocking(pri));
|
|
|
|
|
2022-02-22 06:21:13 +03:00
|
|
|
if (skb_cloned(skb))
|
|
|
|
return __skb_unclone_keeptruesize(skb, pri);
|
2021-11-02 03:45:55 +03:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_header_cloned - is the header a clone
|
|
|
|
* @skb: buffer to check
|
|
|
|
*
|
|
|
|
* Returns true if modifying the header part of the buffer requires
|
|
|
|
* the data to be copied.
|
|
|
|
*/
|
|
|
|
static inline int skb_header_cloned(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
int dataref;
|
|
|
|
|
|
|
|
if (!skb->cloned)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
dataref = atomic_read(&skb_shinfo(skb)->dataref);
|
|
|
|
dataref = (dataref & SKB_DATAREF_MASK) - (dataref >> SKB_DATAREF_SHIFT);
|
|
|
|
return dataref != 1;
|
|
|
|
}
|
|
|
|
|
2016-04-30 20:19:29 +03:00
|
|
|
static inline int skb_header_unclone(struct sk_buff *skb, gfp_t pri)
|
|
|
|
{
|
|
|
|
might_sleep_if(gfpflags_allow_blocking(pri));
|
|
|
|
|
|
|
|
if (skb_header_cloned(skb))
|
|
|
|
return pskb_expand_head(skb, 0, 0, pri);
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2014-09-23 03:29:32 +04:00
|
|
|
/**
|
2022-05-09 19:04:55 +03:00
|
|
|
* __skb_header_release() - allow clones to use the headroom
|
|
|
|
* @skb: buffer to operate on
|
|
|
|
*
|
|
|
|
* See "DOC: dataref and headerless skbs".
|
2014-09-23 03:29:32 +04:00
|
|
|
*/
|
|
|
|
static inline void __skb_header_release(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->nohdr = 1;
|
|
|
|
atomic_set(&skb_shinfo(skb)->dataref, 1 + (1 << SKB_DATAREF_SHIFT));
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_shared - is the buffer shared
|
|
|
|
* @skb: buffer to check
|
|
|
|
*
|
|
|
|
* Returns true if more than one person has a reference to this
|
|
|
|
* buffer.
|
|
|
|
*/
|
|
|
|
static inline int skb_shared(const struct sk_buff *skb)
|
|
|
|
{
|
2017-06-30 13:07:58 +03:00
|
|
|
return refcount_read(&skb->users) != 1;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_share_check - check if buffer is shared and if so clone it
|
|
|
|
* @skb: buffer to check
|
|
|
|
* @pri: priority for memory allocation
|
|
|
|
*
|
|
|
|
* If the buffer is shared the buffer is cloned and the old copy
|
|
|
|
* drops a reference. A new clone with a single reference is returned.
|
|
|
|
* If the buffer is not shared the original buffer is returned. When
|
|
|
|
* being called from interrupt status or with spinlocks held pri must
|
|
|
|
* be GFP_ATOMIC.
|
|
|
|
*
|
|
|
|
* NULL is returned on a memory allocation failure.
|
|
|
|
*/
|
2012-08-04 00:54:15 +04:00
|
|
|
static inline struct sk_buff *skb_share_check(struct sk_buff *skb, gfp_t pri)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2015-11-07 03:28:21 +03:00
|
|
|
might_sleep_if(gfpflags_allow_blocking(pri));
|
2005-04-17 02:20:36 +04:00
|
|
|
if (skb_shared(skb)) {
|
|
|
|
struct sk_buff *nskb = skb_clone(skb, pri);
|
2012-08-04 00:54:15 +04:00
|
|
|
|
|
|
|
if (likely(nskb))
|
|
|
|
consume_skb(skb);
|
|
|
|
else
|
|
|
|
kfree_skb(skb);
|
2005-04-17 02:20:36 +04:00
|
|
|
skb = nskb;
|
|
|
|
}
|
|
|
|
return skb;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Copy shared buffers into a new sk_buff. We effectively do COW on
|
|
|
|
* packets to handle cases where we have a local reader and forward
|
|
|
|
* and a couple of other messy ones. The normal one is tcpdumping
|
|
|
|
* a packet thats being forwarded.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_unshare - make a copy of a shared buffer
|
|
|
|
* @skb: buffer to check
|
|
|
|
* @pri: priority for memory allocation
|
|
|
|
*
|
|
|
|
* If the socket buffer is a clone then this function creates a new
|
|
|
|
* copy of the data, drops a reference count on the old copy and returns
|
|
|
|
* the new copy with the reference count at 1. If the buffer is not a clone
|
|
|
|
* the original buffer is returned. When called with a spinlock held or
|
|
|
|
* from interrupt state @pri must be %GFP_ATOMIC
|
|
|
|
*
|
|
|
|
* %NULL is returned on a memory allocation failure.
|
|
|
|
*/
|
2005-07-19 00:36:38 +04:00
|
|
|
static inline struct sk_buff *skb_unshare(struct sk_buff *skb,
|
2005-10-07 10:46:04 +04:00
|
|
|
gfp_t pri)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2015-11-07 03:28:21 +03:00
|
|
|
might_sleep_if(gfpflags_allow_blocking(pri));
|
2005-04-17 02:20:36 +04:00
|
|
|
if (skb_cloned(skb)) {
|
|
|
|
struct sk_buff *nskb = skb_copy(skb, pri);
|
2014-10-11 01:10:47 +04:00
|
|
|
|
|
|
|
/* Free our shared copy */
|
|
|
|
if (likely(nskb))
|
|
|
|
consume_skb(skb);
|
|
|
|
else
|
|
|
|
kfree_skb(skb);
|
2005-04-17 02:20:36 +04:00
|
|
|
skb = nskb;
|
|
|
|
}
|
|
|
|
return skb;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2010-02-15 09:35:47 +03:00
|
|
|
* skb_peek - peek at the head of an &sk_buff_head
|
2005-04-17 02:20:36 +04:00
|
|
|
* @list_: list to peek at
|
|
|
|
*
|
|
|
|
* Peek an &sk_buff. Unlike most other operations you _MUST_
|
|
|
|
* be careful with this one. A peek leaves the buffer on the
|
|
|
|
* list and someone else may run off with it. You must hold
|
|
|
|
* the appropriate locks or have a private queue to do this.
|
|
|
|
*
|
|
|
|
* Returns %NULL for an empty list or a pointer to the head element.
|
|
|
|
* The reference count is not incremented and the reference is therefore
|
|
|
|
* volatile. Use with caution.
|
|
|
|
*/
|
2011-10-21 01:45:43 +04:00
|
|
|
static inline struct sk_buff *skb_peek(const struct sk_buff_head *list_)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2012-04-30 20:31:46 +04:00
|
|
|
struct sk_buff *skb = list_->next;
|
|
|
|
|
|
|
|
if (skb == (struct sk_buff *)list_)
|
|
|
|
skb = NULL;
|
|
|
|
return skb;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2018-08-12 04:43:38 +03:00
|
|
|
/**
|
|
|
|
* __skb_peek - peek at the head of a non-empty &sk_buff_head
|
|
|
|
* @list_: list to peek at
|
|
|
|
*
|
|
|
|
* Like skb_peek(), but the caller knows that the list is not empty.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *__skb_peek(const struct sk_buff_head *list_)
|
|
|
|
{
|
|
|
|
return list_->next;
|
|
|
|
}
|
|
|
|
|
2012-02-21 11:31:18 +04:00
|
|
|
/**
|
|
|
|
* skb_peek_next - peek skb following the given one from a queue
|
|
|
|
* @skb: skb to start from
|
|
|
|
* @list_: list to peek at
|
|
|
|
*
|
|
|
|
* Returns %NULL when the end of the list is met or a pointer to the
|
|
|
|
* next element. The reference count is not incremented and the
|
|
|
|
* reference is therefore volatile. Use with caution.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *skb_peek_next(struct sk_buff *skb,
|
|
|
|
const struct sk_buff_head *list_)
|
|
|
|
{
|
|
|
|
struct sk_buff *next = skb->next;
|
2012-04-30 20:31:46 +04:00
|
|
|
|
2012-02-21 11:31:18 +04:00
|
|
|
if (next == (struct sk_buff *)list_)
|
|
|
|
next = NULL;
|
|
|
|
return next;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
2010-02-15 09:35:47 +03:00
|
|
|
* skb_peek_tail - peek at the tail of an &sk_buff_head
|
2005-04-17 02:20:36 +04:00
|
|
|
* @list_: list to peek at
|
|
|
|
*
|
|
|
|
* Peek an &sk_buff. Unlike most other operations you _MUST_
|
|
|
|
* be careful with this one. A peek leaves the buffer on the
|
|
|
|
* list and someone else may run off with it. You must hold
|
|
|
|
* the appropriate locks or have a private queue to do this.
|
|
|
|
*
|
|
|
|
* Returns %NULL for an empty list or a pointer to the tail element.
|
|
|
|
* The reference count is not incremented and the reference is therefore
|
|
|
|
* volatile. Use with caution.
|
|
|
|
*/
|
2011-10-21 01:45:43 +04:00
|
|
|
static inline struct sk_buff *skb_peek_tail(const struct sk_buff_head *list_)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2019-11-08 05:49:43 +03:00
|
|
|
struct sk_buff *skb = READ_ONCE(list_->prev);
|
2012-04-30 20:31:46 +04:00
|
|
|
|
|
|
|
if (skb == (struct sk_buff *)list_)
|
|
|
|
skb = NULL;
|
|
|
|
return skb;
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_queue_len - get queue length
|
|
|
|
* @list_: list to measure
|
|
|
|
*
|
|
|
|
* Return the length of an &sk_buff queue.
|
|
|
|
*/
|
|
|
|
static inline __u32 skb_queue_len(const struct sk_buff_head *list_)
|
|
|
|
{
|
|
|
|
return list_->qlen;
|
|
|
|
}
|
|
|
|
|
2020-02-04 21:40:29 +03:00
|
|
|
/**
|
|
|
|
* skb_queue_len_lockless - get queue length
|
|
|
|
* @list_: list to measure
|
|
|
|
*
|
|
|
|
* Return the length of an &sk_buff queue.
|
|
|
|
* This variant can be used in lockless contexts.
|
|
|
|
*/
|
|
|
|
static inline __u32 skb_queue_len_lockless(const struct sk_buff_head *list_)
|
|
|
|
{
|
|
|
|
return READ_ONCE(list_->qlen);
|
|
|
|
}
|
|
|
|
|
2008-09-22 09:36:24 +04:00
|
|
|
/**
|
|
|
|
* __skb_queue_head_init - initialize non-spinlock portions of sk_buff_head
|
|
|
|
* @list: queue to initialize
|
|
|
|
*
|
|
|
|
* This initializes only the list and queue length aspects of
|
|
|
|
* an sk_buff_head object. This allows to initialize the list
|
|
|
|
* aspects of an sk_buff_head without reinitializing things like
|
|
|
|
* the spinlock. It can also be used for on-stack sk_buff_head
|
|
|
|
* objects where the spinlock is known to not be used.
|
|
|
|
*/
|
|
|
|
static inline void __skb_queue_head_init(struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
list->prev = list->next = (struct sk_buff *)list;
|
|
|
|
list->qlen = 0;
|
|
|
|
}
|
|
|
|
|
2006-08-03 01:06:55 +04:00
|
|
|
/*
|
|
|
|
* This function creates a split out lock class for each invocation;
|
|
|
|
* this is needed for now since a whole lot of users of the skb-queue
|
|
|
|
* infrastructure in drivers have different locking usage (in hardirq)
|
|
|
|
* than the networking core (in softirq only). In the long run either the
|
|
|
|
* network layer or drivers should need annotation to consolidate the
|
|
|
|
* main types of usage into 3 classes.
|
|
|
|
*/
|
2005-04-17 02:20:36 +04:00
|
|
|
static inline void skb_queue_head_init(struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
spin_lock_init(&list->lock);
|
2008-09-22 09:36:24 +04:00
|
|
|
__skb_queue_head_init(list);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2007-04-17 23:45:31 +04:00
|
|
|
static inline void skb_queue_head_init_class(struct sk_buff_head *list,
|
|
|
|
struct lock_class_key *class)
|
|
|
|
{
|
|
|
|
skb_queue_head_init(list);
|
|
|
|
lockdep_set_class(&list->lock, class);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/*
|
2008-04-14 11:04:51 +04:00
|
|
|
* Insert an sk_buff on a list.
|
2005-04-17 02:20:36 +04:00
|
|
|
*
|
|
|
|
* The "__skb_xxxx()" functions are the non-atomic ones that
|
|
|
|
* can only be called with interrupts disabled.
|
|
|
|
*/
|
2008-04-14 11:04:51 +04:00
|
|
|
static inline void __skb_insert(struct sk_buff *newsk,
|
|
|
|
struct sk_buff *prev, struct sk_buff *next,
|
|
|
|
struct sk_buff_head *list)
|
|
|
|
{
|
2019-11-08 05:49:43 +03:00
|
|
|
/* See skb_queue_empty_lockless() and skb_peek_tail()
|
|
|
|
* for the opposite READ_ONCE()
|
|
|
|
*/
|
2019-10-24 08:44:48 +03:00
|
|
|
WRITE_ONCE(newsk->next, next);
|
|
|
|
WRITE_ONCE(newsk->prev, prev);
|
skbuff: Extract list pointers to silence compiler warnings
Under both -Warray-bounds and the object_size sanitizer, the compiler is
upset about accessing prev/next of sk_buff when the object it thinks it
is coming from is sk_buff_head. The warning is a false positive due to
the compiler taking a conservative approach, opting to warn at casting
time rather than access time.
However, in support of enabling -Warray-bounds globally (which has
found many real bugs), arrange things for sk_buff so that the compiler
can unambiguously see that there is no intention to access anything
except prev/next. Introduce and cast to a separate struct sk_buff_list,
which contains _only_ the first two fields, silencing the warnings:
In file included from ./include/net/net_namespace.h:39,
from ./include/linux/netdevice.h:37,
from net/core/netpoll.c:17:
net/core/netpoll.c: In function 'refill_skbs':
./include/linux/skbuff.h:2086:9: warning: array subscript 'struct sk_buff[0]' is partly outside array bounds of 'struct sk_buff_head[1]' [-Warray-bounds]
2086 | __skb_insert(newsk, next->prev, next, list);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/core/netpoll.c:49:28: note: while referencing 'skb_pool'
49 | static struct sk_buff_head skb_pool;
| ^~~~~~~~
This change results in no executable instruction differences.
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20211207062758.2324338-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-07 09:27:58 +03:00
|
|
|
WRITE_ONCE(((struct sk_buff_list *)next)->prev, newsk);
|
|
|
|
WRITE_ONCE(((struct sk_buff_list *)prev)->next, newsk);
|
2021-09-09 03:00:29 +03:00
|
|
|
WRITE_ONCE(list->qlen, list->qlen + 1);
|
2008-04-14 11:04:51 +04:00
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2008-09-22 09:36:24 +04:00
|
|
|
static inline void __skb_queue_splice(const struct sk_buff_head *list,
|
|
|
|
struct sk_buff *prev,
|
|
|
|
struct sk_buff *next)
|
|
|
|
{
|
|
|
|
struct sk_buff *first = list->next;
|
|
|
|
struct sk_buff *last = list->prev;
|
|
|
|
|
2019-10-24 08:44:48 +03:00
|
|
|
WRITE_ONCE(first->prev, prev);
|
|
|
|
WRITE_ONCE(prev->next, first);
|
2008-09-22 09:36:24 +04:00
|
|
|
|
2019-10-24 08:44:48 +03:00
|
|
|
WRITE_ONCE(last->next, next);
|
|
|
|
WRITE_ONCE(next->prev, last);
|
2008-09-22 09:36:24 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_queue_splice - join two skb lists, this is designed for stacks
|
|
|
|
* @list: the new list to add
|
|
|
|
* @head: the place to add it in the first list
|
|
|
|
*/
|
|
|
|
static inline void skb_queue_splice(const struct sk_buff_head *list,
|
|
|
|
struct sk_buff_head *head)
|
|
|
|
{
|
|
|
|
if (!skb_queue_empty(list)) {
|
|
|
|
__skb_queue_splice(list, (struct sk_buff *) head, head->next);
|
2008-09-23 08:57:21 +04:00
|
|
|
head->qlen += list->qlen;
|
2008-09-22 09:36:24 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2012-05-01 01:29:16 +04:00
|
|
|
* skb_queue_splice_init - join two skb lists and reinitialise the emptied list
|
2008-09-22 09:36:24 +04:00
|
|
|
* @list: the new list to add
|
|
|
|
* @head: the place to add it in the first list
|
|
|
|
*
|
|
|
|
* The list at @list is reinitialised
|
|
|
|
*/
|
|
|
|
static inline void skb_queue_splice_init(struct sk_buff_head *list,
|
|
|
|
struct sk_buff_head *head)
|
|
|
|
{
|
|
|
|
if (!skb_queue_empty(list)) {
|
|
|
|
__skb_queue_splice(list, (struct sk_buff *) head, head->next);
|
2008-09-23 08:57:21 +04:00
|
|
|
head->qlen += list->qlen;
|
2008-09-22 09:36:24 +04:00
|
|
|
__skb_queue_head_init(list);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_queue_splice_tail - join two skb lists, each list being a queue
|
|
|
|
* @list: the new list to add
|
|
|
|
* @head: the place to add it in the first list
|
|
|
|
*/
|
|
|
|
static inline void skb_queue_splice_tail(const struct sk_buff_head *list,
|
|
|
|
struct sk_buff_head *head)
|
|
|
|
{
|
|
|
|
if (!skb_queue_empty(list)) {
|
|
|
|
__skb_queue_splice(list, head->prev, (struct sk_buff *) head);
|
2008-09-23 08:57:21 +04:00
|
|
|
head->qlen += list->qlen;
|
2008-09-22 09:36:24 +04:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2012-05-01 01:29:16 +04:00
|
|
|
* skb_queue_splice_tail_init - join two skb lists and reinitialise the emptied list
|
2008-09-22 09:36:24 +04:00
|
|
|
* @list: the new list to add
|
|
|
|
* @head: the place to add it in the first list
|
|
|
|
*
|
|
|
|
* Each of the lists is a queue.
|
|
|
|
* The list at @list is reinitialised
|
|
|
|
*/
|
|
|
|
static inline void skb_queue_splice_tail_init(struct sk_buff_head *list,
|
|
|
|
struct sk_buff_head *head)
|
|
|
|
{
|
|
|
|
if (!skb_queue_empty(list)) {
|
|
|
|
__skb_queue_splice(list, head->prev, (struct sk_buff *) head);
|
2008-09-23 08:57:21 +04:00
|
|
|
head->qlen += list->qlen;
|
2008-09-22 09:36:24 +04:00
|
|
|
__skb_queue_head_init(list);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
2005-10-31 00:47:34 +03:00
|
|
|
* __skb_queue_after - queue a buffer at the list head
|
2005-04-17 02:20:36 +04:00
|
|
|
* @list: list to use
|
2005-10-31 00:47:34 +03:00
|
|
|
* @prev: place after this buffer
|
2005-04-17 02:20:36 +04:00
|
|
|
* @newsk: buffer to queue
|
|
|
|
*
|
2005-10-31 00:47:34 +03:00
|
|
|
* Queue a buffer int the middle of a list. This function takes no locks
|
2005-04-17 02:20:36 +04:00
|
|
|
* and you must therefore hold required locks before calling it.
|
|
|
|
*
|
|
|
|
* A buffer cannot be placed on two lists at the same time.
|
|
|
|
*/
|
2005-10-31 00:47:34 +03:00
|
|
|
static inline void __skb_queue_after(struct sk_buff_head *list,
|
|
|
|
struct sk_buff *prev,
|
|
|
|
struct sk_buff *newsk)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
skbuff: Extract list pointers to silence compiler warnings
Under both -Warray-bounds and the object_size sanitizer, the compiler is
upset about accessing prev/next of sk_buff when the object it thinks it
is coming from is sk_buff_head. The warning is a false positive due to
the compiler taking a conservative approach, opting to warn at casting
time rather than access time.
However, in support of enabling -Warray-bounds globally (which has
found many real bugs), arrange things for sk_buff so that the compiler
can unambiguously see that there is no intention to access anything
except prev/next. Introduce and cast to a separate struct sk_buff_list,
which contains _only_ the first two fields, silencing the warnings:
In file included from ./include/net/net_namespace.h:39,
from ./include/linux/netdevice.h:37,
from net/core/netpoll.c:17:
net/core/netpoll.c: In function 'refill_skbs':
./include/linux/skbuff.h:2086:9: warning: array subscript 'struct sk_buff[0]' is partly outside array bounds of 'struct sk_buff_head[1]' [-Warray-bounds]
2086 | __skb_insert(newsk, next->prev, next, list);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/core/netpoll.c:49:28: note: while referencing 'skb_pool'
49 | static struct sk_buff_head skb_pool;
| ^~~~~~~~
This change results in no executable instruction differences.
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20211207062758.2324338-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-07 09:27:58 +03:00
|
|
|
__skb_insert(newsk, prev, ((struct sk_buff_list *)prev)->next, list);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_append(struct sk_buff *old, struct sk_buff *newsk,
|
|
|
|
struct sk_buff_head *list);
|
2008-04-14 11:05:09 +04:00
|
|
|
|
2008-04-14 11:05:28 +04:00
|
|
|
static inline void __skb_queue_before(struct sk_buff_head *list,
|
|
|
|
struct sk_buff *next,
|
|
|
|
struct sk_buff *newsk)
|
|
|
|
{
|
skbuff: Extract list pointers to silence compiler warnings
Under both -Warray-bounds and the object_size sanitizer, the compiler is
upset about accessing prev/next of sk_buff when the object it thinks it
is coming from is sk_buff_head. The warning is a false positive due to
the compiler taking a conservative approach, opting to warn at casting
time rather than access time.
However, in support of enabling -Warray-bounds globally (which has
found many real bugs), arrange things for sk_buff so that the compiler
can unambiguously see that there is no intention to access anything
except prev/next. Introduce and cast to a separate struct sk_buff_list,
which contains _only_ the first two fields, silencing the warnings:
In file included from ./include/net/net_namespace.h:39,
from ./include/linux/netdevice.h:37,
from net/core/netpoll.c:17:
net/core/netpoll.c: In function 'refill_skbs':
./include/linux/skbuff.h:2086:9: warning: array subscript 'struct sk_buff[0]' is partly outside array bounds of 'struct sk_buff_head[1]' [-Warray-bounds]
2086 | __skb_insert(newsk, next->prev, next, list);
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
net/core/netpoll.c:49:28: note: while referencing 'skb_pool'
49 | static struct sk_buff_head skb_pool;
| ^~~~~~~~
This change results in no executable instruction differences.
Signed-off-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/r/20211207062758.2324338-1-keescook@chromium.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-07 09:27:58 +03:00
|
|
|
__skb_insert(newsk, ((struct sk_buff_list *)next)->prev, next, list);
|
2008-04-14 11:05:28 +04:00
|
|
|
}
|
|
|
|
|
2005-10-31 00:47:34 +03:00
|
|
|
/**
|
|
|
|
* __skb_queue_head - queue a buffer at the list head
|
|
|
|
* @list: list to use
|
|
|
|
* @newsk: buffer to queue
|
|
|
|
*
|
|
|
|
* Queue a buffer at the start of a list. This function takes no locks
|
|
|
|
* and you must therefore hold required locks before calling it.
|
|
|
|
*
|
|
|
|
* A buffer cannot be placed on two lists at the same time.
|
|
|
|
*/
|
|
|
|
static inline void __skb_queue_head(struct sk_buff_head *list,
|
|
|
|
struct sk_buff *newsk)
|
|
|
|
{
|
|
|
|
__skb_queue_after(list, (struct sk_buff *)list, newsk);
|
|
|
|
}
|
2019-02-12 00:02:25 +03:00
|
|
|
void skb_queue_head(struct sk_buff_head *list, struct sk_buff *newsk);
|
2005-10-31 00:47:34 +03:00
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* __skb_queue_tail - queue a buffer at the list tail
|
|
|
|
* @list: list to use
|
|
|
|
* @newsk: buffer to queue
|
|
|
|
*
|
|
|
|
* Queue a buffer at the end of a list. This function takes no locks
|
|
|
|
* and you must therefore hold required locks before calling it.
|
|
|
|
*
|
|
|
|
* A buffer cannot be placed on two lists at the same time.
|
|
|
|
*/
|
|
|
|
static inline void __skb_queue_tail(struct sk_buff_head *list,
|
|
|
|
struct sk_buff *newsk)
|
|
|
|
{
|
2008-04-14 11:05:28 +04:00
|
|
|
__skb_queue_before(list, (struct sk_buff *)list, newsk);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
2019-02-12 00:02:25 +03:00
|
|
|
void skb_queue_tail(struct sk_buff_head *list, struct sk_buff *newsk);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/*
|
|
|
|
* remove sk_buff from list. _Must_ be called atomically, and with
|
|
|
|
* the list known..
|
|
|
|
*/
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_unlink(struct sk_buff *skb, struct sk_buff_head *list);
|
2005-04-17 02:20:36 +04:00
|
|
|
static inline void __skb_unlink(struct sk_buff *skb, struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
struct sk_buff *next, *prev;
|
|
|
|
|
2020-02-04 21:40:29 +03:00
|
|
|
WRITE_ONCE(list->qlen, list->qlen - 1);
|
2005-04-17 02:20:36 +04:00
|
|
|
next = skb->next;
|
|
|
|
prev = skb->prev;
|
|
|
|
skb->next = skb->prev = NULL;
|
2019-10-24 08:44:48 +03:00
|
|
|
WRITE_ONCE(next->prev, prev);
|
|
|
|
WRITE_ONCE(prev->next, next);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2008-04-14 11:04:12 +04:00
|
|
|
/**
|
|
|
|
* __skb_dequeue - remove from the head of the queue
|
|
|
|
* @list: list to dequeue from
|
|
|
|
*
|
|
|
|
* Remove the head of the list. This function does not take any locks
|
|
|
|
* so must be used with appropriate locks held only. The head item is
|
|
|
|
* returned or %NULL if the list is empty.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *__skb_dequeue(struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb = skb_peek(list);
|
|
|
|
if (skb)
|
|
|
|
__skb_unlink(skb, list);
|
|
|
|
return skb;
|
|
|
|
}
|
2019-02-12 00:02:25 +03:00
|
|
|
struct sk_buff *skb_dequeue(struct sk_buff_head *list);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* __skb_dequeue_tail - remove from the tail of the queue
|
|
|
|
* @list: list to dequeue from
|
|
|
|
*
|
|
|
|
* Remove the tail of the list. This function does not take any locks
|
|
|
|
* so must be used with appropriate locks held only. The tail item is
|
|
|
|
* returned or %NULL if the list is empty.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *__skb_dequeue_tail(struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb = skb_peek_tail(list);
|
|
|
|
if (skb)
|
|
|
|
__skb_unlink(skb, list);
|
|
|
|
return skb;
|
|
|
|
}
|
2019-02-12 00:02:25 +03:00
|
|
|
struct sk_buff *skb_dequeue_tail(struct sk_buff_head *list);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
|
2012-03-08 05:53:36 +04:00
|
|
|
static inline bool skb_is_nonlinear(const struct sk_buff *skb)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
return skb->data_len;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline unsigned int skb_headlen(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->len - skb->data_len;
|
|
|
|
}
|
|
|
|
|
2017-08-03 23:29:38 +03:00
|
|
|
static inline unsigned int __skb_pagelen(const struct sk_buff *skb)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2016-11-19 04:08:08 +03:00
|
|
|
unsigned int i, len = 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2016-11-19 04:08:08 +03:00
|
|
|
for (i = skb_shinfo(skb)->nr_frags - 1; (int)i >= 0; i--)
|
2011-10-19 01:00:24 +04:00
|
|
|
len += skb_frag_size(&skb_shinfo(skb)->frags[i]);
|
2017-08-03 23:29:38 +03:00
|
|
|
return len;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline unsigned int skb_pagelen(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_headlen(skb) + __skb_pagelen(skb);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2011-08-19 10:25:00 +04:00
|
|
|
/**
|
|
|
|
* __skb_fill_page_desc - initialise a paged fragment in an skb
|
|
|
|
* @skb: buffer containing fragment to be initialised
|
|
|
|
* @i: paged fragment index to initialise
|
|
|
|
* @page: the page to use for this fragment
|
|
|
|
* @off: the offset to the data with @page
|
|
|
|
* @size: the length of the data
|
|
|
|
*
|
|
|
|
* Initialises the @i'th fragment of @skb to point to &size bytes at
|
|
|
|
* offset @off within @page.
|
|
|
|
*
|
|
|
|
* Does not take any additional reference on the fragment.
|
|
|
|
*/
|
|
|
|
static inline void __skb_fill_page_desc(struct sk_buff *skb, int i,
|
|
|
|
struct page *page, int off, int size)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
skb_frag_t *frag = &skb_shinfo(skb)->frags[i];
|
|
|
|
|
2012-08-01 03:44:23 +04:00
|
|
|
/*
|
2015-08-22 00:11:51 +03:00
|
|
|
* Propagate page pfmemalloc to the skb if we can. The problem is
|
|
|
|
* that not all callers have unique ownership of the page but rely
|
|
|
|
* on page_is_pfmemalloc doing the right thing(tm).
|
2012-08-01 03:44:23 +04:00
|
|
|
*/
|
2019-07-23 06:08:29 +03:00
|
|
|
frag->bv_page = page;
|
2019-07-30 17:40:34 +03:00
|
|
|
frag->bv_offset = off;
|
2011-10-19 01:00:24 +04:00
|
|
|
skb_frag_size_set(frag, size);
|
skb: Propagate pfmemalloc on skb from head page only
Hi.
I'm trying to send big chunks of memory from application address space via
TCP socket using vmsplice + splice like this
mem = mmap(128Mb);
vmsplice(pipe[1], mem); /* splice memory into pipe */
splice(pipe[0], tcp_socket); /* send it into network */
When I'm lucky and a huge page splices into the pipe and then into the socket
_and_ client and server ends of the TCP connection are on the same host,
communicating via lo, the whole connection gets stuck! The sending queue
becomes full and app stops writing/splicing more into it, but the receiving
queue remains empty, and that's why.
The __skb_fill_page_desc observes a tail page of a huge page and erroneously
propagates its page->pfmemalloc value onto socket (the pfmemalloc on tail pages
contain garbage). Then this skb->pfmemalloc leaks through lo and due to the
tcp_v4_rcv
sk_filter
if (skb->pfmemalloc && !sock_flag(sk, SOCK_MEMALLOC)) /* true */
return -ENOMEM
goto release_and_discard;
no packets reach the socket. Even TCP re-transmits are dropped by this, as skb
cloning clones the pfmemalloc flag as well.
That said, here's the proper page->pfmemalloc propagation onto socket: we
must check the huge-page's head page only, other pages' pfmemalloc and mapping
values do not contain what is expected in this place. However, I'm not sure
whether this fix is _complete_, since pfmemalloc propagation via lo also
oesn't look great.
Both, bit propagation from page to skb and this check in sk_filter, were
introduced by c48a11c7 (netvm: propagate page->pfmemalloc to skb), in v3.5 so
Mel and stable@ are in Cc.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Mel Gorman <mgorman@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-14 07:29:40 +04:00
|
|
|
|
|
|
|
page = compound_head(page);
|
2015-08-22 00:11:51 +03:00
|
|
|
if (page_is_pfmemalloc(page))
|
skb: Propagate pfmemalloc on skb from head page only
Hi.
I'm trying to send big chunks of memory from application address space via
TCP socket using vmsplice + splice like this
mem = mmap(128Mb);
vmsplice(pipe[1], mem); /* splice memory into pipe */
splice(pipe[0], tcp_socket); /* send it into network */
When I'm lucky and a huge page splices into the pipe and then into the socket
_and_ client and server ends of the TCP connection are on the same host,
communicating via lo, the whole connection gets stuck! The sending queue
becomes full and app stops writing/splicing more into it, but the receiving
queue remains empty, and that's why.
The __skb_fill_page_desc observes a tail page of a huge page and erroneously
propagates its page->pfmemalloc value onto socket (the pfmemalloc on tail pages
contain garbage). Then this skb->pfmemalloc leaks through lo and due to the
tcp_v4_rcv
sk_filter
if (skb->pfmemalloc && !sock_flag(sk, SOCK_MEMALLOC)) /* true */
return -ENOMEM
goto release_and_discard;
no packets reach the socket. Even TCP re-transmits are dropped by this, as skb
cloning clones the pfmemalloc flag as well.
That said, here's the proper page->pfmemalloc propagation onto socket: we
must check the huge-page's head page only, other pages' pfmemalloc and mapping
values do not contain what is expected in this place. However, I'm not sure
whether this fix is _complete_, since pfmemalloc propagation via lo also
oesn't look great.
Both, bit propagation from page to skb and this check in sk_filter, were
introduced by c48a11c7 (netvm: propagate page->pfmemalloc to skb), in v3.5 so
Mel and stable@ are in Cc.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Acked-by: Mel Gorman <mgorman@suse.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-03-14 07:29:40 +04:00
|
|
|
skb->pfmemalloc = true;
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_fill_page_desc - initialise a paged fragment in an skb
|
|
|
|
* @skb: buffer containing fragment to be initialised
|
|
|
|
* @i: paged fragment index to initialise
|
|
|
|
* @page: the page to use for this fragment
|
|
|
|
* @off: the offset to the data with @page
|
|
|
|
* @size: the length of the data
|
|
|
|
*
|
|
|
|
* As per __skb_fill_page_desc() -- initialises the @i'th fragment of
|
2013-11-07 17:18:26 +04:00
|
|
|
* @skb to point to @size bytes at offset @off within @page. In
|
2011-08-19 10:25:00 +04:00
|
|
|
* addition updates @skb such that @i is the last fragment.
|
|
|
|
*
|
|
|
|
* Does not take any additional reference on the fragment.
|
|
|
|
*/
|
|
|
|
static inline void skb_fill_page_desc(struct sk_buff *skb, int i,
|
|
|
|
struct page *page, int off, int size)
|
|
|
|
{
|
|
|
|
__skb_fill_page_desc(skb, i, page, off, size);
|
2005-04-17 02:20:36 +04:00
|
|
|
skb_shinfo(skb)->nr_frags = i + 1;
|
|
|
|
}
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_add_rx_frag(struct sk_buff *skb, int i, struct page *page, int off,
|
|
|
|
int size, unsigned int truesize);
|
2008-10-08 01:22:33 +04:00
|
|
|
|
2013-11-01 10:07:47 +04:00
|
|
|
void skb_coalesce_rx_frag(struct sk_buff *skb, int i, int size,
|
|
|
|
unsigned int truesize);
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
#define SKB_LINEAR_ASSERT(skb) BUG_ON(skb_is_nonlinear(skb))
|
|
|
|
|
2007-04-20 07:29:13 +04:00
|
|
|
#ifdef NET_SKBUFF_DATA_USES_OFFSET
|
|
|
|
static inline unsigned char *skb_tail_pointer(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->head + skb->tail;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_reset_tail_pointer(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->tail = skb->data - skb->head;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_tail_pointer(struct sk_buff *skb, const int offset)
|
|
|
|
{
|
|
|
|
skb_reset_tail_pointer(skb);
|
|
|
|
skb->tail += offset;
|
|
|
|
}
|
2013-05-29 00:34:29 +04:00
|
|
|
|
2007-04-20 07:29:13 +04:00
|
|
|
#else /* NET_SKBUFF_DATA_USES_OFFSET */
|
|
|
|
static inline unsigned char *skb_tail_pointer(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->tail;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_reset_tail_pointer(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->tail = skb->data;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_tail_pointer(struct sk_buff *skb, const int offset)
|
|
|
|
{
|
|
|
|
skb->tail = skb->data + offset;
|
|
|
|
}
|
2007-04-20 07:43:29 +04:00
|
|
|
|
2007-04-20 07:29:13 +04:00
|
|
|
#endif /* NET_SKBUFF_DATA_USES_OFFSET */
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/*
|
|
|
|
* Add data to an sk_buff
|
|
|
|
*/
|
networking: make skb_put & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions (skb_put, __skb_put and pskb_put) return void *
and remove all the casts across the tree, adding a (u8 *) cast only
where the unsigned char pointer was used directly, all done with the
following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = { skb_put, __skb_put };
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = { skb_put, __skb_put };
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
which actually doesn't cover pskb_put since there are only three
users overall.
A handful of stragglers were converted manually, notably a macro in
drivers/isdn/i4l/isdn_bsdcomp.c and, oddly enough, one of the many
instances in net/bluetooth/hci_sock.c. In the former file, I also
had to fix one whitespace problem spatch introduced.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:21 +03:00
|
|
|
void *pskb_put(struct sk_buff *skb, struct sk_buff *tail, int len);
|
|
|
|
void *skb_put(struct sk_buff *skb, unsigned int len);
|
|
|
|
static inline void *__skb_put(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
networking: make skb_put & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions (skb_put, __skb_put and pskb_put) return void *
and remove all the casts across the tree, adding a (u8 *) cast only
where the unsigned char pointer was used directly, all done with the
following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = { skb_put, __skb_put };
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = { skb_put, __skb_put };
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
which actually doesn't cover pskb_put since there are only three
users overall.
A handful of stragglers were converted manually, notably a macro in
drivers/isdn/i4l/isdn_bsdcomp.c and, oddly enough, one of the many
instances in net/bluetooth/hci_sock.c. In the former file, I also
had to fix one whitespace problem spatch introduced.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:21 +03:00
|
|
|
void *tmp = skb_tail_pointer(skb);
|
2005-04-17 02:20:36 +04:00
|
|
|
SKB_LINEAR_ASSERT(skb);
|
|
|
|
skb->tail += len;
|
|
|
|
skb->len += len;
|
|
|
|
return tmp;
|
|
|
|
}
|
|
|
|
|
net: introduce __skb_put_[zero, data, u8]
follow Johannes Berg, semantic patch file as below,
@@
identifier p, p2;
expression len;
expression skb;
type t, t2;
@@
(
-p = __skb_put(skb, len);
+p = __skb_put_zero(skb, len);
|
-p = (t)__skb_put(skb, len);
+p = __skb_put_zero(skb, len);
)
... when != p
(
p2 = (t2)p;
-memset(p2, 0, len);
|
-memset(p, 0, len);
)
@@
identifier p;
expression len;
expression skb;
type t;
@@
(
-t p = __skb_put(skb, len);
+t p = __skb_put_zero(skb, len);
)
... when != p
(
-memset(p, 0, len);
)
@@
type t, t2;
identifier p, p2;
expression skb;
@@
t *p;
...
(
-p = __skb_put(skb, sizeof(t));
+p = __skb_put_zero(skb, sizeof(t));
|
-p = (t *)__skb_put(skb, sizeof(t));
+p = __skb_put_zero(skb, sizeof(t));
)
... when != p
(
p2 = (t2)p;
-memset(p2, 0, sizeof(*p));
|
-memset(p, 0, sizeof(*p));
)
@@
expression skb, len;
@@
-memset(__skb_put(skb, len), 0, len);
+__skb_put_zero(skb, len);
@@
expression skb, len, data;
@@
-memcpy(__skb_put(skb, len), data, len);
+__skb_put_data(skb, data, len);
@@
expression SKB, C, S;
typedef u8;
identifier fn = {__skb_put};
fresh identifier fn2 = fn ## "_u8";
@@
- *(u8 *)fn(SKB, S) = C;
+ fn2(SKB, C);
Signed-off-by: yuan linyu <Linyu.Yuan@alcatel-sbell.com.cn>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-18 17:48:17 +03:00
|
|
|
static inline void *__skb_put_zero(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
void *tmp = __skb_put(skb, len);
|
|
|
|
|
|
|
|
memset(tmp, 0, len);
|
|
|
|
return tmp;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void *__skb_put_data(struct sk_buff *skb, const void *data,
|
|
|
|
unsigned int len)
|
|
|
|
{
|
|
|
|
void *tmp = __skb_put(skb, len);
|
|
|
|
|
|
|
|
memcpy(tmp, data, len);
|
|
|
|
return tmp;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void __skb_put_u8(struct sk_buff *skb, u8 val)
|
|
|
|
{
|
|
|
|
*(u8 *)__skb_put(skb, 1) = val;
|
|
|
|
}
|
|
|
|
|
2017-06-14 23:17:20 +03:00
|
|
|
static inline void *skb_put_zero(struct sk_buff *skb, unsigned int len)
|
2017-05-24 10:07:47 +03:00
|
|
|
{
|
2017-06-14 23:17:20 +03:00
|
|
|
void *tmp = skb_put(skb, len);
|
2017-05-24 10:07:47 +03:00
|
|
|
|
|
|
|
memset(tmp, 0, len);
|
|
|
|
|
|
|
|
return tmp;
|
|
|
|
}
|
|
|
|
|
networking: introduce and use skb_put_data()
A common pattern with skb_put() is to just want to memcpy()
some data into the new space, introduce skb_put_data() for
this.
An spatch similar to the one for skb_put_zero() converts many
of the places using it:
@@
identifier p, p2;
expression len, skb, data;
type t, t2;
@@
(
-p = skb_put(skb, len);
+p = skb_put_data(skb, data, len);
|
-p = (t)skb_put(skb, len);
+p = skb_put_data(skb, data, len);
)
(
p2 = (t2)p;
-memcpy(p2, data, len);
|
-memcpy(p, data, len);
)
@@
type t, t2;
identifier p, p2;
expression skb, data;
@@
t *p;
...
(
-p = skb_put(skb, sizeof(t));
+p = skb_put_data(skb, data, sizeof(t));
|
-p = (t *)skb_put(skb, sizeof(t));
+p = skb_put_data(skb, data, sizeof(t));
)
(
p2 = (t2)p;
-memcpy(p2, data, sizeof(*p));
|
-memcpy(p, data, sizeof(*p));
)
@@
expression skb, len, data;
@@
-memcpy(skb_put(skb, len), data, len);
+skb_put_data(skb, data, len);
(again, manually post-processed to retain some comments)
Reviewed-by: Stephen Hemminger <stephen@networkplumber.org>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:20 +03:00
|
|
|
static inline void *skb_put_data(struct sk_buff *skb, const void *data,
|
|
|
|
unsigned int len)
|
|
|
|
{
|
|
|
|
void *tmp = skb_put(skb, len);
|
|
|
|
|
|
|
|
memcpy(tmp, data, len);
|
|
|
|
|
|
|
|
return tmp;
|
|
|
|
}
|
|
|
|
|
networking: add and use skb_put_u8()
Joe and Bjørn suggested that it'd be nicer to not have the
cast in the fairly common case of doing
*(u8 *)skb_put(skb, 1) = c;
Add skb_put_u8() for this case, and use it across the code,
using the following spatch:
@@
expression SKB, C, S;
typedef u8;
identifier fn = {skb_put};
fresh identifier fn2 = fn ## "_u8";
@@
- *(u8 *)fn(SKB, S) = C;
+ fn2(SKB, C);
Note that due to the "S", the spatch isn't perfect, it should
have checked that S is 1, but there's also places that use a
sizeof expression like sizeof(var) or sizeof(u8) etc. Turns
out that nobody ever did something like
*(u8 *)skb_put(skb, 2) = c;
which would be wrong anyway since the second byte wouldn't be
initialized.
Suggested-by: Joe Perches <joe@perches.com>
Suggested-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:24 +03:00
|
|
|
static inline void skb_put_u8(struct sk_buff *skb, u8 val)
|
|
|
|
{
|
|
|
|
*(u8 *)skb_put(skb, 1) = val;
|
|
|
|
}
|
|
|
|
|
networking: make skb_push & __skb_push return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
@@
expression SKB, LEN;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
@@
- fn(SKB, LEN)[0]
+ *(u8 *)fn(SKB, LEN)
Note that the last part there converts from push(...)[0] to the
more idiomatic *(u8 *)push(...).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:23 +03:00
|
|
|
void *skb_push(struct sk_buff *skb, unsigned int len);
|
|
|
|
static inline void *__skb_push(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
skb->data -= len;
|
|
|
|
skb->len += len;
|
|
|
|
return skb->data;
|
|
|
|
}
|
|
|
|
|
networking: make skb_pull & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:22 +03:00
|
|
|
void *skb_pull(struct sk_buff *skb, unsigned int len);
|
|
|
|
static inline void *__skb_pull(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
skb->len -= len;
|
2022-06-02 19:18:58 +03:00
|
|
|
if (unlikely(skb->len < skb->data_len)) {
|
|
|
|
#if defined(CONFIG_DEBUG_NET)
|
|
|
|
skb->len += len;
|
|
|
|
pr_err("__skb_pull(len=%u)\n", len);
|
|
|
|
skb_dump(KERN_ERR, skb, false);
|
|
|
|
#endif
|
|
|
|
BUG();
|
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
return skb->data += len;
|
|
|
|
}
|
|
|
|
|
networking: make skb_pull & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:22 +03:00
|
|
|
static inline void *skb_pull_inline(struct sk_buff *skb, unsigned int len)
|
2010-05-02 13:21:44 +04:00
|
|
|
{
|
|
|
|
return unlikely(len > skb->len) ? NULL : __skb_pull(skb, len);
|
|
|
|
}
|
|
|
|
|
2021-12-01 21:54:52 +03:00
|
|
|
void *skb_pull_data(struct sk_buff *skb, size_t len);
|
|
|
|
|
networking: make skb_pull & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:22 +03:00
|
|
|
void *__pskb_pull_tail(struct sk_buff *skb, int delta);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
networking: make skb_pull & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:22 +03:00
|
|
|
static inline void *__pskb_pull(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
if (len > skb_headlen(skb) &&
|
2008-08-12 05:17:17 +04:00
|
|
|
!__pskb_pull_tail(skb, len - skb_headlen(skb)))
|
2005-04-17 02:20:36 +04:00
|
|
|
return NULL;
|
|
|
|
skb->len -= len;
|
|
|
|
return skb->data += len;
|
|
|
|
}
|
|
|
|
|
networking: make skb_pull & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:22 +03:00
|
|
|
static inline void *pskb_pull(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
return unlikely(len > skb->len) ? NULL : __pskb_pull(skb, len);
|
|
|
|
}
|
|
|
|
|
2019-10-06 19:19:54 +03:00
|
|
|
static inline bool pskb_may_pull(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
if (likely(len <= skb_headlen(skb)))
|
2019-10-06 19:19:54 +03:00
|
|
|
return true;
|
2005-04-17 02:20:36 +04:00
|
|
|
if (unlikely(len > skb->len))
|
2019-10-06 19:19:54 +03:00
|
|
|
return false;
|
2008-08-12 05:17:17 +04:00
|
|
|
return __pskb_pull_tail(skb, len - skb_headlen(skb)) != NULL;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
udp: under rx pressure, try to condense skbs
Under UDP flood, many softirq producers try to add packets to
UDP receive queue, and one user thread is burning one cpu trying
to dequeue packets as fast as possible.
Two parts of the per packet cost are :
- copying payload from kernel space to user space,
- freeing memory pieces associated with skb.
If socket is under pressure, softirq handler(s) can try to pull in
skb->head the payload of the packet if it fits.
Meaning the softirq handler(s) can free/reuse the page fragment
immediately, instead of letting udp_recvmsg() do this hundreds of usec
later, possibly from another node.
Additional gains :
- We reduce skb->truesize and thus can store more packets per SO_RCVBUF
- We avoid cache line misses at copyout() time and consume_skb() time,
and avoid one put_page() with potential alien freeing on NUMA hosts.
This comes at the cost of a copy, bounded to available tail room, which
is usually small. (We might have to fix GRO_MAX_HEAD which looks bigger
than necessary)
This patch gave me about 5 % increase in throughput in my tests.
skb_condense() helper could probably used in other contexts.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-12-07 20:19:33 +03:00
|
|
|
void skb_condense(struct sk_buff *skb);
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_headroom - bytes at buffer head
|
|
|
|
* @skb: buffer to check
|
|
|
|
*
|
|
|
|
* Return the number of bytes of free space at the head of an &sk_buff.
|
|
|
|
*/
|
2007-10-24 08:07:32 +04:00
|
|
|
static inline unsigned int skb_headroom(const struct sk_buff *skb)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
return skb->data - skb->head;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_tailroom - bytes at buffer end
|
|
|
|
* @skb: buffer to check
|
|
|
|
*
|
|
|
|
* Return the number of bytes of free space at the tail of an sk_buff
|
|
|
|
*/
|
|
|
|
static inline int skb_tailroom(const struct sk_buff *skb)
|
|
|
|
{
|
2007-04-20 07:43:29 +04:00
|
|
|
return skb_is_nonlinear(skb) ? 0 : skb->end - skb->tail;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2012-04-11 00:30:48 +04:00
|
|
|
/**
|
|
|
|
* skb_availroom - bytes at buffer end
|
|
|
|
* @skb: buffer to check
|
|
|
|
*
|
|
|
|
* Return the number of bytes of free space at the tail of an sk_buff
|
|
|
|
* allocated by sk_stream_alloc()
|
|
|
|
*/
|
|
|
|
static inline int skb_availroom(const struct sk_buff *skb)
|
|
|
|
{
|
2013-03-14 09:40:32 +04:00
|
|
|
if (skb_is_nonlinear(skb))
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
return skb->end - skb->tail - skb->reserved_tailroom;
|
2012-04-11 00:30:48 +04:00
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_reserve - adjust headroom
|
|
|
|
* @skb: buffer to alter
|
|
|
|
* @len: bytes to move
|
|
|
|
*
|
|
|
|
* Increase the headroom of an empty &sk_buff by reducing the tail
|
|
|
|
* room. This is only allowed for an empty buffer.
|
|
|
|
*/
|
2006-01-17 13:54:21 +03:00
|
|
|
static inline void skb_reserve(struct sk_buff *skb, int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
skb->data += len;
|
|
|
|
skb->tail += len;
|
|
|
|
}
|
|
|
|
|
mld, igmp: Fix reserved tailroom calculation
The current reserved_tailroom calculation fails to take hlen and tlen into
account.
skb:
[__hlen__|__data____________|__tlen___|__extra__]
^ ^
head skb_end_offset
In this representation, hlen + data + tlen is the size passed to alloc_skb.
"extra" is the extra space made available in __alloc_skb because of
rounding up by kmalloc. We can reorder the representation like so:
[__hlen__|__data____________|__extra__|__tlen___]
^ ^
head skb_end_offset
The maximum space available for ip headers and payload without
fragmentation is min(mtu, data + extra). Therefore,
reserved_tailroom
= data + extra + tlen - min(mtu, data + extra)
= skb_end_offset - hlen - min(mtu, skb_end_offset - hlen - tlen)
= skb_tailroom - min(mtu, skb_tailroom - tlen) ; after skb_reserve(hlen)
Compare the second line to the current expression:
reserved_tailroom = skb_end_offset - min(mtu, skb_end_offset)
and we can see that hlen and tlen are not taken into account.
The min() in the third line can be expanded into:
if mtu < skb_tailroom - tlen:
reserved_tailroom = skb_tailroom - mtu
else:
reserved_tailroom = tlen
Depending on hlen, tlen, mtu and the number of multicast address records,
the current code may output skbs that have less tailroom than
dev->needed_tailroom or it may output more skbs than needed because not all
space available is used.
Fixes: 4c672e4b ("ipv6: mld: fix add_grhead skb_over_panic for devs with large MTUs")
Signed-off-by: Benjamin Poirier <bpoirier@suse.com>
Acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-03-01 02:03:33 +03:00
|
|
|
/**
|
|
|
|
* skb_tailroom_reserve - adjust reserved_tailroom
|
|
|
|
* @skb: buffer to alter
|
|
|
|
* @mtu: maximum amount of headlen permitted
|
|
|
|
* @needed_tailroom: minimum amount of reserved_tailroom
|
|
|
|
*
|
|
|
|
* Set reserved_tailroom so that headlen can be as large as possible but
|
|
|
|
* not larger than mtu and tailroom cannot be smaller than
|
|
|
|
* needed_tailroom.
|
|
|
|
* The required headroom should already have been reserved before using
|
|
|
|
* this function.
|
|
|
|
*/
|
|
|
|
static inline void skb_tailroom_reserve(struct sk_buff *skb, unsigned int mtu,
|
|
|
|
unsigned int needed_tailroom)
|
|
|
|
{
|
|
|
|
SKB_LINEAR_ASSERT(skb);
|
|
|
|
if (mtu < skb_tailroom(skb) - needed_tailroom)
|
|
|
|
/* use at most mtu */
|
|
|
|
skb->reserved_tailroom = skb_tailroom(skb) - mtu;
|
|
|
|
else
|
|
|
|
/* use up to all available space */
|
|
|
|
skb->reserved_tailroom = needed_tailroom;
|
|
|
|
}
|
|
|
|
|
2014-09-30 07:22:29 +04:00
|
|
|
#define ENCAP_TYPE_ETHER 0
|
|
|
|
#define ENCAP_TYPE_IPPROTO 1
|
|
|
|
|
|
|
|
static inline void skb_set_inner_protocol(struct sk_buff *skb,
|
|
|
|
__be16 protocol)
|
|
|
|
{
|
|
|
|
skb->inner_protocol = protocol;
|
|
|
|
skb->inner_protocol_type = ENCAP_TYPE_ETHER;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_inner_ipproto(struct sk_buff *skb,
|
|
|
|
__u8 ipproto)
|
|
|
|
{
|
|
|
|
skb->inner_ipproto = ipproto;
|
|
|
|
skb->inner_protocol_type = ENCAP_TYPE_IPPROTO;
|
|
|
|
}
|
|
|
|
|
2012-12-07 18:14:14 +04:00
|
|
|
static inline void skb_reset_inner_headers(struct sk_buff *skb)
|
|
|
|
{
|
2013-03-07 17:21:46 +04:00
|
|
|
skb->inner_mac_header = skb->mac_header;
|
2012-12-07 18:14:14 +04:00
|
|
|
skb->inner_network_header = skb->network_header;
|
|
|
|
skb->inner_transport_header = skb->transport_header;
|
|
|
|
}
|
|
|
|
|
2011-06-10 10:56:58 +04:00
|
|
|
static inline void skb_reset_mac_len(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->mac_len = skb->network_header - skb->mac_header;
|
|
|
|
}
|
|
|
|
|
2012-12-07 18:14:14 +04:00
|
|
|
static inline unsigned char *skb_inner_transport_header(const struct sk_buff
|
|
|
|
*skb)
|
|
|
|
{
|
|
|
|
return skb->head + skb->inner_transport_header;
|
|
|
|
}
|
|
|
|
|
2015-12-14 22:19:40 +03:00
|
|
|
static inline int skb_inner_transport_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_inner_transport_header(skb) - skb->data;
|
|
|
|
}
|
|
|
|
|
2012-12-07 18:14:14 +04:00
|
|
|
static inline void skb_reset_inner_transport_header(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->inner_transport_header = skb->data - skb->head;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_inner_transport_header(struct sk_buff *skb,
|
|
|
|
const int offset)
|
|
|
|
{
|
|
|
|
skb_reset_inner_transport_header(skb);
|
|
|
|
skb->inner_transport_header += offset;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline unsigned char *skb_inner_network_header(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->head + skb->inner_network_header;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_reset_inner_network_header(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->inner_network_header = skb->data - skb->head;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_inner_network_header(struct sk_buff *skb,
|
|
|
|
const int offset)
|
|
|
|
{
|
|
|
|
skb_reset_inner_network_header(skb);
|
|
|
|
skb->inner_network_header += offset;
|
|
|
|
}
|
|
|
|
|
2013-03-07 17:21:46 +04:00
|
|
|
static inline unsigned char *skb_inner_mac_header(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->head + skb->inner_mac_header;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_reset_inner_mac_header(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->inner_mac_header = skb->data - skb->head;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_inner_mac_header(struct sk_buff *skb,
|
|
|
|
const int offset)
|
|
|
|
{
|
|
|
|
skb_reset_inner_mac_header(skb);
|
|
|
|
skb->inner_mac_header += offset;
|
|
|
|
}
|
2013-01-07 13:28:21 +04:00
|
|
|
static inline bool skb_transport_header_was_set(const struct sk_buff *skb)
|
|
|
|
{
|
2013-05-29 11:16:05 +04:00
|
|
|
return skb->transport_header != (typeof(skb->transport_header))~0U;
|
2013-01-07 13:28:21 +04:00
|
|
|
}
|
|
|
|
|
2007-04-26 05:04:18 +04:00
|
|
|
static inline unsigned char *skb_transport_header(const struct sk_buff *skb)
|
|
|
|
{
|
2022-05-10 06:57:39 +03:00
|
|
|
DEBUG_NET_WARN_ON_ONCE(!skb_transport_header_was_set(skb));
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
return skb->head + skb->transport_header;
|
2007-04-26 05:04:18 +04:00
|
|
|
}
|
|
|
|
|
2007-03-13 19:06:52 +03:00
|
|
|
static inline void skb_reset_transport_header(struct sk_buff *skb)
|
|
|
|
{
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
skb->transport_header = skb->data - skb->head;
|
2007-03-13 19:06:52 +03:00
|
|
|
}
|
|
|
|
|
2007-03-13 19:51:52 +03:00
|
|
|
static inline void skb_set_transport_header(struct sk_buff *skb,
|
|
|
|
const int offset)
|
|
|
|
{
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
skb_reset_transport_header(skb);
|
|
|
|
skb->transport_header += offset;
|
2007-04-26 04:55:53 +04:00
|
|
|
}
|
|
|
|
|
2007-04-11 07:50:43 +04:00
|
|
|
static inline unsigned char *skb_network_header(const struct sk_buff *skb)
|
|
|
|
{
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
return skb->head + skb->network_header;
|
2007-04-11 07:50:43 +04:00
|
|
|
}
|
|
|
|
|
2007-04-11 07:45:18 +04:00
|
|
|
static inline void skb_reset_network_header(struct sk_buff *skb)
|
|
|
|
{
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
skb->network_header = skb->data - skb->head;
|
2007-04-11 07:45:18 +04:00
|
|
|
}
|
|
|
|
|
2007-03-12 04:39:41 +03:00
|
|
|
static inline void skb_set_network_header(struct sk_buff *skb, const int offset)
|
|
|
|
{
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
skb_reset_network_header(skb);
|
|
|
|
skb->network_header += offset;
|
2007-03-12 04:39:41 +03:00
|
|
|
}
|
|
|
|
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
static inline unsigned char *skb_mac_header(const struct sk_buff *skb)
|
2007-03-11 04:16:10 +03:00
|
|
|
{
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
return skb->head + skb->mac_header;
|
2007-03-11 04:16:10 +03:00
|
|
|
}
|
|
|
|
|
2017-02-07 10:56:06 +03:00
|
|
|
static inline int skb_mac_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_mac_header(skb) - skb->data;
|
|
|
|
}
|
|
|
|
|
2017-07-02 03:13:25 +03:00
|
|
|
static inline u32 skb_mac_header_len(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->network_header - skb->mac_header;
|
|
|
|
}
|
|
|
|
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
static inline int skb_mac_header_was_set(const struct sk_buff *skb)
|
2007-03-16 23:26:39 +03:00
|
|
|
{
|
2013-05-29 11:16:05 +04:00
|
|
|
return skb->mac_header != (typeof(skb->mac_header))~0U;
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
}
|
|
|
|
|
2020-09-30 18:18:17 +03:00
|
|
|
static inline void skb_unset_mac_header(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->mac_header = (typeof(skb->mac_header))~0U;
|
|
|
|
}
|
|
|
|
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
static inline void skb_reset_mac_header(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->mac_header = skb->data - skb->head;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_mac_header(struct sk_buff *skb, const int offset)
|
|
|
|
{
|
|
|
|
skb_reset_mac_header(skb);
|
|
|
|
skb->mac_header += offset;
|
|
|
|
}
|
|
|
|
|
2013-12-16 13:02:09 +04:00
|
|
|
static inline void skb_pop_mac_header(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->mac_header = skb->network_header;
|
|
|
|
}
|
|
|
|
|
net: Don't set transport offset to invalid value
If the socket was created with socket(AF_PACKET, SOCK_RAW, 0),
skb->protocol will be unset, __skb_flow_dissect() will fail, and
skb_probe_transport_header() will fall back to the offset_hint, making
the resulting skb_transport_offset incorrect.
If, however, there is no transport header in the packet,
transport_header shouldn't be set to an arbitrary value.
Fix it by leaving the transport offset unset if it couldn't be found, to
be explicit rather than to fill it with some wrong value. It changes the
behavior, but if some code relied on the old behavior, it would be
broken anyway, as the old one is incorrect.
Signed-off-by: Maxim Mikityanskiy <maximmi@mellanox.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-02-21 15:39:57 +03:00
|
|
|
static inline void skb_probe_transport_header(struct sk_buff *skb)
|
2013-03-27 20:46:06 +04:00
|
|
|
{
|
2018-05-04 12:32:59 +03:00
|
|
|
struct flow_keys_basic keys;
|
2013-03-27 20:46:06 +04:00
|
|
|
|
|
|
|
if (skb_transport_header_was_set(skb))
|
|
|
|
return;
|
2018-05-04 12:32:59 +03:00
|
|
|
|
2019-04-22 18:55:46 +03:00
|
|
|
if (skb_flow_dissect_flow_keys_basic(NULL, skb, &keys,
|
|
|
|
NULL, 0, 0, 0, 0))
|
2015-06-04 19:16:39 +03:00
|
|
|
skb_set_transport_header(skb, keys.control.thoff);
|
2013-03-27 20:46:06 +04:00
|
|
|
}
|
|
|
|
|
2012-02-23 14:55:02 +04:00
|
|
|
static inline void skb_mac_header_rebuild(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb_mac_header_was_set(skb)) {
|
|
|
|
const unsigned char *old_mac = skb_mac_header(skb);
|
|
|
|
|
|
|
|
skb_set_mac_header(skb, -skb->mac_len);
|
|
|
|
memmove(skb_mac_header(skb), old_mac, skb->mac_len);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2010-12-14 18:24:08 +03:00
|
|
|
static inline int skb_checksum_start_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->csum_start - skb_headroom(skb);
|
|
|
|
}
|
|
|
|
|
2016-02-06 02:27:49 +03:00
|
|
|
static inline unsigned char *skb_checksum_start(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->head + skb->csum_start;
|
|
|
|
}
|
|
|
|
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
static inline int skb_transport_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_transport_header(skb) - skb->data;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline u32 skb_network_header_len(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->transport_header - skb->network_header;
|
|
|
|
}
|
|
|
|
|
2012-12-07 18:14:14 +04:00
|
|
|
static inline u32 skb_inner_network_header_len(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->inner_transport_header - skb->inner_network_header;
|
|
|
|
}
|
|
|
|
|
[SK_BUFF]: Use offsets for skb->{mac,network,transport}_header on 64bit architectures
With this we save 8 bytes per network packet, leaving a 4 bytes hole to be used
in further shrinking work, likely with the offsetization of other pointers,
such as ->{data,tail,end}, at the cost of adds, that were minimized by the
usual practice of setting skb->{mac,nh,n}.raw to a local variable that is then
accessed multiple times in each function, it also is not more expensive than
before with regards to most of the handling of such headers, like setting one
of these headers to another (transport to network, etc), or subtracting, adding
to/from it, comparing them, etc.
Now we have this layout for sk_buff on a x86_64 machine:
[acme@mica net-2.6.22]$ pahole vmlinux sk_buff
struct sk_buff {
struct sk_buff * next; /* 0 8 */
struct sk_buff * prev; /* 8 8 */
struct rb_node rb; /* 16 24 */
struct sock * sk; /* 40 8 */
ktime_t tstamp; /* 48 8 */
struct net_device * dev; /* 56 8 */
/* --- cacheline 1 boundary (64 bytes) --- */
struct net_device * input_dev; /* 64 8 */
sk_buff_data_t transport_header; /* 72 4 */
sk_buff_data_t network_header; /* 76 4 */
sk_buff_data_t mac_header; /* 80 4 */
/* XXX 4 bytes hole, try to pack */
struct dst_entry * dst; /* 88 8 */
struct sec_path * sp; /* 96 8 */
char cb[48]; /* 104 48 */
/* cacheline 2 boundary (128 bytes) was 24 bytes ago*/
unsigned int len; /* 152 4 */
unsigned int data_len; /* 156 4 */
unsigned int mac_len; /* 160 4 */
union {
__wsum csum; /* 4 */
__u32 csum_offset; /* 4 */
}; /* 164 4 */
__u32 priority; /* 168 4 */
__u8 local_df:1; /* 172 1 */
__u8 cloned:1; /* 172 1 */
__u8 ip_summed:2; /* 172 1 */
__u8 nohdr:1; /* 172 1 */
__u8 nfctinfo:3; /* 172 1 */
__u8 pkt_type:3; /* 173 1 */
__u8 fclone:2; /* 173 1 */
__u8 ipvs_property:1; /* 173 1 */
/* XXX 2 bits hole, try to pack */
__be16 protocol; /* 174 2 */
void (*destructor)(struct sk_buff *); /* 176 8 */
struct nf_conntrack * nfct; /* 184 8 */
/* --- cacheline 3 boundary (192 bytes) --- */
struct sk_buff * nfct_reasm; /* 192 8 */
struct nf_bridge_info *nf_bridge; /* 200 8 */
__u16 tc_index; /* 208 2 */
__u16 tc_verd; /* 210 2 */
dma_cookie_t dma_cookie; /* 212 4 */
__u32 secmark; /* 216 4 */
__u32 mark; /* 220 4 */
unsigned int truesize; /* 224 4 */
atomic_t users; /* 228 4 */
unsigned char * head; /* 232 8 */
unsigned char * data; /* 240 8 */
unsigned char * tail; /* 248 8 */
/* --- cacheline 4 boundary (256 bytes) --- */
unsigned char * end; /* 256 8 */
}; /* size: 264, cachelines: 5 */
/* sum members: 260, holes: 1, sum holes: 4 */
/* bit holes: 1, sum bit holes: 2 bits */
/* last cacheline: 8 bytes */
On 32 bits nothing changes, and pointers continue to be used with the compiler
turning all this abstraction layer into dust. But there are some sk_buff
validation tricks that are now possible, humm... :-)
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-04-11 08:22:35 +04:00
|
|
|
static inline int skb_network_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_network_header(skb) - skb->data;
|
|
|
|
}
|
2007-03-10 18:30:58 +03:00
|
|
|
|
2012-12-07 18:14:14 +04:00
|
|
|
static inline int skb_inner_network_offset(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_inner_network_header(skb) - skb->data;
|
|
|
|
}
|
|
|
|
|
2010-08-04 08:43:44 +04:00
|
|
|
static inline int pskb_network_may_pull(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
return pskb_may_pull(skb, skb_network_offset(skb) + len);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/*
|
|
|
|
* CPUs often take a performance hit when accessing unaligned memory
|
|
|
|
* locations. The actual performance hit varies, it can be small if the
|
|
|
|
* hardware handles it or large if we have to take an exception and fix it
|
|
|
|
* in software.
|
|
|
|
*
|
|
|
|
* Since an ethernet header is 14 bytes network drivers often end up with
|
|
|
|
* the IP header at an unaligned offset. The IP header can be aligned by
|
|
|
|
* shifting the start of the packet by 2 bytes. Drivers should do this
|
|
|
|
* with:
|
|
|
|
*
|
2009-07-14 02:48:16 +04:00
|
|
|
* skb_reserve(skb, NET_IP_ALIGN);
|
2005-04-17 02:20:36 +04:00
|
|
|
*
|
|
|
|
* The downside to this alignment of the IP header is that the DMA is now
|
|
|
|
* unaligned. On some architectures the cost of an unaligned DMA is high
|
|
|
|
* and this cost outweighs the gains made by aligning the IP header.
|
2009-07-14 02:48:16 +04:00
|
|
|
*
|
2005-04-17 02:20:36 +04:00
|
|
|
* Since this trade off varies between architectures, we allow NET_IP_ALIGN
|
|
|
|
* to be overridden.
|
|
|
|
*/
|
|
|
|
#ifndef NET_IP_ALIGN
|
|
|
|
#define NET_IP_ALIGN 2
|
|
|
|
#endif
|
|
|
|
|
2006-03-31 14:27:06 +04:00
|
|
|
/*
|
|
|
|
* The networking layer reserves some headroom in skb data (via
|
|
|
|
* dev_alloc_skb). This is used to avoid having to reallocate skb data when
|
|
|
|
* the header has to grow. In the default case, if the header has to grow
|
2009-02-09 06:24:13 +03:00
|
|
|
* 32 bytes or less we avoid the reallocation.
|
2006-03-31 14:27:06 +04:00
|
|
|
*
|
|
|
|
* Unfortunately this headroom changes the DMA alignment of the resulting
|
|
|
|
* network packet. As for NET_IP_ALIGN, this unaligned DMA is expensive
|
|
|
|
* on some architectures. An architecture can override this value,
|
|
|
|
* perhaps setting it to a cacheline in size (since that will maintain
|
|
|
|
* cacheline alignment of the DMA). It must be a power of 2.
|
|
|
|
*
|
2009-02-09 06:24:13 +03:00
|
|
|
* Various parts of the networking layer expect at least 32 bytes of
|
2006-03-31 14:27:06 +04:00
|
|
|
* headroom, you should not reduce this.
|
2010-06-16 05:16:43 +04:00
|
|
|
*
|
|
|
|
* Using max(32, L1_CACHE_BYTES) makes sense (especially with RPS)
|
|
|
|
* to reduce average number of cache lines per packet.
|
2020-08-27 14:27:49 +03:00
|
|
|
* get_rps_cpu() for example only access one 64 bytes aligned block :
|
2010-05-07 08:58:51 +04:00
|
|
|
* NET_IP_ALIGN(2) + ethernet_header(14) + IP_header(20/40) + ports(8)
|
2006-03-31 14:27:06 +04:00
|
|
|
*/
|
|
|
|
#ifndef NET_SKB_PAD
|
2010-06-16 05:16:43 +04:00
|
|
|
#define NET_SKB_PAD max(32, L1_CACHE_BYTES)
|
2006-03-31 14:27:06 +04:00
|
|
|
#endif
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
int ___pskb_trim(struct sk_buff *skb, unsigned int len);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2016-08-18 02:00:39 +03:00
|
|
|
static inline void __skb_set_length(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2018-11-06 18:45:36 +03:00
|
|
|
if (WARN_ON(skb_is_nonlinear(skb)))
|
2006-06-10 03:13:38 +04:00
|
|
|
return;
|
2007-04-20 07:29:13 +04:00
|
|
|
skb->len = len;
|
|
|
|
skb_set_tail_pointer(skb, len);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2016-08-18 02:00:39 +03:00
|
|
|
static inline void __skb_trim(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
__skb_set_length(skb, len);
|
|
|
|
}
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_trim(struct sk_buff *skb, unsigned int len);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
|
|
|
static inline int __pskb_trim(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
2006-06-10 03:13:38 +04:00
|
|
|
if (skb->data_len)
|
|
|
|
return ___pskb_trim(skb, len);
|
|
|
|
__skb_trim(skb, len);
|
|
|
|
return 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline int pskb_trim(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
return (len < skb->len) ? __pskb_trim(skb, len) : 0;
|
|
|
|
}
|
|
|
|
|
2006-08-14 07:12:58 +04:00
|
|
|
/**
|
|
|
|
* pskb_trim_unique - remove end from a paged unique (not cloned) buffer
|
|
|
|
* @skb: buffer to alter
|
|
|
|
* @len: new length
|
|
|
|
*
|
|
|
|
* This is identical to pskb_trim except that the caller knows that
|
|
|
|
* the skb is not cloned so we should never get an error due to out-
|
|
|
|
* of-memory.
|
|
|
|
*/
|
|
|
|
static inline void pskb_trim_unique(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
int err = pskb_trim(skb, len);
|
|
|
|
BUG_ON(err);
|
|
|
|
}
|
|
|
|
|
2016-08-18 02:00:39 +03:00
|
|
|
static inline int __skb_grow(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
unsigned int diff = len - skb->len;
|
|
|
|
|
|
|
|
if (skb_tailroom(skb) < diff) {
|
|
|
|
int ret = pskb_expand_head(skb, 0, diff - skb_tailroom(skb),
|
|
|
|
GFP_ATOMIC);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
__skb_set_length(skb, len);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_orphan - orphan a buffer
|
|
|
|
* @skb: buffer to orphan
|
|
|
|
*
|
|
|
|
* If a buffer currently has an owner then we call the owner's
|
|
|
|
* destructor function and make the @skb unowned. The buffer continues
|
|
|
|
* to exist but is no longer charged to its former owner.
|
|
|
|
*/
|
|
|
|
static inline void skb_orphan(struct sk_buff *skb)
|
|
|
|
{
|
2013-07-31 03:11:15 +04:00
|
|
|
if (skb->destructor) {
|
2005-04-17 02:20:36 +04:00
|
|
|
skb->destructor(skb);
|
2013-07-31 03:11:15 +04:00
|
|
|
skb->destructor = NULL;
|
|
|
|
skb->sk = NULL;
|
2013-08-01 22:43:08 +04:00
|
|
|
} else {
|
|
|
|
BUG_ON(skb->sk);
|
2013-07-31 03:11:15 +04:00
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2012-07-20 13:23:07 +04:00
|
|
|
/**
|
|
|
|
* skb_orphan_frags - orphan the frags contained in a buffer
|
|
|
|
* @skb: buffer to orphan frags from
|
|
|
|
* @gfp_mask: allocation mask for replacement pages
|
|
|
|
*
|
|
|
|
* For each frag in the SKB which needs a destructor (i.e. has an
|
|
|
|
* owner) create a copy of that frag and release the original
|
|
|
|
* page by calling the destructor.
|
|
|
|
*/
|
|
|
|
static inline int skb_orphan_frags(struct sk_buff *skb, gfp_t gfp_mask)
|
|
|
|
{
|
sock: enable MSG_ZEROCOPY
Prepare the datapath for refcounted ubuf_info. Clone ubuf_info with
skb_zerocopy_clone() wherever needed due to skb split, merge, resize
or clone.
Split skb_orphan_frags into two variants. The split, merge, .. paths
support reference counted zerocopy buffers, so do not do a deep copy.
Add skb_orphan_frags_rx for paths that may loop packets to receive
sockets. That is not allowed, as it may cause unbounded latency.
Deep copy all zerocopy copy buffers, ref-counted or not, in this path.
The exact locations to modify were chosen by exhaustively searching
through all code that might modify skb_frag references and/or the
the SKBTX_DEV_ZEROCOPY tx_flags bit.
The changes err on the safe side, in two ways.
(1) legacy ubuf_info paths virtio and tap are not modified. They keep
a 1:1 ubuf_info to sk_buff relationship. Calls to skb_orphan_frags
still call skb_copy_ubufs and thus copy frags in this case.
(2) not all copies deep in the stack are addressed yet. skb_shift,
skb_split and skb_try_coalesce can be refined to avoid copying.
These are not in the hot path and this patch is hairy enough as
is, so that is left for future refinement.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-08-03 23:29:41 +03:00
|
|
|
if (likely(!skb_zcopy(skb)))
|
|
|
|
return 0;
|
2022-07-12 23:52:28 +03:00
|
|
|
if (skb_shinfo(skb)->flags & SKBFL_DONT_ORPHAN)
|
sock: enable MSG_ZEROCOPY
Prepare the datapath for refcounted ubuf_info. Clone ubuf_info with
skb_zerocopy_clone() wherever needed due to skb split, merge, resize
or clone.
Split skb_orphan_frags into two variants. The split, merge, .. paths
support reference counted zerocopy buffers, so do not do a deep copy.
Add skb_orphan_frags_rx for paths that may loop packets to receive
sockets. That is not allowed, as it may cause unbounded latency.
Deep copy all zerocopy copy buffers, ref-counted or not, in this path.
The exact locations to modify were chosen by exhaustively searching
through all code that might modify skb_frag references and/or the
the SKBTX_DEV_ZEROCOPY tx_flags bit.
The changes err on the safe side, in two ways.
(1) legacy ubuf_info paths virtio and tap are not modified. They keep
a 1:1 ubuf_info to sk_buff relationship. Calls to skb_orphan_frags
still call skb_copy_ubufs and thus copy frags in this case.
(2) not all copies deep in the stack are addressed yet. skb_shift,
skb_split and skb_try_coalesce can be refined to avoid copying.
These are not in the hot path and this patch is hairy enough as
is, so that is left for future refinement.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-08-03 23:29:41 +03:00
|
|
|
return 0;
|
|
|
|
return skb_copy_ubufs(skb, gfp_mask);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Frags must be orphaned, even if refcounted, if skb might loop to rx path */
|
|
|
|
static inline int skb_orphan_frags_rx(struct sk_buff *skb, gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
if (likely(!skb_zcopy(skb)))
|
2012-07-20 13:23:07 +04:00
|
|
|
return 0;
|
|
|
|
return skb_copy_ubufs(skb, gfp_mask);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* __skb_queue_purge - empty a list
|
|
|
|
* @list: list to empty
|
|
|
|
*
|
|
|
|
* Delete all buffers on an &sk_buff list. Each buffer is removed from
|
|
|
|
* the list and one reference dropped. This function does not take the
|
|
|
|
* list lock and the caller must hold the relevant locks to use it.
|
|
|
|
*/
|
|
|
|
static inline void __skb_queue_purge(struct sk_buff_head *list)
|
|
|
|
{
|
|
|
|
struct sk_buff *skb;
|
|
|
|
while ((skb = __skb_dequeue(list)) != NULL)
|
|
|
|
kfree_skb(skb);
|
|
|
|
}
|
2019-02-12 00:02:25 +03:00
|
|
|
void skb_queue_purge(struct sk_buff_head *list);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2018-08-03 02:34:38 +03:00
|
|
|
unsigned int skb_rbtree_purge(struct rb_root *root);
|
tcp: use an RB tree for ooo receive queue
Over the years, TCP BDP has increased by several orders of magnitude,
and some people are considering to reach the 2 Gbytes limit.
Even with current window scale limit of 14, ~1 Gbytes maps to ~740,000
MSS.
In presence of packet losses (or reorders), TCP stores incoming packets
into an out of order queue, and number of skbs sitting there waiting for
the missing packets to be received can be in the 10^5 range.
Most packets are appended to the tail of this queue, and when
packets can finally be transferred to receive queue, we scan the queue
from its head.
However, in presence of heavy losses, we might have to find an arbitrary
point in this queue, involving a linear scan for every incoming packet,
throwing away cpu caches.
This patch converts it to a RB tree, to get bounded latencies.
Yaogong wrote a preliminary patch about 2 years ago.
Eric did the rebase, added ofo_last_skb cache, polishing and tests.
Tested with network dropping between 1 and 10 % packets, with good
success (about 30 % increase of throughput in stress tests)
Next step would be to also use an RB tree for the write queue at sender
side ;)
Signed-off-by: Yaogong Wang <wygivan@google.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Yuchung Cheng <ycheng@google.com>
Cc: Neal Cardwell <ncardwell@google.com>
Cc: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Acked-By: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-09-08 00:49:28 +03:00
|
|
|
|
2021-02-04 13:56:36 +03:00
|
|
|
void *__netdev_alloc_frag_align(unsigned int fragsz, unsigned int align_mask);
|
|
|
|
|
|
|
|
/**
|
|
|
|
* netdev_alloc_frag - allocate a page fragment
|
|
|
|
* @fragsz: fragment size
|
|
|
|
*
|
|
|
|
* Allocates a frag from a page for receive buffer.
|
|
|
|
* Uses GFP_ATOMIC allocations.
|
|
|
|
*/
|
|
|
|
static inline void *netdev_alloc_frag(unsigned int fragsz)
|
|
|
|
{
|
|
|
|
return __netdev_alloc_frag_align(fragsz, ~0u);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void *netdev_alloc_frag_align(unsigned int fragsz,
|
|
|
|
unsigned int align)
|
|
|
|
{
|
|
|
|
WARN_ON_ONCE(!is_power_of_2(align));
|
|
|
|
return __netdev_alloc_frag_align(fragsz, -align);
|
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *__netdev_alloc_skb(struct net_device *dev, unsigned int length,
|
|
|
|
gfp_t gfp_mask);
|
2006-08-01 09:35:23 +04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* netdev_alloc_skb - allocate an skbuff for rx on a specific device
|
|
|
|
* @dev: network device to receive on
|
|
|
|
* @length: length to allocate
|
|
|
|
*
|
|
|
|
* Allocate a new &sk_buff and assign it a usage count of one. The
|
|
|
|
* buffer has unspecified headroom built in. Users should allocate
|
|
|
|
* the headroom they think they need without accounting for the
|
|
|
|
* built in space. The built in space is used for optimisations.
|
|
|
|
*
|
|
|
|
* %NULL is returned if there is no free memory. Although this function
|
|
|
|
* allocates memory it can be called from an interrupt.
|
|
|
|
*/
|
|
|
|
static inline struct sk_buff *netdev_alloc_skb(struct net_device *dev,
|
2012-05-18 09:12:12 +04:00
|
|
|
unsigned int length)
|
2006-08-01 09:35:23 +04:00
|
|
|
{
|
|
|
|
return __netdev_alloc_skb(dev, length, GFP_ATOMIC);
|
|
|
|
}
|
|
|
|
|
2012-05-18 09:12:12 +04:00
|
|
|
/* legacy helper around __netdev_alloc_skb() */
|
|
|
|
static inline struct sk_buff *__dev_alloc_skb(unsigned int length,
|
|
|
|
gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
return __netdev_alloc_skb(NULL, length, gfp_mask);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* legacy helper around netdev_alloc_skb() */
|
|
|
|
static inline struct sk_buff *dev_alloc_skb(unsigned int length)
|
|
|
|
{
|
|
|
|
return netdev_alloc_skb(NULL, length);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2011-07-12 07:08:34 +04:00
|
|
|
static inline struct sk_buff *__netdev_alloc_skb_ip_align(struct net_device *dev,
|
|
|
|
unsigned int length, gfp_t gfp)
|
2009-10-07 21:11:23 +04:00
|
|
|
{
|
2011-07-12 07:08:34 +04:00
|
|
|
struct sk_buff *skb = __netdev_alloc_skb(dev, length + NET_IP_ALIGN, gfp);
|
2009-10-07 21:11:23 +04:00
|
|
|
|
|
|
|
if (NET_IP_ALIGN && skb)
|
|
|
|
skb_reserve(skb, NET_IP_ALIGN);
|
|
|
|
return skb;
|
|
|
|
}
|
|
|
|
|
2011-07-12 07:08:34 +04:00
|
|
|
static inline struct sk_buff *netdev_alloc_skb_ip_align(struct net_device *dev,
|
|
|
|
unsigned int length)
|
|
|
|
{
|
|
|
|
return __netdev_alloc_skb_ip_align(dev, length, GFP_ATOMIC);
|
|
|
|
}
|
|
|
|
|
2015-05-07 07:12:03 +03:00
|
|
|
static inline void skb_free_frag(void *addr)
|
|
|
|
{
|
2017-01-11 03:58:06 +03:00
|
|
|
page_frag_free(addr);
|
2015-05-07 07:12:03 +03:00
|
|
|
}
|
|
|
|
|
2021-02-04 13:56:36 +03:00
|
|
|
void *__napi_alloc_frag_align(unsigned int fragsz, unsigned int align_mask);
|
|
|
|
|
|
|
|
static inline void *napi_alloc_frag(unsigned int fragsz)
|
|
|
|
{
|
|
|
|
return __napi_alloc_frag_align(fragsz, ~0u);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void *napi_alloc_frag_align(unsigned int fragsz,
|
|
|
|
unsigned int align)
|
|
|
|
{
|
|
|
|
WARN_ON_ONCE(!is_power_of_2(align));
|
|
|
|
return __napi_alloc_frag_align(fragsz, -align);
|
|
|
|
}
|
|
|
|
|
2014-12-10 06:40:49 +03:00
|
|
|
struct sk_buff *__napi_alloc_skb(struct napi_struct *napi,
|
|
|
|
unsigned int length, gfp_t gfp_mask);
|
|
|
|
static inline struct sk_buff *napi_alloc_skb(struct napi_struct *napi,
|
|
|
|
unsigned int length)
|
|
|
|
{
|
|
|
|
return __napi_alloc_skb(napi, length, GFP_ATOMIC);
|
|
|
|
}
|
2016-02-08 15:14:59 +03:00
|
|
|
void napi_consume_skb(struct sk_buff *skb, int budget);
|
|
|
|
|
2021-02-13 17:13:09 +03:00
|
|
|
void napi_skb_free_stolen_head(struct sk_buff *skb);
|
2016-02-08 15:15:04 +03:00
|
|
|
void __kfree_skb_defer(struct sk_buff *skb);
|
2014-12-10 06:40:42 +03:00
|
|
|
|
2014-11-11 20:26:34 +03:00
|
|
|
/**
|
|
|
|
* __dev_alloc_pages - allocate page for network Rx
|
|
|
|
* @gfp_mask: allocation priority. Set __GFP_NOMEMALLOC if not for network Rx
|
|
|
|
* @order: size of the allocation
|
|
|
|
*
|
|
|
|
* Allocate a new page.
|
|
|
|
*
|
|
|
|
* %NULL is returned if there is no free memory.
|
|
|
|
*/
|
|
|
|
static inline struct page *__dev_alloc_pages(gfp_t gfp_mask,
|
|
|
|
unsigned int order)
|
|
|
|
{
|
|
|
|
/* This piece of code contains several assumptions.
|
|
|
|
* 1. This is for device Rx, therefor a cold page is preferred.
|
|
|
|
* 2. The expectation is the user wants a compound page.
|
|
|
|
* 3. If requesting a order 0 page it will not be compound
|
|
|
|
* due to the check to see if order has a value in prep_new_page
|
|
|
|
* 4. __GFP_MEMALLOC is ignored if __GFP_NOMEMALLOC is set due to
|
|
|
|
* code in gfp_to_alloc_flags that should be enforcing this.
|
|
|
|
*/
|
2017-11-16 04:38:03 +03:00
|
|
|
gfp_mask |= __GFP_COMP | __GFP_MEMALLOC;
|
2014-11-11 20:26:34 +03:00
|
|
|
|
|
|
|
return alloc_pages_node(NUMA_NO_NODE, gfp_mask, order);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline struct page *dev_alloc_pages(unsigned int order)
|
|
|
|
{
|
2016-05-19 18:30:54 +03:00
|
|
|
return __dev_alloc_pages(GFP_ATOMIC | __GFP_NOWARN, order);
|
2014-11-11 20:26:34 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* __dev_alloc_page - allocate a page for network Rx
|
|
|
|
* @gfp_mask: allocation priority. Set __GFP_NOMEMALLOC if not for network Rx
|
|
|
|
*
|
|
|
|
* Allocate a new page.
|
|
|
|
*
|
|
|
|
* %NULL is returned if there is no free memory.
|
|
|
|
*/
|
|
|
|
static inline struct page *__dev_alloc_page(gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
return __dev_alloc_pages(gfp_mask, 0);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline struct page *dev_alloc_page(void)
|
|
|
|
{
|
2016-05-19 18:30:54 +03:00
|
|
|
return dev_alloc_pages(0);
|
2014-11-11 20:26:34 +03:00
|
|
|
}
|
|
|
|
|
2021-02-02 16:31:21 +03:00
|
|
|
/**
|
|
|
|
* dev_page_is_reusable - check whether a page can be reused for network Rx
|
|
|
|
* @page: the page to test
|
|
|
|
*
|
|
|
|
* A page shouldn't be considered for reusing/recycling if it was allocated
|
|
|
|
* under memory pressure or at a distant memory node.
|
|
|
|
*
|
|
|
|
* Returns false if this page should be returned to page allocator, true
|
|
|
|
* otherwise.
|
|
|
|
*/
|
|
|
|
static inline bool dev_page_is_reusable(const struct page *page)
|
|
|
|
{
|
|
|
|
return likely(page_to_nid(page) == numa_mem_id() &&
|
|
|
|
!page_is_pfmemalloc(page));
|
|
|
|
}
|
|
|
|
|
2012-08-01 03:44:24 +04:00
|
|
|
/**
|
|
|
|
* skb_propagate_pfmemalloc - Propagate pfmemalloc if skb is allocated after RX page
|
|
|
|
* @page: The page that was allocated from skb_alloc_page
|
|
|
|
* @skb: The skb that may need pfmemalloc set
|
|
|
|
*/
|
2021-02-02 16:31:05 +03:00
|
|
|
static inline void skb_propagate_pfmemalloc(const struct page *page,
|
|
|
|
struct sk_buff *skb)
|
2012-08-01 03:44:24 +04:00
|
|
|
{
|
2015-08-22 00:11:51 +03:00
|
|
|
if (page_is_pfmemalloc(page))
|
2012-08-01 03:44:24 +04:00
|
|
|
skb->pfmemalloc = true;
|
|
|
|
}
|
|
|
|
|
2019-07-30 17:40:32 +03:00
|
|
|
/**
|
|
|
|
* skb_frag_off() - Returns the offset of a skb fragment
|
|
|
|
* @frag: the paged fragment
|
|
|
|
*/
|
|
|
|
static inline unsigned int skb_frag_off(const skb_frag_t *frag)
|
|
|
|
{
|
2019-07-30 17:40:34 +03:00
|
|
|
return frag->bv_offset;
|
2019-07-30 17:40:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_off_add() - Increments the offset of a skb fragment by @delta
|
|
|
|
* @frag: skb fragment
|
|
|
|
* @delta: value to add
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_off_add(skb_frag_t *frag, int delta)
|
|
|
|
{
|
2019-07-30 17:40:34 +03:00
|
|
|
frag->bv_offset += delta;
|
2019-07-30 17:40:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_off_set() - Sets the offset of a skb fragment
|
|
|
|
* @frag: skb fragment
|
|
|
|
* @offset: offset of fragment
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_off_set(skb_frag_t *frag, unsigned int offset)
|
|
|
|
{
|
2019-07-30 17:40:34 +03:00
|
|
|
frag->bv_offset = offset;
|
2019-07-30 17:40:32 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_off_copy() - Sets the offset of a skb fragment from another fragment
|
|
|
|
* @fragto: skb fragment where offset is set
|
|
|
|
* @fragfrom: skb fragment offset is copied from
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_off_copy(skb_frag_t *fragto,
|
|
|
|
const skb_frag_t *fragfrom)
|
|
|
|
{
|
2019-07-30 17:40:34 +03:00
|
|
|
fragto->bv_offset = fragfrom->bv_offset;
|
2019-07-30 17:40:32 +03:00
|
|
|
}
|
|
|
|
|
2011-08-19 10:25:00 +04:00
|
|
|
/**
|
2014-02-18 17:54:36 +04:00
|
|
|
* skb_frag_page - retrieve the page referred to by a paged fragment
|
2011-08-19 10:25:00 +04:00
|
|
|
* @frag: the paged fragment
|
|
|
|
*
|
|
|
|
* Returns the &struct page associated with @frag.
|
|
|
|
*/
|
|
|
|
static inline struct page *skb_frag_page(const skb_frag_t *frag)
|
|
|
|
{
|
2019-07-23 06:08:29 +03:00
|
|
|
return frag->bv_page;
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* __skb_frag_ref - take an addition reference on a paged fragment.
|
|
|
|
* @frag: the paged fragment
|
|
|
|
*
|
|
|
|
* Takes an additional reference on the paged fragment @frag.
|
|
|
|
*/
|
|
|
|
static inline void __skb_frag_ref(skb_frag_t *frag)
|
|
|
|
{
|
|
|
|
get_page(skb_frag_page(frag));
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_ref - take an addition reference on a paged fragment of an skb.
|
|
|
|
* @skb: the buffer
|
|
|
|
* @f: the fragment offset.
|
|
|
|
*
|
|
|
|
* Takes an additional reference on the @f'th paged fragment of @skb.
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_ref(struct sk_buff *skb, int f)
|
|
|
|
{
|
|
|
|
__skb_frag_ref(&skb_shinfo(skb)->frags[f]);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* __skb_frag_unref - release a reference on a paged fragment.
|
|
|
|
* @frag: the paged fragment
|
2021-06-07 22:02:37 +03:00
|
|
|
* @recycle: recycle the page if allocated via page_pool
|
2011-08-19 10:25:00 +04:00
|
|
|
*
|
2021-06-07 22:02:37 +03:00
|
|
|
* Releases a reference on the paged fragment @frag
|
|
|
|
* or recycles the page via the page_pool API.
|
2011-08-19 10:25:00 +04:00
|
|
|
*/
|
2021-06-07 22:02:37 +03:00
|
|
|
static inline void __skb_frag_unref(skb_frag_t *frag, bool recycle)
|
2011-08-19 10:25:00 +04:00
|
|
|
{
|
2021-06-07 22:02:38 +03:00
|
|
|
struct page *page = skb_frag_page(frag);
|
|
|
|
|
|
|
|
#ifdef CONFIG_PAGE_POOL
|
|
|
|
if (recycle && page_pool_return_skb_page(page))
|
|
|
|
return;
|
|
|
|
#endif
|
|
|
|
put_page(page);
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_unref - release a reference on a paged fragment of an skb.
|
|
|
|
* @skb: the buffer
|
|
|
|
* @f: the fragment offset
|
|
|
|
*
|
|
|
|
* Releases a reference on the @f'th paged fragment of @skb.
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_unref(struct sk_buff *skb, int f)
|
|
|
|
{
|
2021-06-07 22:02:38 +03:00
|
|
|
__skb_frag_unref(&skb_shinfo(skb)->frags[f], skb->pp_recycle);
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_address - gets the address of the data contained in a paged fragment
|
|
|
|
* @frag: the paged fragment buffer
|
|
|
|
*
|
|
|
|
* Returns the address of the data within @frag. The page must already
|
|
|
|
* be mapped.
|
|
|
|
*/
|
|
|
|
static inline void *skb_frag_address(const skb_frag_t *frag)
|
|
|
|
{
|
2019-07-30 17:40:32 +03:00
|
|
|
return page_address(skb_frag_page(frag)) + skb_frag_off(frag);
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_address_safe - gets the address of the data contained in a paged fragment
|
|
|
|
* @frag: the paged fragment buffer
|
|
|
|
*
|
|
|
|
* Returns the address of the data within @frag. Checks that the page
|
|
|
|
* is mapped and returns %NULL otherwise.
|
|
|
|
*/
|
|
|
|
static inline void *skb_frag_address_safe(const skb_frag_t *frag)
|
|
|
|
{
|
|
|
|
void *ptr = page_address(skb_frag_page(frag));
|
|
|
|
if (unlikely(!ptr))
|
|
|
|
return NULL;
|
|
|
|
|
2019-07-30 17:40:32 +03:00
|
|
|
return ptr + skb_frag_off(frag);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_page_copy() - sets the page in a fragment from another fragment
|
|
|
|
* @fragto: skb fragment where page is set
|
|
|
|
* @fragfrom: skb fragment page is copied from
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_page_copy(skb_frag_t *fragto,
|
|
|
|
const skb_frag_t *fragfrom)
|
|
|
|
{
|
|
|
|
fragto->bv_page = fragfrom->bv_page;
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* __skb_frag_set_page - sets the page contained in a paged fragment
|
|
|
|
* @frag: the paged fragment
|
|
|
|
* @page: the page to set
|
|
|
|
*
|
|
|
|
* Sets the fragment @frag to contain @page.
|
|
|
|
*/
|
|
|
|
static inline void __skb_frag_set_page(skb_frag_t *frag, struct page *page)
|
|
|
|
{
|
2019-07-23 06:08:29 +03:00
|
|
|
frag->bv_page = page;
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_frag_set_page - sets the page contained in a paged fragment of an skb
|
|
|
|
* @skb: the buffer
|
|
|
|
* @f: the fragment offset
|
|
|
|
* @page: the page to set
|
|
|
|
*
|
|
|
|
* Sets the @f'th fragment of @skb to contain @page.
|
|
|
|
*/
|
|
|
|
static inline void skb_frag_set_page(struct sk_buff *skb, int f,
|
|
|
|
struct page *page)
|
|
|
|
{
|
|
|
|
__skb_frag_set_page(&skb_shinfo(skb)->frags[f], page);
|
|
|
|
}
|
|
|
|
|
2013-10-18 03:27:07 +04:00
|
|
|
bool skb_page_frag_refill(unsigned int sz, struct page_frag *pfrag, gfp_t prio);
|
|
|
|
|
2011-08-19 10:25:00 +04:00
|
|
|
/**
|
|
|
|
* skb_frag_dma_map - maps a paged fragment via the DMA API
|
2011-10-31 19:11:45 +04:00
|
|
|
* @dev: the device to map the fragment to
|
2011-08-19 10:25:00 +04:00
|
|
|
* @frag: the paged fragment to map
|
|
|
|
* @offset: the offset within the fragment (starting at the
|
|
|
|
* fragment's own offset)
|
|
|
|
* @size: the number of bytes to map
|
2017-05-12 15:19:29 +03:00
|
|
|
* @dir: the direction of the mapping (``PCI_DMA_*``)
|
2011-08-19 10:25:00 +04:00
|
|
|
*
|
|
|
|
* Maps the page associated with @frag to @device.
|
|
|
|
*/
|
|
|
|
static inline dma_addr_t skb_frag_dma_map(struct device *dev,
|
|
|
|
const skb_frag_t *frag,
|
|
|
|
size_t offset, size_t size,
|
|
|
|
enum dma_data_direction dir)
|
|
|
|
{
|
|
|
|
return dma_map_page(dev, skb_frag_page(frag),
|
2019-07-30 17:40:32 +03:00
|
|
|
skb_frag_off(frag) + offset, size, dir);
|
2011-08-19 10:25:00 +04:00
|
|
|
}
|
|
|
|
|
2011-12-04 01:39:53 +04:00
|
|
|
static inline struct sk_buff *pskb_copy(struct sk_buff *skb,
|
|
|
|
gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
return __pskb_copy(skb, skb_headroom(skb), gfp_mask);
|
|
|
|
}
|
|
|
|
|
2014-06-12 02:36:26 +04:00
|
|
|
|
|
|
|
static inline struct sk_buff *pskb_copy_for_clone(struct sk_buff *skb,
|
|
|
|
gfp_t gfp_mask)
|
|
|
|
{
|
|
|
|
return __pskb_copy_fclone(skb, skb_headroom(skb), gfp_mask, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
[SKBUFF]: Keep track of writable header len of headerless clones
Currently NAT (and others) that want to modify cloned skbs copy them,
even if in the vast majority of cases its not necessary because the
skb is a clone made by TCP and the portion NAT wants to modify is
actually writable because TCP release the header reference before
cloning.
The problem is that there is no clean way for NAT to find out how
long the writable header area is, so this patch introduces skb->hdr_len
to hold this length. When a headerless skb is cloned skb->hdr_len
is set to the current headroom, for regular clones it is copied from
the original. A new function skb_clone_writable(skb, len) returns
whether the skb is writable up to len bytes from skb->data. To avoid
enlarging the skb the mac_len field is reduced to 16 bit and the
new hdr_len field is put in the remaining 16 bit.
I've done a few rough benchmarks of NAT (not with this exact patch,
but a very similar one). As expected it saves huge amounts of system
time in case of sendfile, bringing it down to basically the same
amount as without NAT, with sendmsg it only helps on loopback,
probably because of the large MTU.
Transmit a 1GB file using sendfile/sendmsg over eth0/lo with and
without NAT:
- sendfile eth0, no NAT: sys 0m0.388s
- sendfile eth0, NAT: sys 0m1.835s
- sendfile eth0: NAT + path: sys 0m0.370s (~ -80%)
- sendfile lo, no NAT: sys 0m0.258s
- sendfile lo, NAT: sys 0m2.609s
- sendfile lo, NAT + patch: sys 0m0.260s (~ -90%)
- sendmsg eth0, no NAT: sys 0m2.508s
- sendmsg eth0, NAT: sys 0m2.539s
- sendmsg eth0, NAT + patch: sys 0m2.445s (no change)
- sendmsg lo, no NAT: sys 0m2.151s
- sendmsg lo, NAT: sys 0m3.557s
- sendmsg lo, NAT + patch: sys 0m2.159s (~ -40%)
I expect other users can see a similar performance improvement,
packet mangling iptables targets, ipip and ip_gre come to mind ..
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-25 15:35:20 +04:00
|
|
|
/**
|
|
|
|
* skb_clone_writable - is the header of a clone writable
|
|
|
|
* @skb: buffer to check
|
|
|
|
* @len: length up to which to write
|
|
|
|
*
|
|
|
|
* Returns true if modifying the header part of the cloned buffer
|
|
|
|
* does not requires the data to be copied.
|
|
|
|
*/
|
2011-10-21 01:45:43 +04:00
|
|
|
static inline int skb_clone_writable(const struct sk_buff *skb, unsigned int len)
|
[SKBUFF]: Keep track of writable header len of headerless clones
Currently NAT (and others) that want to modify cloned skbs copy them,
even if in the vast majority of cases its not necessary because the
skb is a clone made by TCP and the portion NAT wants to modify is
actually writable because TCP release the header reference before
cloning.
The problem is that there is no clean way for NAT to find out how
long the writable header area is, so this patch introduces skb->hdr_len
to hold this length. When a headerless skb is cloned skb->hdr_len
is set to the current headroom, for regular clones it is copied from
the original. A new function skb_clone_writable(skb, len) returns
whether the skb is writable up to len bytes from skb->data. To avoid
enlarging the skb the mac_len field is reduced to 16 bit and the
new hdr_len field is put in the remaining 16 bit.
I've done a few rough benchmarks of NAT (not with this exact patch,
but a very similar one). As expected it saves huge amounts of system
time in case of sendfile, bringing it down to basically the same
amount as without NAT, with sendmsg it only helps on loopback,
probably because of the large MTU.
Transmit a 1GB file using sendfile/sendmsg over eth0/lo with and
without NAT:
- sendfile eth0, no NAT: sys 0m0.388s
- sendfile eth0, NAT: sys 0m1.835s
- sendfile eth0: NAT + path: sys 0m0.370s (~ -80%)
- sendfile lo, no NAT: sys 0m0.258s
- sendfile lo, NAT: sys 0m2.609s
- sendfile lo, NAT + patch: sys 0m0.260s (~ -90%)
- sendmsg eth0, no NAT: sys 0m2.508s
- sendmsg eth0, NAT: sys 0m2.539s
- sendmsg eth0, NAT + patch: sys 0m2.445s (no change)
- sendmsg lo, no NAT: sys 0m2.151s
- sendmsg lo, NAT: sys 0m3.557s
- sendmsg lo, NAT + patch: sys 0m2.159s (~ -40%)
I expect other users can see a similar performance improvement,
packet mangling iptables targets, ipip and ip_gre come to mind ..
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-06-25 15:35:20 +04:00
|
|
|
{
|
|
|
|
return !skb_header_cloned(skb) &&
|
|
|
|
skb_headroom(skb) + len <= skb->hdr_len;
|
|
|
|
}
|
|
|
|
|
2016-02-20 01:05:25 +03:00
|
|
|
static inline int skb_try_make_writable(struct sk_buff *skb,
|
|
|
|
unsigned int write_len)
|
|
|
|
{
|
|
|
|
return skb_cloned(skb) && !skb_clone_writable(skb, write_len) &&
|
|
|
|
pskb_expand_head(skb, 0, 0, GFP_ATOMIC);
|
|
|
|
}
|
|
|
|
|
2007-09-17 03:21:16 +04:00
|
|
|
static inline int __skb_cow(struct sk_buff *skb, unsigned int headroom,
|
|
|
|
int cloned)
|
|
|
|
{
|
|
|
|
int delta = 0;
|
|
|
|
|
|
|
|
if (headroom > skb_headroom(skb))
|
|
|
|
delta = headroom - skb_headroom(skb);
|
|
|
|
|
|
|
|
if (delta || cloned)
|
|
|
|
return pskb_expand_head(skb, ALIGN(delta, NET_SKB_PAD), 0,
|
|
|
|
GFP_ATOMIC);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_cow - copy header of skb when it is required
|
|
|
|
* @skb: buffer to cow
|
|
|
|
* @headroom: needed headroom
|
|
|
|
*
|
|
|
|
* If the skb passed lacks sufficient headroom or its data part
|
|
|
|
* is shared, data is reallocated. If reallocation fails, an error
|
|
|
|
* is returned and original skb is not changed.
|
|
|
|
*
|
|
|
|
* The result is skb with writable area skb->head...skb->tail
|
|
|
|
* and at least @headroom of space at head.
|
|
|
|
*/
|
|
|
|
static inline int skb_cow(struct sk_buff *skb, unsigned int headroom)
|
|
|
|
{
|
2007-09-17 03:21:16 +04:00
|
|
|
return __skb_cow(skb, headroom, skb_cloned(skb));
|
|
|
|
}
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2007-09-17 03:21:16 +04:00
|
|
|
/**
|
|
|
|
* skb_cow_head - skb_cow but only making the head writable
|
|
|
|
* @skb: buffer to cow
|
|
|
|
* @headroom: needed headroom
|
|
|
|
*
|
|
|
|
* This function is identical to skb_cow except that we replace the
|
|
|
|
* skb_cloned check by skb_header_cloned. It should be used when
|
|
|
|
* you only need to push on some header and do not need to modify
|
|
|
|
* the data.
|
|
|
|
*/
|
|
|
|
static inline int skb_cow_head(struct sk_buff *skb, unsigned int headroom)
|
|
|
|
{
|
|
|
|
return __skb_cow(skb, headroom, skb_header_cloned(skb));
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_padto - pad an skbuff up to a minimal size
|
|
|
|
* @skb: buffer to pad
|
|
|
|
* @len: minimal length
|
|
|
|
*
|
|
|
|
* Pads up a buffer to ensure the trailing bytes exist and are
|
|
|
|
* blanked. If the buffer already contains sufficient data it
|
2006-06-23 13:06:41 +04:00
|
|
|
* is untouched. Otherwise it is extended. Returns zero on
|
|
|
|
* success. The skb is freed on error.
|
2005-04-17 02:20:36 +04:00
|
|
|
*/
|
2006-06-23 13:06:41 +04:00
|
|
|
static inline int skb_padto(struct sk_buff *skb, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
unsigned int size = skb->len;
|
|
|
|
if (likely(size >= len))
|
2006-06-23 13:06:41 +04:00
|
|
|
return 0;
|
2008-08-12 05:17:17 +04:00
|
|
|
return skb_pad(skb, len - size);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2014-12-03 19:17:33 +03:00
|
|
|
/**
|
2019-02-12 00:02:25 +03:00
|
|
|
* __skb_put_padto - increase size and pad an skbuff up to a minimal size
|
2014-12-03 19:17:33 +03:00
|
|
|
* @skb: buffer to pad
|
|
|
|
* @len: minimal length
|
2017-08-23 01:12:14 +03:00
|
|
|
* @free_on_error: free buffer on error
|
2014-12-03 19:17:33 +03:00
|
|
|
*
|
|
|
|
* Pads up a buffer to ensure the trailing bytes exist and are
|
|
|
|
* blanked. If the buffer already contains sufficient data it
|
|
|
|
* is untouched. Otherwise it is extended. Returns zero on
|
2017-08-23 01:12:14 +03:00
|
|
|
* success. The skb is freed on error if @free_on_error is true.
|
2014-12-03 19:17:33 +03:00
|
|
|
*/
|
2020-09-09 11:27:40 +03:00
|
|
|
static inline int __must_check __skb_put_padto(struct sk_buff *skb,
|
|
|
|
unsigned int len,
|
|
|
|
bool free_on_error)
|
2014-12-03 19:17:33 +03:00
|
|
|
{
|
|
|
|
unsigned int size = skb->len;
|
|
|
|
|
|
|
|
if (unlikely(size < len)) {
|
|
|
|
len -= size;
|
2017-08-23 01:12:14 +03:00
|
|
|
if (__skb_pad(skb, len, free_on_error))
|
2014-12-03 19:17:33 +03:00
|
|
|
return -ENOMEM;
|
|
|
|
__skb_put(skb, len);
|
|
|
|
}
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-08-23 01:12:14 +03:00
|
|
|
/**
|
|
|
|
* skb_put_padto - increase size and pad an skbuff up to a minimal size
|
|
|
|
* @skb: buffer to pad
|
|
|
|
* @len: minimal length
|
|
|
|
*
|
|
|
|
* Pads up a buffer to ensure the trailing bytes exist and are
|
|
|
|
* blanked. If the buffer already contains sufficient data it
|
|
|
|
* is untouched. Otherwise it is extended. Returns zero on
|
|
|
|
* success. The skb is freed on error.
|
|
|
|
*/
|
2020-09-09 11:27:40 +03:00
|
|
|
static inline int __must_check skb_put_padto(struct sk_buff *skb, unsigned int len)
|
2017-08-23 01:12:14 +03:00
|
|
|
{
|
|
|
|
return __skb_put_padto(skb, len, true);
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
static inline int skb_add_data(struct sk_buff *skb,
|
2014-11-28 05:44:24 +03:00
|
|
|
struct iov_iter *from, int copy)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
|
|
|
const int off = skb->len;
|
|
|
|
|
|
|
|
if (skb->ip_summed == CHECKSUM_NONE) {
|
2014-11-28 05:44:24 +03:00
|
|
|
__wsum csum = 0;
|
2016-11-02 05:42:45 +03:00
|
|
|
if (csum_and_copy_from_iter_full(skb_put(skb, copy), copy,
|
|
|
|
&csum, from)) {
|
2005-04-17 02:20:36 +04:00
|
|
|
skb->csum = csum_block_add(skb->csum, csum, off);
|
|
|
|
return 0;
|
|
|
|
}
|
2016-11-02 05:42:45 +03:00
|
|
|
} else if (copy_from_iter_full(skb_put(skb, copy), copy, from))
|
2005-04-17 02:20:36 +04:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
__skb_trim(skb, off);
|
|
|
|
return -EFAULT;
|
|
|
|
}
|
|
|
|
|
2012-04-23 21:48:27 +04:00
|
|
|
static inline bool skb_can_coalesce(struct sk_buff *skb, int i,
|
|
|
|
const struct page *page, int off)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
sock: enable MSG_ZEROCOPY
Prepare the datapath for refcounted ubuf_info. Clone ubuf_info with
skb_zerocopy_clone() wherever needed due to skb split, merge, resize
or clone.
Split skb_orphan_frags into two variants. The split, merge, .. paths
support reference counted zerocopy buffers, so do not do a deep copy.
Add skb_orphan_frags_rx for paths that may loop packets to receive
sockets. That is not allowed, as it may cause unbounded latency.
Deep copy all zerocopy copy buffers, ref-counted or not, in this path.
The exact locations to modify were chosen by exhaustively searching
through all code that might modify skb_frag references and/or the
the SKBTX_DEV_ZEROCOPY tx_flags bit.
The changes err on the safe side, in two ways.
(1) legacy ubuf_info paths virtio and tap are not modified. They keep
a 1:1 ubuf_info to sk_buff relationship. Calls to skb_orphan_frags
still call skb_copy_ubufs and thus copy frags in this case.
(2) not all copies deep in the stack are addressed yet. skb_shift,
skb_split and skb_try_coalesce can be refined to avoid copying.
These are not in the hot path and this patch is hairy enough as
is, so that is left for future refinement.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-08-03 23:29:41 +03:00
|
|
|
if (skb_zcopy(skb))
|
|
|
|
return false;
|
2005-04-17 02:20:36 +04:00
|
|
|
if (i) {
|
2019-07-23 06:08:26 +03:00
|
|
|
const skb_frag_t *frag = &skb_shinfo(skb)->frags[i - 1];
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2011-08-23 03:44:58 +04:00
|
|
|
return page == skb_frag_page(frag) &&
|
2019-07-30 17:40:32 +03:00
|
|
|
off == skb_frag_off(frag) + skb_frag_size(frag);
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
2012-04-23 21:48:27 +04:00
|
|
|
return false;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
2006-06-10 03:10:40 +04:00
|
|
|
static inline int __skb_linearize(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return __pskb_pull_tail(skb, skb->data_len) ? 0 : -ENOMEM;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_linearize - convert paged skb to linear one
|
|
|
|
* @skb: buffer to linarize
|
|
|
|
*
|
|
|
|
* If there is no free memory -ENOMEM is returned, otherwise zero
|
|
|
|
* is returned and the old skb data released.
|
|
|
|
*/
|
2006-06-10 03:10:40 +04:00
|
|
|
static inline int skb_linearize(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_is_nonlinear(skb) ? __skb_linearize(skb) : 0;
|
|
|
|
}
|
|
|
|
|
2013-01-26 00:34:37 +04:00
|
|
|
/**
|
|
|
|
* skb_has_shared_frag - can any frag be overwritten
|
|
|
|
* @skb: buffer to test
|
|
|
|
*
|
|
|
|
* Return true if the skb has at least one frag that might be modified
|
|
|
|
* by an external entity (as in vmsplice()/sendfile())
|
|
|
|
*/
|
|
|
|
static inline bool skb_has_shared_frag(const struct sk_buff *skb)
|
|
|
|
{
|
2013-02-11 13:27:41 +04:00
|
|
|
return skb_is_nonlinear(skb) &&
|
2021-01-07 01:18:38 +03:00
|
|
|
skb_shinfo(skb)->flags & SKBFL_SHARED_FRAG;
|
2013-01-26 00:34:37 +04:00
|
|
|
}
|
|
|
|
|
2006-06-10 03:10:40 +04:00
|
|
|
/**
|
|
|
|
* skb_linearize_cow - make sure skb is linear and writable
|
|
|
|
* @skb: buffer to process
|
|
|
|
*
|
|
|
|
* If there is no free memory -ENOMEM is returned, otherwise zero
|
|
|
|
* is returned and the old skb data released.
|
|
|
|
*/
|
|
|
|
static inline int skb_linearize_cow(struct sk_buff *skb)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2006-06-10 03:10:40 +04:00
|
|
|
return skb_is_nonlinear(skb) || skb_cloned(skb) ?
|
|
|
|
__skb_linearize(skb) : 0;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
bpf: fix checksum fixups on bpf_skb_store_bytes
bpf_skb_store_bytes() invocations above L2 header need BPF_F_RECOMPUTE_CSUM
flag for updates, so that CHECKSUM_COMPLETE will be fixed up along the way.
Where we ran into an issue with bpf_skb_store_bytes() is when we did a
single-byte update on the IPv6 hoplimit despite using BPF_F_RECOMPUTE_CSUM
flag; simple ping via ICMPv6 triggered a hw csum failure as a result. The
underlying issue has been tracked down to a buffer alignment issue.
Meaning, that csum_partial() computations via skb_postpull_rcsum() and
skb_postpush_rcsum() pair invoked had a wrong result since they operated on
an odd address for the hoplimit, while other computations were done on an
even address. This mix doesn't work as-is with skb_postpull_rcsum(),
skb_postpush_rcsum() pair as it always expects at least half-word alignment
of input buffers, which is normally the case. Thus, instead of these helpers
using csum_sub() and (implicitly) csum_add(), we need to use csum_block_sub(),
csum_block_add(), respectively. For unaligned offsets, they rotate the sum
to align it to a half-word boundary again, otherwise they work the same as
csum_sub() and csum_add().
Adding __skb_postpull_rcsum(), __skb_postpush_rcsum() variants that take the
offset as an input and adapting bpf_skb_store_bytes() to them fixes the hw
csum failures again. The skb_postpull_rcsum(), skb_postpush_rcsum() helpers
use a 0 constant for offset so that the compiler optimizes the offset & 1
test away and generates the same code as with csum_sub()/_add().
Fixes: 608cd71a9c7c ("tc: bpf: generalize pedit action")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-08-05 01:11:12 +03:00
|
|
|
static __always_inline void
|
|
|
|
__skb_postpull_rcsum(struct sk_buff *skb, const void *start, unsigned int len,
|
|
|
|
unsigned int off)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
|
|
skb->csum = csum_block_sub(skb->csum,
|
|
|
|
csum_partial(start, len, 0), off);
|
|
|
|
else if (skb->ip_summed == CHECKSUM_PARTIAL &&
|
|
|
|
skb_checksum_start_offset(skb) < 0)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
/**
|
|
|
|
* skb_postpull_rcsum - update checksum for received skb after pull
|
|
|
|
* @skb: buffer to update
|
|
|
|
* @start: start of data before pull
|
|
|
|
* @len: length of data pulled
|
|
|
|
*
|
|
|
|
* After doing a pull on a received packet, you need to call this to
|
2006-08-30 03:44:56 +04:00
|
|
|
* update the CHECKSUM_COMPLETE checksum, or set ip_summed to
|
|
|
|
* CHECKSUM_NONE so that it can be recomputed from scratch.
|
2005-04-17 02:20:36 +04:00
|
|
|
*/
|
|
|
|
static inline void skb_postpull_rcsum(struct sk_buff *skb,
|
2006-03-21 09:43:56 +03:00
|
|
|
const void *start, unsigned int len)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
net: optimize skb_postpull_rcsum()
Remove one pair of add/adc instructions and their dependency
against carry flag.
We can leverage third argument to csum_partial():
X = csum_block_sub(X, csum_partial(start, len, 0), 0);
-->
X = csum_block_add(X, ~csum_partial(start, len, 0), 0);
-->
X = ~csum_partial(start, len, ~X);
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-11-24 23:24:46 +03:00
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
net: fix recent csum changes
Vladimir reported csum issues after my recent change in skb_postpull_rcsum()
Issue here is the following:
initial skb->csum is the csum of
[part to be pulled][rest of packet]
Old code:
skb->csum = csum_sub(skb->csum, csum_partial(pull, pull_length, 0));
New code:
skb->csum = ~csum_partial(pull, pull_length, ~skb->csum);
This is broken if the csum of [pulled part]
happens to be equal to skb->csum, because end
result of skb->csum is 0 in new code, instead
of being 0xffffffff
David Laight suggested to use
skb->csum = -csum_partial(pull, pull_length, -skb->csum);
I based my patches on existing code present in include/net/seg6.h,
update_csum_diff4() and update_csum_diff16() which might need
a similar fix.
I guess that my tests, mostly pulling 40 bytes of IPv6 header
were not providing enough entropy to hit this bug.
v2: added wsum_negate() to make sparse happy.
Fixes: 29c3002644bd ("net: optimize skb_postpull_rcsum()")
Fixes: 0bd28476f636 ("gro: optimize skb_gro_postpull_rcsum()")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Suggested-by: David Laight <David.Laight@ACULAB.COM>
Cc: David Lebrun <dlebrun@google.com>
Tested-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Link: https://lore.kernel.org/r/20211204045356.3659278-1-eric.dumazet@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-12-04 07:53:56 +03:00
|
|
|
skb->csum = wsum_negate(csum_partial(start, len,
|
|
|
|
wsum_negate(skb->csum)));
|
net: optimize skb_postpull_rcsum()
Remove one pair of add/adc instructions and their dependency
against carry flag.
We can leverage third argument to csum_partial():
X = csum_block_sub(X, csum_partial(start, len, 0), 0);
-->
X = csum_block_add(X, ~csum_partial(start, len, 0), 0);
-->
X = ~csum_partial(start, len, ~X);
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2021-11-24 23:24:46 +03:00
|
|
|
else if (skb->ip_summed == CHECKSUM_PARTIAL &&
|
|
|
|
skb_checksum_start_offset(skb) < 0)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
|
|
|
|
bpf: fix checksum fixups on bpf_skb_store_bytes
bpf_skb_store_bytes() invocations above L2 header need BPF_F_RECOMPUTE_CSUM
flag for updates, so that CHECKSUM_COMPLETE will be fixed up along the way.
Where we ran into an issue with bpf_skb_store_bytes() is when we did a
single-byte update on the IPv6 hoplimit despite using BPF_F_RECOMPUTE_CSUM
flag; simple ping via ICMPv6 triggered a hw csum failure as a result. The
underlying issue has been tracked down to a buffer alignment issue.
Meaning, that csum_partial() computations via skb_postpull_rcsum() and
skb_postpush_rcsum() pair invoked had a wrong result since they operated on
an odd address for the hoplimit, while other computations were done on an
even address. This mix doesn't work as-is with skb_postpull_rcsum(),
skb_postpush_rcsum() pair as it always expects at least half-word alignment
of input buffers, which is normally the case. Thus, instead of these helpers
using csum_sub() and (implicitly) csum_add(), we need to use csum_block_sub(),
csum_block_add(), respectively. For unaligned offsets, they rotate the sum
to align it to a half-word boundary again, otherwise they work the same as
csum_sub() and csum_add().
Adding __skb_postpull_rcsum(), __skb_postpush_rcsum() variants that take the
offset as an input and adapting bpf_skb_store_bytes() to them fixes the hw
csum failures again. The skb_postpull_rcsum(), skb_postpush_rcsum() helpers
use a 0 constant for offset so that the compiler optimizes the offset & 1
test away and generates the same code as with csum_sub()/_add().
Fixes: 608cd71a9c7c ("tc: bpf: generalize pedit action")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-08-05 01:11:12 +03:00
|
|
|
static __always_inline void
|
|
|
|
__skb_postpush_rcsum(struct sk_buff *skb, const void *start, unsigned int len,
|
|
|
|
unsigned int off)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
|
|
skb->csum = csum_block_add(skb->csum,
|
|
|
|
csum_partial(start, len, 0), off);
|
|
|
|
}
|
2006-03-21 09:43:56 +03:00
|
|
|
|
bpf: fix checksum fixups on bpf_skb_store_bytes
bpf_skb_store_bytes() invocations above L2 header need BPF_F_RECOMPUTE_CSUM
flag for updates, so that CHECKSUM_COMPLETE will be fixed up along the way.
Where we ran into an issue with bpf_skb_store_bytes() is when we did a
single-byte update on the IPv6 hoplimit despite using BPF_F_RECOMPUTE_CSUM
flag; simple ping via ICMPv6 triggered a hw csum failure as a result. The
underlying issue has been tracked down to a buffer alignment issue.
Meaning, that csum_partial() computations via skb_postpull_rcsum() and
skb_postpush_rcsum() pair invoked had a wrong result since they operated on
an odd address for the hoplimit, while other computations were done on an
even address. This mix doesn't work as-is with skb_postpull_rcsum(),
skb_postpush_rcsum() pair as it always expects at least half-word alignment
of input buffers, which is normally the case. Thus, instead of these helpers
using csum_sub() and (implicitly) csum_add(), we need to use csum_block_sub(),
csum_block_add(), respectively. For unaligned offsets, they rotate the sum
to align it to a half-word boundary again, otherwise they work the same as
csum_sub() and csum_add().
Adding __skb_postpull_rcsum(), __skb_postpush_rcsum() variants that take the
offset as an input and adapting bpf_skb_store_bytes() to them fixes the hw
csum failures again. The skb_postpull_rcsum(), skb_postpush_rcsum() helpers
use a 0 constant for offset so that the compiler optimizes the offset & 1
test away and generates the same code as with csum_sub()/_add().
Fixes: 608cd71a9c7c ("tc: bpf: generalize pedit action")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-08-05 01:11:12 +03:00
|
|
|
/**
|
|
|
|
* skb_postpush_rcsum - update checksum for received skb after push
|
|
|
|
* @skb: buffer to update
|
|
|
|
* @start: start of data after push
|
|
|
|
* @len: length of data pushed
|
|
|
|
*
|
|
|
|
* After doing a push on a received packet, you need to call this to
|
|
|
|
* update the CHECKSUM_COMPLETE checksum.
|
|
|
|
*/
|
2016-01-07 17:50:23 +03:00
|
|
|
static inline void skb_postpush_rcsum(struct sk_buff *skb,
|
|
|
|
const void *start, unsigned int len)
|
|
|
|
{
|
bpf: fix checksum fixups on bpf_skb_store_bytes
bpf_skb_store_bytes() invocations above L2 header need BPF_F_RECOMPUTE_CSUM
flag for updates, so that CHECKSUM_COMPLETE will be fixed up along the way.
Where we ran into an issue with bpf_skb_store_bytes() is when we did a
single-byte update on the IPv6 hoplimit despite using BPF_F_RECOMPUTE_CSUM
flag; simple ping via ICMPv6 triggered a hw csum failure as a result. The
underlying issue has been tracked down to a buffer alignment issue.
Meaning, that csum_partial() computations via skb_postpull_rcsum() and
skb_postpush_rcsum() pair invoked had a wrong result since they operated on
an odd address for the hoplimit, while other computations were done on an
even address. This mix doesn't work as-is with skb_postpull_rcsum(),
skb_postpush_rcsum() pair as it always expects at least half-word alignment
of input buffers, which is normally the case. Thus, instead of these helpers
using csum_sub() and (implicitly) csum_add(), we need to use csum_block_sub(),
csum_block_add(), respectively. For unaligned offsets, they rotate the sum
to align it to a half-word boundary again, otherwise they work the same as
csum_sub() and csum_add().
Adding __skb_postpull_rcsum(), __skb_postpush_rcsum() variants that take the
offset as an input and adapting bpf_skb_store_bytes() to them fixes the hw
csum failures again. The skb_postpull_rcsum(), skb_postpush_rcsum() helpers
use a 0 constant for offset so that the compiler optimizes the offset & 1
test away and generates the same code as with csum_sub()/_add().
Fixes: 608cd71a9c7c ("tc: bpf: generalize pedit action")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-08-05 01:11:12 +03:00
|
|
|
__skb_postpush_rcsum(skb, start, len, 0);
|
2016-01-07 17:50:23 +03:00
|
|
|
}
|
|
|
|
|
networking: make skb_pull & friends return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = {
skb_pull,
__skb_pull,
skb_pull_inline,
__pskb_pull_tail,
__pskb_pull,
pskb_pull
};
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:22 +03:00
|
|
|
void *skb_pull_rcsum(struct sk_buff *skb, unsigned int len);
|
bpf: fix checksum fixups on bpf_skb_store_bytes
bpf_skb_store_bytes() invocations above L2 header need BPF_F_RECOMPUTE_CSUM
flag for updates, so that CHECKSUM_COMPLETE will be fixed up along the way.
Where we ran into an issue with bpf_skb_store_bytes() is when we did a
single-byte update on the IPv6 hoplimit despite using BPF_F_RECOMPUTE_CSUM
flag; simple ping via ICMPv6 triggered a hw csum failure as a result. The
underlying issue has been tracked down to a buffer alignment issue.
Meaning, that csum_partial() computations via skb_postpull_rcsum() and
skb_postpush_rcsum() pair invoked had a wrong result since they operated on
an odd address for the hoplimit, while other computations were done on an
even address. This mix doesn't work as-is with skb_postpull_rcsum(),
skb_postpush_rcsum() pair as it always expects at least half-word alignment
of input buffers, which is normally the case. Thus, instead of these helpers
using csum_sub() and (implicitly) csum_add(), we need to use csum_block_sub(),
csum_block_add(), respectively. For unaligned offsets, they rotate the sum
to align it to a half-word boundary again, otherwise they work the same as
csum_sub() and csum_add().
Adding __skb_postpull_rcsum(), __skb_postpush_rcsum() variants that take the
offset as an input and adapting bpf_skb_store_bytes() to them fixes the hw
csum failures again. The skb_postpull_rcsum(), skb_postpush_rcsum() helpers
use a 0 constant for offset so that the compiler optimizes the offset & 1
test away and generates the same code as with csum_sub()/_add().
Fixes: 608cd71a9c7c ("tc: bpf: generalize pedit action")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-08-05 01:11:12 +03:00
|
|
|
|
2016-06-30 20:15:22 +03:00
|
|
|
/**
|
|
|
|
* skb_push_rcsum - push skb and update receive checksum
|
|
|
|
* @skb: buffer to update
|
|
|
|
* @len: length of data pulled
|
|
|
|
*
|
|
|
|
* This function performs an skb_push on the packet and updates
|
|
|
|
* the CHECKSUM_COMPLETE checksum. It should be used on
|
|
|
|
* receive path processing instead of skb_push unless you know
|
|
|
|
* that the checksum difference is zero (e.g., a valid IP header)
|
|
|
|
* or you are setting ip_summed to CHECKSUM_NONE.
|
|
|
|
*/
|
networking: make skb_push & __skb_push return void pointers
It seems like a historic accident that these return unsigned char *,
and in many places that means casts are required, more often than not.
Make these functions return void * and remove all the casts across
the tree, adding a (u8 *) cast only where the unsigned char pointer
was used directly, all done with the following spatch:
@@
expression SKB, LEN;
typedef u8;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
@@
- *(fn(SKB, LEN))
+ *(u8 *)fn(SKB, LEN)
@@
expression E, SKB, LEN;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
type T;
@@
- E = ((T *)(fn(SKB, LEN)))
+ E = fn(SKB, LEN)
@@
expression SKB, LEN;
identifier fn = { skb_push, __skb_push, skb_push_rcsum };
@@
- fn(SKB, LEN)[0]
+ *(u8 *)fn(SKB, LEN)
Note that the last part there converts from push(...)[0] to the
more idiomatic *(u8 *)push(...).
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-06-16 15:29:23 +03:00
|
|
|
static inline void *skb_push_rcsum(struct sk_buff *skb, unsigned int len)
|
2016-06-30 20:15:22 +03:00
|
|
|
{
|
|
|
|
skb_push(skb, len);
|
|
|
|
skb_postpush_rcsum(skb, skb->data, len);
|
|
|
|
return skb->data;
|
|
|
|
}
|
|
|
|
|
2018-04-18 21:43:15 +03:00
|
|
|
int pskb_trim_rcsum_slow(struct sk_buff *skb, unsigned int len);
|
2013-12-03 02:26:05 +04:00
|
|
|
/**
|
|
|
|
* pskb_trim_rcsum - trim received skb and update checksum
|
|
|
|
* @skb: buffer to trim
|
|
|
|
* @len: new length
|
|
|
|
*
|
|
|
|
* This is exactly the same as pskb_trim except that it ensures the
|
|
|
|
* checksum of received packets are still valid after the operation.
|
2019-01-17 18:34:38 +03:00
|
|
|
* It can change skb pointers.
|
2013-12-03 02:26:05 +04:00
|
|
|
*/
|
|
|
|
|
|
|
|
static inline int pskb_trim_rcsum(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
if (likely(len >= skb->len))
|
|
|
|
return 0;
|
2018-04-18 21:43:15 +03:00
|
|
|
return pskb_trim_rcsum_slow(skb, len);
|
2013-12-03 02:26:05 +04:00
|
|
|
}
|
|
|
|
|
2016-08-18 02:00:39 +03:00
|
|
|
static inline int __skb_trim_rcsum(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
__skb_trim(skb, len);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline int __skb_grow_rcsum(struct sk_buff *skb, unsigned int len)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
return __skb_grow(skb, len);
|
|
|
|
}
|
|
|
|
|
2017-10-06 08:21:21 +03:00
|
|
|
#define rb_to_skb(rb) rb_entry_safe(rb, struct sk_buff, rbnode)
|
|
|
|
#define skb_rb_first(root) rb_to_skb(rb_first(root))
|
|
|
|
#define skb_rb_last(root) rb_to_skb(rb_last(root))
|
|
|
|
#define skb_rb_next(skb) rb_to_skb(rb_next(&(skb)->rbnode))
|
|
|
|
#define skb_rb_prev(skb) rb_to_skb(rb_prev(&(skb)->rbnode))
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
#define skb_queue_walk(queue, skb) \
|
|
|
|
for (skb = (queue)->next; \
|
2011-05-23 03:51:43 +04:00
|
|
|
skb != (struct sk_buff *)(queue); \
|
2005-04-17 02:20:36 +04:00
|
|
|
skb = skb->next)
|
|
|
|
|
2007-04-30 11:07:31 +04:00
|
|
|
#define skb_queue_walk_safe(queue, skb, tmp) \
|
|
|
|
for (skb = (queue)->next, tmp = skb->next; \
|
|
|
|
skb != (struct sk_buff *)(queue); \
|
|
|
|
skb = tmp, tmp = skb->next)
|
|
|
|
|
2008-09-23 11:49:44 +04:00
|
|
|
#define skb_queue_walk_from(queue, skb) \
|
2011-05-23 03:51:43 +04:00
|
|
|
for (; skb != (struct sk_buff *)(queue); \
|
2008-09-23 11:49:44 +04:00
|
|
|
skb = skb->next)
|
|
|
|
|
2017-10-06 08:21:21 +03:00
|
|
|
#define skb_rbtree_walk(skb, root) \
|
|
|
|
for (skb = skb_rb_first(root); skb != NULL; \
|
|
|
|
skb = skb_rb_next(skb))
|
|
|
|
|
|
|
|
#define skb_rbtree_walk_from(skb) \
|
|
|
|
for (; skb != NULL; \
|
|
|
|
skb = skb_rb_next(skb))
|
|
|
|
|
|
|
|
#define skb_rbtree_walk_from_safe(skb, tmp) \
|
|
|
|
for (; tmp = skb ? skb_rb_next(skb) : NULL, (skb != NULL); \
|
|
|
|
skb = tmp)
|
|
|
|
|
2008-09-23 11:49:44 +04:00
|
|
|
#define skb_queue_walk_from_safe(queue, skb, tmp) \
|
|
|
|
for (tmp = skb->next; \
|
|
|
|
skb != (struct sk_buff *)(queue); \
|
|
|
|
skb = tmp, tmp = skb->next)
|
|
|
|
|
2005-10-31 00:47:34 +03:00
|
|
|
#define skb_queue_reverse_walk(queue, skb) \
|
|
|
|
for (skb = (queue)->prev; \
|
2011-05-23 03:51:43 +04:00
|
|
|
skb != (struct sk_buff *)(queue); \
|
2005-10-31 00:47:34 +03:00
|
|
|
skb = skb->prev)
|
|
|
|
|
2011-01-21 09:47:32 +03:00
|
|
|
#define skb_queue_reverse_walk_safe(queue, skb, tmp) \
|
|
|
|
for (skb = (queue)->prev, tmp = skb->prev; \
|
|
|
|
skb != (struct sk_buff *)(queue); \
|
|
|
|
skb = tmp, tmp = skb->prev)
|
|
|
|
|
|
|
|
#define skb_queue_reverse_walk_from_safe(queue, skb, tmp) \
|
|
|
|
for (tmp = skb->prev; \
|
|
|
|
skb != (struct sk_buff *)(queue); \
|
|
|
|
skb = tmp, tmp = skb->prev)
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2010-08-23 11:13:46 +04:00
|
|
|
static inline bool skb_has_frag_list(const struct sk_buff *skb)
|
2009-06-09 11:17:13 +04:00
|
|
|
{
|
|
|
|
return skb_shinfo(skb)->frag_list != NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_frag_list_init(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb_shinfo(skb)->frag_list = NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
#define skb_walk_frags(skb, iter) \
|
|
|
|
for (iter = skb_shinfo(skb)->frag_list; iter; iter = iter->next)
|
|
|
|
|
2015-12-07 00:11:34 +03:00
|
|
|
|
2019-11-25 16:48:57 +03:00
|
|
|
int __skb_wait_for_more_packets(struct sock *sk, struct sk_buff_head *queue,
|
|
|
|
int *err, long *timeo_p,
|
2015-12-07 00:11:34 +03:00
|
|
|
const struct sk_buff *skb);
|
2017-05-16 12:20:13 +03:00
|
|
|
struct sk_buff *__skb_try_recv_from_queue(struct sock *sk,
|
|
|
|
struct sk_buff_head *queue,
|
|
|
|
unsigned int flags,
|
2019-04-08 11:15:59 +03:00
|
|
|
int *off, int *err,
|
2017-05-16 12:20:13 +03:00
|
|
|
struct sk_buff **last);
|
2019-11-25 16:48:57 +03:00
|
|
|
struct sk_buff *__skb_try_recv_datagram(struct sock *sk,
|
|
|
|
struct sk_buff_head *queue,
|
2020-02-28 16:45:22 +03:00
|
|
|
unsigned int flags, int *off, int *err,
|
2015-12-07 00:11:34 +03:00
|
|
|
struct sk_buff **last);
|
2019-11-25 16:48:57 +03:00
|
|
|
struct sk_buff *__skb_recv_datagram(struct sock *sk,
|
|
|
|
struct sk_buff_head *sk_queue,
|
2020-02-28 16:45:22 +03:00
|
|
|
unsigned int flags, int *off, int *err);
|
2022-04-04 19:30:22 +03:00
|
|
|
struct sk_buff *skb_recv_datagram(struct sock *sk, unsigned int flags, int *err);
|
2018-06-28 19:43:44 +03:00
|
|
|
__poll_t datagram_poll(struct file *file, struct socket *sock,
|
|
|
|
struct poll_table_struct *wait);
|
2014-11-24 18:42:55 +03:00
|
|
|
int skb_copy_datagram_iter(const struct sk_buff *from, int offset,
|
|
|
|
struct iov_iter *to, int size);
|
2014-11-06 00:46:40 +03:00
|
|
|
static inline int skb_copy_datagram_msg(const struct sk_buff *from, int offset,
|
|
|
|
struct msghdr *msg, int size)
|
|
|
|
{
|
2014-11-25 02:17:55 +03:00
|
|
|
return skb_copy_datagram_iter(from, offset, &msg->msg_iter, size);
|
2014-04-07 02:47:38 +04:00
|
|
|
}
|
2014-11-25 02:17:55 +03:00
|
|
|
int skb_copy_and_csum_datagram_msg(struct sk_buff *skb, int hlen,
|
|
|
|
struct msghdr *msg);
|
2018-12-04 04:52:10 +03:00
|
|
|
int skb_copy_and_hash_datagram_iter(const struct sk_buff *skb, int offset,
|
|
|
|
struct iov_iter *to, int len,
|
|
|
|
struct ahash_request *hash);
|
2014-06-19 22:15:22 +04:00
|
|
|
int skb_copy_datagram_from_iter(struct sk_buff *skb, int offset,
|
|
|
|
struct iov_iter *from, int len);
|
|
|
|
int zerocopy_sg_from_iter(struct sk_buff *skb, struct iov_iter *frm);
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_free_datagram(struct sock *sk, struct sk_buff *skb);
|
2016-04-05 19:41:16 +03:00
|
|
|
void __skb_free_datagram_locked(struct sock *sk, struct sk_buff *skb, int len);
|
|
|
|
static inline void skb_free_datagram_locked(struct sock *sk,
|
|
|
|
struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
__skb_free_datagram_locked(sk, skb, 0);
|
|
|
|
}
|
2013-09-27 01:48:15 +04:00
|
|
|
int skb_kill_datagram(struct sock *sk, struct sk_buff *skb, unsigned int flags);
|
|
|
|
int skb_copy_bits(const struct sk_buff *skb, int offset, void *to, int len);
|
|
|
|
int skb_store_bits(struct sk_buff *skb, int offset, const void *from, int len);
|
|
|
|
__wsum skb_copy_and_csum_bits(const struct sk_buff *skb, int offset, u8 *to,
|
2020-07-11 03:07:10 +03:00
|
|
|
int len);
|
2015-05-21 18:00:00 +03:00
|
|
|
int skb_splice_bits(struct sk_buff *skb, struct sock *sk, unsigned int offset,
|
2013-09-27 01:48:15 +04:00
|
|
|
struct pipe_inode_info *pipe, unsigned int len,
|
2016-09-18 04:02:10 +03:00
|
|
|
unsigned int flags);
|
2017-07-29 02:22:42 +03:00
|
|
|
int skb_send_sock_locked(struct sock *sk, struct sk_buff *skb, int offset,
|
|
|
|
int len);
|
2021-03-31 05:32:24 +03:00
|
|
|
int skb_send_sock(struct sock *sk, struct sk_buff *skb, int offset, int len);
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_copy_and_csum_dev(const struct sk_buff *skb, u8 *to);
|
2013-12-13 18:22:17 +04:00
|
|
|
unsigned int skb_zerocopy_headlen(const struct sk_buff *from);
|
2014-03-27 02:37:45 +04:00
|
|
|
int skb_zerocopy(struct sk_buff *to, struct sk_buff *from,
|
|
|
|
int len, int hlen);
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_split(struct sk_buff *skb, struct sk_buff *skb1, const u32 len);
|
|
|
|
int skb_shift(struct sk_buff *tgt, struct sk_buff *skb, int shiftlen);
|
|
|
|
void skb_scrub_packet(struct sk_buff *skb, bool xnet);
|
2018-03-01 09:13:37 +03:00
|
|
|
bool skb_gso_validate_network_len(const struct sk_buff *skb, unsigned int mtu);
|
2018-01-31 06:15:33 +03:00
|
|
|
bool skb_gso_validate_mac_len(const struct sk_buff *skb, unsigned int len);
|
2013-09-27 01:48:15 +04:00
|
|
|
struct sk_buff *skb_segment(struct sk_buff *skb, netdev_features_t features);
|
2020-01-25 13:26:44 +03:00
|
|
|
struct sk_buff *skb_segment_list(struct sk_buff *skb, netdev_features_t features,
|
|
|
|
unsigned int offset);
|
net: Always untag vlan-tagged traffic on input.
Currently the functionality to untag traffic on input resides
as part of the vlan module and is build only when VLAN support
is enabled in the kernel. When VLAN is disabled, the function
vlan_untag() turns into a stub and doesn't really untag the
packets. This seems to create an interesting interaction
between VMs supporting checksum offloading and some network drivers.
There are some drivers that do not allow the user to change
tx-vlan-offload feature of the driver. These drivers also seem
to assume that any VLAN-tagged traffic they transmit will
have the vlan information in the vlan_tci and not in the vlan
header already in the skb. When transmitting skbs that already
have tagged data with partial checksum set, the checksum doesn't
appear to be updated correctly by the card thus resulting in a
failure to establish TCP connections.
The following is a packet trace taken on the receiver where a
sender is a VM with a VLAN configued. The host VM is running on
doest not have VLAN support and the outging interface on the
host is tg3:
10:12:43.503055 52:54:00:ae:42:3f > 28:d2:44:7d:c2:de, ethertype 802.1Q
(0x8100), length 78: vlan 100, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 27243,
offset 0, flags [DF], proto TCP (6), length 60)
10.0.100.1.58545 > 10.0.100.10.ircu-2: Flags [S], cksum 0xdc39 (incorrect
-> 0x48d9), seq 1069378582, win 29200, options [mss 1460,sackOK,TS val
4294837885 ecr 0,nop,wscale 7], length 0
10:12:44.505556 52:54:00:ae:42:3f > 28:d2:44:7d:c2:de, ethertype 802.1Q
(0x8100), length 78: vlan 100, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 27244,
offset 0, flags [DF], proto TCP (6), length 60)
10.0.100.1.58545 > 10.0.100.10.ircu-2: Flags [S], cksum 0xdc39 (incorrect
-> 0x44ee), seq 1069378582, win 29200, options [mss 1460,sackOK,TS val
4294838888 ecr 0,nop,wscale 7], length 0
This connection finally times out.
I've only access to the TG3 hardware in this configuration thus have
only tested this with TG3 driver. There are a lot of other drivers
that do not permit user changes to vlan acceleration features, and
I don't know if they all suffere from a similar issue.
The patch attempt to fix this another way. It moves the vlan header
stipping code out of the vlan module and always builds it into the
kernel network core. This way, even if vlan is not supported on
a virtualizatoin host, the virtual machines running on top of such
host will still work with VLANs enabled.
CC: Patrick McHardy <kaber@trash.net>
CC: Nithin Nayak Sujir <nsujir@broadcom.com>
CC: Michael Chan <mchan@broadcom.com>
CC: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: Vladislav Yasevich <vyasevic@redhat.com>
Acked-by: Jiri Pirko <jiri@resnulli.us>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-08-08 22:42:13 +04:00
|
|
|
struct sk_buff *skb_vlan_untag(struct sk_buff *skb);
|
2022-04-16 13:58:00 +03:00
|
|
|
int skb_ensure_writable(struct sk_buff *skb, unsigned int write_len);
|
2016-09-19 19:11:09 +03:00
|
|
|
int __skb_vlan_pop(struct sk_buff *skb, u16 *vlan_tci);
|
2014-11-19 16:05:02 +03:00
|
|
|
int skb_vlan_pop(struct sk_buff *skb);
|
|
|
|
int skb_vlan_push(struct sk_buff *skb, __be16 vlan_proto, u16 vlan_tci);
|
2020-10-03 01:44:28 +03:00
|
|
|
int skb_eth_pop(struct sk_buff *skb);
|
|
|
|
int skb_eth_push(struct sk_buff *skb, const unsigned char *dst,
|
|
|
|
const unsigned char *src);
|
2019-10-12 14:55:07 +03:00
|
|
|
int skb_mpls_push(struct sk_buff *skb, __be32 mpls_lse, __be16 mpls_proto,
|
net: Fixed updating of ethertype in skb_mpls_push()
The skb_mpls_push was not updating ethertype of an ethernet packet if
the packet was originally received from a non ARPHRD_ETHER device.
In the below OVS data path flow, since the device corresponding to
port 7 is an l3 device (ARPHRD_NONE) the skb_mpls_push function does
not update the ethertype of the packet even though the previous
push_eth action had added an ethernet header to the packet.
recirc_id(0),in_port(7),eth_type(0x0800),ipv4(tos=0/0xfc,ttl=64,frag=no),
actions:push_eth(src=00:00:00:00:00:00,dst=00:00:00:00:00:00),
push_mpls(label=13,tc=0,ttl=64,bos=1,eth_type=0x8847),4
Fixes: 8822e270d697 ("net: core: move push MPLS functionality from OvS to core helper")
Signed-off-by: Martin Varghese <martin.varghese@nokia.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-05 03:27:22 +03:00
|
|
|
int mac_len, bool ethernet);
|
Fixed updating of ethertype in function skb_mpls_pop
The skb_mpls_pop was not updating ethertype of an ethernet packet if the
packet was originally received from a non ARPHRD_ETHER device.
In the below OVS data path flow, since the device corresponding to port 7
is an l3 device (ARPHRD_NONE) the skb_mpls_pop function does not update
the ethertype of the packet even though the previous push_eth action had
added an ethernet header to the packet.
recirc_id(0),in_port(7),eth_type(0x8847),
mpls(label=12/0xfffff,tc=0/0,ttl=0/0x0,bos=1/1),
actions:push_eth(src=00:00:00:00:00:00,dst=00:00:00:00:00:00),
pop_mpls(eth_type=0x800),4
Fixes: ed246cee09b9 ("net: core: move pop MPLS functionality from OvS to core helper")
Signed-off-by: Martin Varghese <martin.varghese@nokia.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-12-02 08:19:51 +03:00
|
|
|
int skb_mpls_pop(struct sk_buff *skb, __be16 next_proto, int mac_len,
|
|
|
|
bool ethernet);
|
2019-07-07 17:01:56 +03:00
|
|
|
int skb_mpls_update_lse(struct sk_buff *skb, __be32 mpls_lse);
|
2019-07-07 17:01:57 +03:00
|
|
|
int skb_mpls_dec_ttl(struct sk_buff *skb);
|
skbuff: Add pskb_extract() helper function
A pattern of skb usage seen in modules such as RDS-TCP is to
extract `to_copy' bytes from the received TCP segment, starting
at some offset `off' into a new skb `clone'. This is done in
the ->data_ready callback, where the clone skb is queued up for rx on
the PF_RDS socket, while the parent TCP segment is returned unchanged
back to the TCP engine.
The existing code uses the sequence
clone = skb_clone(..);
pskb_pull(clone, off, ..);
pskb_trim(clone, to_copy, ..);
with the intention of discarding the first `off' bytes. However,
skb_clone() + pskb_pull() implies pksb_expand_head(), which ends
up doing a redundant memcpy of bytes that will then get discarded
in __pskb_pull_tail().
To avoid this inefficiency, this commit adds pskb_extract() that
creates the clone, and memcpy's only the relevant header/frag/frag_list
to the start of `clone'. pskb_trim() is then invoked to trim clone
down to the requested to_copy bytes.
Signed-off-by: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-04-23 04:36:35 +03:00
|
|
|
struct sk_buff *pskb_extract(struct sk_buff *skb, int off, int to_copy,
|
|
|
|
gfp_t gfp);
|
2005-08-16 09:18:02 +04:00
|
|
|
|
2014-04-07 05:25:44 +04:00
|
|
|
static inline int memcpy_from_msg(void *data, struct msghdr *msg, int len)
|
|
|
|
{
|
2017-02-18 07:13:25 +03:00
|
|
|
return copy_from_iter_full(data, len, &msg->msg_iter) ? 0 : -EFAULT;
|
2014-04-07 05:25:44 +04:00
|
|
|
}
|
|
|
|
|
2014-04-07 05:51:23 +04:00
|
|
|
static inline int memcpy_to_msg(struct msghdr *msg, void *data, int len)
|
|
|
|
{
|
2014-11-25 02:17:55 +03:00
|
|
|
return copy_to_iter(data, len, &msg->msg_iter) == len ? 0 : -EFAULT;
|
2014-04-07 05:51:23 +04:00
|
|
|
}
|
|
|
|
|
2013-10-30 14:50:51 +04:00
|
|
|
struct skb_checksum_ops {
|
|
|
|
__wsum (*update)(const void *mem, int len, __wsum wsum);
|
|
|
|
__wsum (*combine)(__wsum csum, __wsum csum2, int offset, int len);
|
|
|
|
};
|
|
|
|
|
2017-05-18 16:44:37 +03:00
|
|
|
extern const struct skb_checksum_ops *crc32c_csum_stub __read_mostly;
|
|
|
|
|
2013-10-30 14:50:51 +04:00
|
|
|
__wsum __skb_checksum(const struct sk_buff *skb, int offset, int len,
|
|
|
|
__wsum csum, const struct skb_checksum_ops *ops);
|
|
|
|
__wsum skb_checksum(const struct sk_buff *skb, int offset, int len,
|
|
|
|
__wsum csum);
|
|
|
|
|
2015-06-13 05:31:32 +03:00
|
|
|
static inline void * __must_check
|
2021-03-14 14:11:14 +03:00
|
|
|
__skb_header_pointer(const struct sk_buff *skb, int offset, int len,
|
|
|
|
const void *data, int hlen, void *buffer)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2021-03-14 14:11:50 +03:00
|
|
|
if (likely(hlen - offset >= len))
|
2021-03-14 14:11:14 +03:00
|
|
|
return (void *)data + offset;
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2021-03-14 14:11:50 +03:00
|
|
|
if (!skb || unlikely(skb_copy_bits(skb, offset, buffer, len) < 0))
|
2005-04-17 02:20:36 +04:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
return buffer;
|
|
|
|
}
|
|
|
|
|
2015-06-13 05:31:32 +03:00
|
|
|
static inline void * __must_check
|
|
|
|
skb_header_pointer(const struct sk_buff *skb, int offset, int len, void *buffer)
|
2014-08-23 23:13:41 +04:00
|
|
|
{
|
|
|
|
return __skb_header_pointer(skb, offset, len, skb->data,
|
|
|
|
skb_headlen(skb), buffer);
|
|
|
|
}
|
|
|
|
|
2013-12-06 14:36:16 +04:00
|
|
|
/**
|
|
|
|
* skb_needs_linearize - check if we need to linearize a given skb
|
|
|
|
* depending on the given device features.
|
|
|
|
* @skb: socket buffer to check
|
|
|
|
* @features: net device features
|
|
|
|
*
|
|
|
|
* Returns true if either:
|
|
|
|
* 1. skb has frag_list and the device doesn't support FRAGLIST, or
|
|
|
|
* 2. skb is fragmented and the device does not support SG.
|
|
|
|
*/
|
|
|
|
static inline bool skb_needs_linearize(struct sk_buff *skb,
|
|
|
|
netdev_features_t features)
|
|
|
|
{
|
|
|
|
return skb_is_nonlinear(skb) &&
|
|
|
|
((skb_has_frag_list(skb) && !(features & NETIF_F_FRAGLIST)) ||
|
|
|
|
(skb_shinfo(skb)->nr_frags && !(features & NETIF_F_SG)));
|
|
|
|
}
|
|
|
|
|
2007-03-28 01:55:52 +04:00
|
|
|
static inline void skb_copy_from_linear_data(const struct sk_buff *skb,
|
|
|
|
void *to,
|
|
|
|
const unsigned int len)
|
|
|
|
{
|
|
|
|
memcpy(to, skb->data, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_copy_from_linear_data_offset(const struct sk_buff *skb,
|
|
|
|
const int offset, void *to,
|
|
|
|
const unsigned int len)
|
|
|
|
{
|
|
|
|
memcpy(to, skb->data + offset, len);
|
|
|
|
}
|
|
|
|
|
2007-03-31 18:55:19 +04:00
|
|
|
static inline void skb_copy_to_linear_data(struct sk_buff *skb,
|
|
|
|
const void *from,
|
|
|
|
const unsigned int len)
|
|
|
|
{
|
|
|
|
memcpy(skb->data, from, len);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_copy_to_linear_data_offset(struct sk_buff *skb,
|
|
|
|
const int offset,
|
|
|
|
const void *from,
|
|
|
|
const unsigned int len)
|
|
|
|
{
|
|
|
|
memcpy(skb->data + offset, from, len);
|
|
|
|
}
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_init(void);
|
2005-04-17 02:20:36 +04:00
|
|
|
|
2009-02-12 08:03:37 +03:00
|
|
|
static inline ktime_t skb_get_ktime(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->tstamp;
|
|
|
|
}
|
|
|
|
|
2005-08-15 04:24:31 +04:00
|
|
|
/**
|
|
|
|
* skb_get_timestamp - get timestamp from a skb
|
|
|
|
* @skb: skb to get stamp from
|
2019-02-02 18:34:48 +03:00
|
|
|
* @stamp: pointer to struct __kernel_old_timeval to store stamp in
|
2005-08-15 04:24:31 +04:00
|
|
|
*
|
|
|
|
* Timestamps are stored in the skb as offsets to a base timestamp.
|
|
|
|
* This function converts the offset back to a struct timeval and stores
|
|
|
|
* it in stamp.
|
|
|
|
*/
|
2009-02-12 08:03:37 +03:00
|
|
|
static inline void skb_get_timestamp(const struct sk_buff *skb,
|
2019-02-02 18:34:48 +03:00
|
|
|
struct __kernel_old_timeval *stamp)
|
2005-08-15 04:24:31 +04:00
|
|
|
{
|
2019-02-02 18:34:48 +03:00
|
|
|
*stamp = ns_to_kernel_old_timeval(skb->tstamp);
|
2005-08-15 04:24:31 +04:00
|
|
|
}
|
|
|
|
|
2019-02-02 18:34:50 +03:00
|
|
|
static inline void skb_get_new_timestamp(const struct sk_buff *skb,
|
|
|
|
struct __kernel_sock_timeval *stamp)
|
|
|
|
{
|
|
|
|
struct timespec64 ts = ktime_to_timespec64(skb->tstamp);
|
|
|
|
|
|
|
|
stamp->tv_sec = ts.tv_sec;
|
|
|
|
stamp->tv_usec = ts.tv_nsec / 1000;
|
|
|
|
}
|
|
|
|
|
2009-02-12 08:03:37 +03:00
|
|
|
static inline void skb_get_timestampns(const struct sk_buff *skb,
|
2019-10-25 23:04:46 +03:00
|
|
|
struct __kernel_old_timespec *stamp)
|
2009-02-12 08:03:37 +03:00
|
|
|
{
|
2019-10-25 23:04:46 +03:00
|
|
|
struct timespec64 ts = ktime_to_timespec64(skb->tstamp);
|
|
|
|
|
|
|
|
stamp->tv_sec = ts.tv_sec;
|
|
|
|
stamp->tv_nsec = ts.tv_nsec;
|
2009-02-12 08:03:37 +03:00
|
|
|
}
|
|
|
|
|
2019-02-02 18:34:50 +03:00
|
|
|
static inline void skb_get_new_timestampns(const struct sk_buff *skb,
|
|
|
|
struct __kernel_timespec *stamp)
|
|
|
|
{
|
|
|
|
struct timespec64 ts = ktime_to_timespec64(skb->tstamp);
|
|
|
|
|
|
|
|
stamp->tv_sec = ts.tv_sec;
|
|
|
|
stamp->tv_nsec = ts.tv_nsec;
|
|
|
|
}
|
|
|
|
|
2007-04-20 03:16:32 +04:00
|
|
|
static inline void __net_timestamp(struct sk_buff *skb)
|
2005-08-15 04:24:31 +04:00
|
|
|
{
|
2007-04-20 03:16:32 +04:00
|
|
|
skb->tstamp = ktime_get_real();
|
2022-03-02 22:55:44 +03:00
|
|
|
skb->mono_delivery_time = 0;
|
2005-08-15 04:24:31 +04:00
|
|
|
}
|
|
|
|
|
2007-04-24 09:26:16 +04:00
|
|
|
static inline ktime_t net_timedelta(ktime_t t)
|
|
|
|
{
|
|
|
|
return ktime_sub(ktime_get_real(), t);
|
|
|
|
}
|
|
|
|
|
2022-03-02 22:55:25 +03:00
|
|
|
static inline void skb_set_delivery_time(struct sk_buff *skb, ktime_t kt,
|
|
|
|
bool mono)
|
|
|
|
{
|
|
|
|
skb->tstamp = kt;
|
2022-03-02 22:55:50 +03:00
|
|
|
skb->mono_delivery_time = kt && mono;
|
2022-03-02 22:55:25 +03:00
|
|
|
}
|
|
|
|
|
2022-03-02 22:55:38 +03:00
|
|
|
DECLARE_STATIC_KEY_FALSE(netstamp_needed_key);
|
|
|
|
|
|
|
|
/* It is used in the ingress path to clear the delivery_time.
|
|
|
|
* If needed, set the skb->tstamp to the (rcv) timestamp.
|
|
|
|
*/
|
|
|
|
static inline void skb_clear_delivery_time(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->mono_delivery_time) {
|
|
|
|
skb->mono_delivery_time = 0;
|
|
|
|
if (static_branch_unlikely(&netstamp_needed_key))
|
|
|
|
skb->tstamp = ktime_get_real();
|
|
|
|
else
|
|
|
|
skb->tstamp = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2022-03-02 22:55:31 +03:00
|
|
|
static inline void skb_clear_tstamp(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->mono_delivery_time)
|
|
|
|
return;
|
|
|
|
|
|
|
|
skb->tstamp = 0;
|
|
|
|
}
|
|
|
|
|
2022-03-02 22:55:38 +03:00
|
|
|
static inline ktime_t skb_tstamp(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->mono_delivery_time)
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
return skb->tstamp;
|
|
|
|
}
|
|
|
|
|
2022-03-02 22:56:09 +03:00
|
|
|
static inline ktime_t skb_tstamp_cond(const struct sk_buff *skb, bool cond)
|
|
|
|
{
|
|
|
|
if (!skb->mono_delivery_time && skb->tstamp)
|
|
|
|
return skb->tstamp;
|
|
|
|
|
|
|
|
if (static_branch_unlikely(&netstamp_needed_key) || cond)
|
|
|
|
return ktime_get_real();
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
static inline u8 skb_metadata_len(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_shinfo(skb)->meta_len;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void *skb_metadata_end(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_mac_header(skb);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool __skb_metadata_differs(const struct sk_buff *skb_a,
|
|
|
|
const struct sk_buff *skb_b,
|
|
|
|
u8 meta_len)
|
|
|
|
{
|
|
|
|
const void *a = skb_metadata_end(skb_a);
|
|
|
|
const void *b = skb_metadata_end(skb_b);
|
|
|
|
/* Using more efficient varaiant than plain call to memcmp(). */
|
|
|
|
#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
|
|
|
|
u64 diffs = 0;
|
|
|
|
|
|
|
|
switch (meta_len) {
|
|
|
|
#define __it(x, op) (x -= sizeof(u##op))
|
|
|
|
#define __it_diff(a, b, op) (*(u##op *)__it(a, op)) ^ (*(u##op *)__it(b, op))
|
|
|
|
case 32: diffs |= __it_diff(a, b, 64);
|
2020-08-24 01:36:59 +03:00
|
|
|
fallthrough;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
case 24: diffs |= __it_diff(a, b, 64);
|
2020-08-24 01:36:59 +03:00
|
|
|
fallthrough;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
case 16: diffs |= __it_diff(a, b, 64);
|
2020-08-24 01:36:59 +03:00
|
|
|
fallthrough;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
case 8: diffs |= __it_diff(a, b, 64);
|
|
|
|
break;
|
|
|
|
case 28: diffs |= __it_diff(a, b, 64);
|
2020-08-24 01:36:59 +03:00
|
|
|
fallthrough;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
case 20: diffs |= __it_diff(a, b, 64);
|
2020-08-24 01:36:59 +03:00
|
|
|
fallthrough;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
case 12: diffs |= __it_diff(a, b, 64);
|
2020-08-24 01:36:59 +03:00
|
|
|
fallthrough;
|
bpf: add meta pointer for direct access
This work enables generic transfer of metadata from XDP into skb. The
basic idea is that we can make use of the fact that the resulting skb
must be linear and already comes with a larger headroom for supporting
bpf_xdp_adjust_head(), which mangles xdp->data. Here, we base our work
on a similar principle and introduce a small helper bpf_xdp_adjust_meta()
for adjusting a new pointer called xdp->data_meta. Thus, the packet has
a flexible and programmable room for meta data, followed by the actual
packet data. struct xdp_buff is therefore laid out that we first point
to data_hard_start, then data_meta directly prepended to data followed
by data_end marking the end of packet. bpf_xdp_adjust_head() takes into
account whether we have meta data already prepended and if so, memmove()s
this along with the given offset provided there's enough room.
xdp->data_meta is optional and programs are not required to use it. The
rationale is that when we process the packet in XDP (e.g. as DoS filter),
we can push further meta data along with it for the XDP_PASS case, and
give the guarantee that a clsact ingress BPF program on the same device
can pick this up for further post-processing. Since we work with skb
there, we can also set skb->mark, skb->priority or other skb meta data
out of BPF, thus having this scratch space generic and programmable
allows for more flexibility than defining a direct 1:1 transfer of
potentially new XDP members into skb (it's also more efficient as we
don't need to initialize/handle each of such new members). The facility
also works together with GRO aggregation. The scratch space at the head
of the packet can be multiple of 4 byte up to 32 byte large. Drivers not
yet supporting xdp->data_meta can simply be set up with xdp->data_meta
as xdp->data + 1 as bpf_xdp_adjust_meta() will detect this and bail out,
such that the subsequent match against xdp->data for later access is
guaranteed to fail.
The verifier treats xdp->data_meta/xdp->data the same way as we treat
xdp->data/xdp->data_end pointer comparisons. The requirement for doing
the compare against xdp->data is that it hasn't been modified from it's
original address we got from ctx access. It may have a range marking
already from prior successful xdp->data/xdp->data_end pointer comparisons
though.
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2017-09-25 03:25:51 +03:00
|
|
|
case 4: diffs |= __it_diff(a, b, 32);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
return diffs;
|
|
|
|
#else
|
|
|
|
return memcmp(a - meta_len, b - meta_len, meta_len);
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_metadata_differs(const struct sk_buff *skb_a,
|
|
|
|
const struct sk_buff *skb_b)
|
|
|
|
{
|
|
|
|
u8 len_a = skb_metadata_len(skb_a);
|
|
|
|
u8 len_b = skb_metadata_len(skb_b);
|
|
|
|
|
|
|
|
if (!(len_a | len_b))
|
|
|
|
return false;
|
|
|
|
|
|
|
|
return len_a != len_b ?
|
|
|
|
true : __skb_metadata_differs(skb_a, skb_b, len_a);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_metadata_set(struct sk_buff *skb, u8 meta_len)
|
|
|
|
{
|
|
|
|
skb_shinfo(skb)->meta_len = meta_len;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_metadata_clear(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb_metadata_set(skb, 0);
|
|
|
|
}
|
|
|
|
|
2014-09-04 21:31:35 +04:00
|
|
|
struct sk_buff *skb_clone_sk(struct sk_buff *skb);
|
|
|
|
|
2010-07-17 12:49:36 +04:00
|
|
|
#ifdef CONFIG_NETWORK_PHY_TIMESTAMPING
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_clone_tx_timestamp(struct sk_buff *skb);
|
|
|
|
bool skb_defer_rx_timestamp(struct sk_buff *skb);
|
2010-07-17 12:49:36 +04:00
|
|
|
|
|
|
|
#else /* CONFIG_NETWORK_PHY_TIMESTAMPING */
|
|
|
|
|
|
|
|
static inline void skb_clone_tx_timestamp(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_defer_rx_timestamp(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
#endif /* !CONFIG_NETWORK_PHY_TIMESTAMPING */
|
|
|
|
|
|
|
|
/**
|
|
|
|
* skb_complete_tx_timestamp() - deliver cloned skb with tx timestamps
|
|
|
|
*
|
net: hold sock reference while processing tx timestamps
The pair of functions,
* skb_clone_tx_timestamp()
* skb_complete_tx_timestamp()
were designed to allow timestamping in PHY devices. The first
function, called during the MAC driver's hard_xmit method, identifies
PTP protocol packets, clones them, and gives them to the PHY device
driver. The PHY driver may hold onto the packet and deliver it at a
later time using the second function, which adds the packet to the
socket's error queue.
As pointed out by Johannes, nothing prevents the socket from
disappearing while the cloned packet is sitting in the PHY driver
awaiting a timestamp. This patch fixes the issue by taking a reference
on the socket for each such packet. In addition, the comments
regarding the usage of these function are expanded to highlight the
rule that PHY drivers must use skb_complete_tx_timestamp() to release
the packet, in order to release the socket reference, too.
These functions first appeared in v2.6.36.
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Richard Cochran <richard.cochran@omicron.at>
Cc: <stable@vger.kernel.org>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-10-21 04:49:15 +04:00
|
|
|
* PHY drivers may accept clones of transmitted packets for
|
|
|
|
* timestamping via their phy_driver.txtstamp method. These drivers
|
2015-08-07 19:32:21 +03:00
|
|
|
* must call this function to return the skb back to the stack with a
|
|
|
|
* timestamp.
|
net: hold sock reference while processing tx timestamps
The pair of functions,
* skb_clone_tx_timestamp()
* skb_complete_tx_timestamp()
were designed to allow timestamping in PHY devices. The first
function, called during the MAC driver's hard_xmit method, identifies
PTP protocol packets, clones them, and gives them to the PHY device
driver. The PHY driver may hold onto the packet and deliver it at a
later time using the second function, which adds the packet to the
socket's error queue.
As pointed out by Johannes, nothing prevents the socket from
disappearing while the cloned packet is sitting in the PHY driver
awaiting a timestamp. This patch fixes the issue by taking a reference
on the socket for each such packet. In addition, the comments
regarding the usage of these function are expanded to highlight the
rule that PHY drivers must use skb_complete_tx_timestamp() to release
the packet, in order to release the socket reference, too.
These functions first appeared in v2.6.36.
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Richard Cochran <richard.cochran@omicron.at>
Cc: <stable@vger.kernel.org>
Signed-off-by: Eric Dumazet <eric.dumazet@gmail.com>
Reviewed-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-10-21 04:49:15 +04:00
|
|
|
*
|
2020-07-15 19:42:39 +03:00
|
|
|
* @skb: clone of the original outgoing packet
|
2015-08-07 19:32:21 +03:00
|
|
|
* @hwtstamps: hardware time stamps
|
2010-07-17 12:49:36 +04:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
void skb_complete_tx_timestamp(struct sk_buff *skb,
|
|
|
|
struct skb_shared_hwtstamps *hwtstamps);
|
|
|
|
|
2021-01-20 23:41:55 +03:00
|
|
|
void __skb_tstamp_tx(struct sk_buff *orig_skb, const struct sk_buff *ack_skb,
|
2014-08-05 06:11:48 +04:00
|
|
|
struct skb_shared_hwtstamps *hwtstamps,
|
|
|
|
struct sock *sk, int tstype);
|
|
|
|
|
2009-02-12 08:03:37 +03:00
|
|
|
/**
|
|
|
|
* skb_tstamp_tx - queue clone of skb with send time stamps
|
|
|
|
* @orig_skb: the original outgoing packet
|
|
|
|
* @hwtstamps: hardware time stamps, may be NULL if not available
|
|
|
|
*
|
|
|
|
* If the skb has a socket associated, then this function clones the
|
|
|
|
* skb (thus sharing the actual data and optional structures), stores
|
|
|
|
* the optional hardware time stamping information (if non NULL) or
|
|
|
|
* generates a software time stamp (otherwise), then queues the clone
|
|
|
|
* to the error queue of the socket. Errors are silently ignored.
|
|
|
|
*/
|
2013-09-27 01:48:15 +04:00
|
|
|
void skb_tstamp_tx(struct sk_buff *orig_skb,
|
|
|
|
struct skb_shared_hwtstamps *hwtstamps);
|
2009-02-12 08:03:37 +03:00
|
|
|
|
2010-07-17 12:48:28 +04:00
|
|
|
/**
|
|
|
|
* skb_tx_timestamp() - Driver hook for transmit timestamping
|
|
|
|
*
|
|
|
|
* Ethernet MAC Drivers should call this function in their hard_xmit()
|
2011-06-19 07:31:39 +04:00
|
|
|
* function immediately before giving the sk_buff to the MAC hardware.
|
2010-07-17 12:48:28 +04:00
|
|
|
*
|
2013-12-27 22:04:33 +04:00
|
|
|
* Specifically, one should make absolutely sure that this function is
|
|
|
|
* called before TX completion of this packet can trigger. Otherwise
|
|
|
|
* the packet could potentially already be freed.
|
|
|
|
*
|
2010-07-17 12:48:28 +04:00
|
|
|
* @skb: A socket buffer.
|
|
|
|
*/
|
|
|
|
static inline void skb_tx_timestamp(struct sk_buff *skb)
|
|
|
|
{
|
2010-07-17 12:49:36 +04:00
|
|
|
skb_clone_tx_timestamp(skb);
|
2017-05-19 18:52:40 +03:00
|
|
|
if (skb_shinfo(skb)->tx_flags & SKBTX_SW_TSTAMP)
|
|
|
|
skb_tstamp_tx(skb, NULL);
|
2010-07-17 12:48:28 +04:00
|
|
|
}
|
|
|
|
|
2011-11-09 13:15:42 +04:00
|
|
|
/**
|
|
|
|
* skb_complete_wifi_ack - deliver skb with wifi status
|
|
|
|
*
|
|
|
|
* @skb: the original outgoing packet
|
|
|
|
* @acked: ack status
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
void skb_complete_wifi_ack(struct sk_buff *skb, bool acked);
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
__sum16 __skb_checksum_complete_head(struct sk_buff *skb, int len);
|
|
|
|
__sum16 __skb_checksum_complete(struct sk_buff *skb);
|
2005-11-11 00:01:24 +03:00
|
|
|
|
2007-04-09 22:59:39 +04:00
|
|
|
static inline int skb_csum_unnecessary(const struct sk_buff *skb)
|
|
|
|
{
|
2015-02-11 03:30:28 +03:00
|
|
|
return ((skb->ip_summed == CHECKSUM_UNNECESSARY) ||
|
|
|
|
skb->csum_valid ||
|
|
|
|
(skb->ip_summed == CHECKSUM_PARTIAL &&
|
|
|
|
skb_checksum_start_offset(skb) >= 0));
|
2007-04-09 22:59:39 +04:00
|
|
|
}
|
|
|
|
|
2005-11-11 00:01:24 +03:00
|
|
|
/**
|
|
|
|
* skb_checksum_complete - Calculate checksum of an entire packet
|
|
|
|
* @skb: packet to process
|
|
|
|
*
|
|
|
|
* This function calculates the checksum over the entire packet plus
|
|
|
|
* the value of skb->csum. The latter can be used to supply the
|
|
|
|
* checksum of a pseudo header as used by TCP/UDP. It returns the
|
|
|
|
* checksum.
|
|
|
|
*
|
|
|
|
* For protocols that contain complete checksums such as ICMP/TCP/UDP,
|
|
|
|
* this function can be used to verify that checksum on received
|
|
|
|
* packets. In that case the function should return zero if the
|
|
|
|
* checksum is correct. In particular, this function will return zero
|
|
|
|
* if skb->ip_summed is CHECKSUM_UNNECESSARY which indicates that the
|
|
|
|
* hardware has already verified the correctness of the checksum.
|
|
|
|
*/
|
2007-07-16 00:00:11 +04:00
|
|
|
static inline __sum16 skb_checksum_complete(struct sk_buff *skb)
|
2005-11-11 00:01:24 +03:00
|
|
|
{
|
2007-04-09 22:59:39 +04:00
|
|
|
return skb_csum_unnecessary(skb) ?
|
|
|
|
0 : __skb_checksum_complete(skb);
|
2005-11-11 00:01:24 +03:00
|
|
|
}
|
|
|
|
|
2014-08-28 08:26:46 +04:00
|
|
|
static inline void __skb_decr_checksum_unnecessary(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_UNNECESSARY) {
|
|
|
|
if (skb->csum_level == 0)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
else
|
|
|
|
skb->csum_level--;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void __skb_incr_checksum_unnecessary(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_UNNECESSARY) {
|
|
|
|
if (skb->csum_level < SKB_MAX_CSUM_LEVEL)
|
|
|
|
skb->csum_level++;
|
|
|
|
} else if (skb->ip_summed == CHECKSUM_NONE) {
|
|
|
|
skb->ip_summed = CHECKSUM_UNNECESSARY;
|
|
|
|
skb->csum_level = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
bpf: Fix up bpf_skb_adjust_room helper's skb csum setting
Lorenz recently reported:
In our TC classifier cls_redirect [0], we use the following sequence of
helper calls to decapsulate a GUE (basically IP + UDP + custom header)
encapsulated packet:
bpf_skb_adjust_room(skb, -encap_len, BPF_ADJ_ROOM_MAC, BPF_F_ADJ_ROOM_FIXED_GSO)
bpf_redirect(skb->ifindex, BPF_F_INGRESS)
It seems like some checksums of the inner headers are not validated in
this case. For example, a TCP SYN packet with invalid TCP checksum is
still accepted by the network stack and elicits a SYN ACK. [...]
That is, we receive the following packet from the driver:
| ETH | IP | UDP | GUE | IP | TCP |
skb->ip_summed == CHECKSUM_UNNECESSARY
ip_summed is CHECKSUM_UNNECESSARY because our NICs do rx checksum offloading.
On this packet we run skb_adjust_room_mac(-encap_len), and get the following:
| ETH | IP | TCP |
skb->ip_summed == CHECKSUM_UNNECESSARY
Note that ip_summed is still CHECKSUM_UNNECESSARY. After bpf_redirect()'ing
into the ingress, we end up in tcp_v4_rcv(). There, skb_checksum_init() is
turned into a no-op due to CHECKSUM_UNNECESSARY.
The bpf_skb_adjust_room() helper is not aware of protocol specifics. Internally,
it handles the CHECKSUM_COMPLETE case via skb_postpull_rcsum(), but that does
not cover CHECKSUM_UNNECESSARY. In this case skb->csum_level of the original
skb prior to bpf_skb_adjust_room() call was 0, that is, covering UDP. Right now
there is no way to adjust the skb->csum_level. NICs that have checksum offload
disabled (CHECKSUM_NONE) or that support CHECKSUM_COMPLETE are not affected.
Use a safe default for CHECKSUM_UNNECESSARY by resetting to CHECKSUM_NONE and
add a flag to the helper called BPF_F_ADJ_ROOM_NO_CSUM_RESET that allows users
from opting out. Opting out is useful for the case where we don't remove/add
full protocol headers, or for the case where a user wants to adjust the csum
level manually e.g. through bpf_csum_level() helper that is added in subsequent
patch.
The bpf_skb_proto_{4_to_6,6_to_4}() for NAT64/46 translation from the BPF
bpf_skb_change_proto() helper uses bpf_skb_net_hdr_{push,pop}() pair internally
as well but doesn't change layers, only transitions between v4 to v6 and vice
versa, therefore no adoption is required there.
[0] https://lore.kernel.org/bpf/20200424185556.7358-1-lmb@cloudflare.com/
Fixes: 2be7e212d541 ("bpf: add bpf_skb_adjust_room helper")
Reported-by: Lorenz Bauer <lmb@cloudflare.com>
Reported-by: Alan Maguire <alan.maguire@oracle.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Lorenz Bauer <lmb@cloudflare.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Reviewed-by: Alan Maguire <alan.maguire@oracle.com>
Link: https://lore.kernel.org/bpf/CACAyw9-uU_52esMd1JjuA80fRPHJv5vsSg8GnfW3t_qDU4aVKQ@mail.gmail.com/
Link: https://lore.kernel.org/bpf/11a90472e7cce83e76ddbfce81fdfce7bfc68808.1591108731.git.daniel@iogearbox.net
2020-06-02 17:58:32 +03:00
|
|
|
static inline void __skb_reset_checksum_unnecessary(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_UNNECESSARY) {
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
skb->csum_level = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2014-05-03 03:29:18 +04:00
|
|
|
/* Check if we need to perform checksum complete validation.
|
|
|
|
*
|
|
|
|
* Returns true if checksum complete is needed, false otherwise
|
|
|
|
* (either checksum is unnecessary or zero checksum is allowed).
|
|
|
|
*/
|
|
|
|
static inline bool __skb_checksum_validate_needed(struct sk_buff *skb,
|
|
|
|
bool zero_okay,
|
|
|
|
__sum16 check)
|
|
|
|
{
|
2014-06-11 05:54:13 +04:00
|
|
|
if (skb_csum_unnecessary(skb) || (zero_okay && !check)) {
|
|
|
|
skb->csum_valid = 1;
|
2014-08-28 08:26:46 +04:00
|
|
|
__skb_decr_checksum_unnecessary(skb);
|
2014-05-03 03:29:18 +04:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2018-02-16 23:52:42 +03:00
|
|
|
/* For small packets <= CHECKSUM_BREAK perform checksum complete directly
|
2014-05-03 03:29:18 +04:00
|
|
|
* in checksum_init.
|
|
|
|
*/
|
|
|
|
#define CHECKSUM_BREAK 76
|
|
|
|
|
2015-04-21 00:10:04 +03:00
|
|
|
/* Unset checksum-complete
|
|
|
|
*
|
|
|
|
* Unset checksum complete can be done when packet is being modified
|
|
|
|
* (uncompressed for instance) and checksum-complete value is
|
|
|
|
* invalidated.
|
|
|
|
*/
|
|
|
|
static inline void skb_checksum_complete_unset(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
}
|
|
|
|
|
2014-05-03 03:29:18 +04:00
|
|
|
/* Validate (init) checksum based on checksum complete.
|
|
|
|
*
|
|
|
|
* Return values:
|
|
|
|
* 0: checksum is validated or try to in skb_checksum_complete. In the latter
|
|
|
|
* case the ip_summed will not be CHECKSUM_UNNECESSARY and the pseudo
|
|
|
|
* checksum is stored in skb->csum for use in __skb_checksum_complete
|
|
|
|
* non-zero: value of invalid checksum
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
static inline __sum16 __skb_checksum_validate_complete(struct sk_buff *skb,
|
|
|
|
bool complete,
|
|
|
|
__wsum psum)
|
|
|
|
{
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE) {
|
|
|
|
if (!csum_fold(csum_add(psum, skb->csum))) {
|
2014-06-11 05:54:13 +04:00
|
|
|
skb->csum_valid = 1;
|
2014-05-03 03:29:18 +04:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
skb->csum = psum;
|
|
|
|
|
2014-06-11 05:54:13 +04:00
|
|
|
if (complete || skb->len <= CHECKSUM_BREAK) {
|
|
|
|
__sum16 csum;
|
|
|
|
|
|
|
|
csum = __skb_checksum_complete(skb);
|
|
|
|
skb->csum_valid = !csum;
|
|
|
|
return csum;
|
|
|
|
}
|
2014-05-03 03:29:18 +04:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline __wsum null_compute_pseudo(struct sk_buff *skb, int proto)
|
|
|
|
{
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Perform checksum validate (init). Note that this is a macro since we only
|
|
|
|
* want to calculate the pseudo header which is an input function if necessary.
|
|
|
|
* First we try to validate without any computation (checksum unnecessary) and
|
|
|
|
* then calculate based on checksum complete calling the function to compute
|
|
|
|
* pseudo header.
|
|
|
|
*
|
|
|
|
* Return values:
|
|
|
|
* 0: checksum is validated or try to in skb_checksum_complete
|
|
|
|
* non-zero: value of invalid checksum
|
|
|
|
*/
|
|
|
|
#define __skb_checksum_validate(skb, proto, complete, \
|
|
|
|
zero_okay, check, compute_pseudo) \
|
|
|
|
({ \
|
|
|
|
__sum16 __ret = 0; \
|
2014-06-11 05:54:13 +04:00
|
|
|
skb->csum_valid = 0; \
|
2014-05-03 03:29:18 +04:00
|
|
|
if (__skb_checksum_validate_needed(skb, zero_okay, check)) \
|
|
|
|
__ret = __skb_checksum_validate_complete(skb, \
|
|
|
|
complete, compute_pseudo(skb, proto)); \
|
|
|
|
__ret; \
|
|
|
|
})
|
|
|
|
|
|
|
|
#define skb_checksum_init(skb, proto, compute_pseudo) \
|
|
|
|
__skb_checksum_validate(skb, proto, false, false, 0, compute_pseudo)
|
|
|
|
|
|
|
|
#define skb_checksum_init_zero_check(skb, proto, check, compute_pseudo) \
|
|
|
|
__skb_checksum_validate(skb, proto, false, true, check, compute_pseudo)
|
|
|
|
|
|
|
|
#define skb_checksum_validate(skb, proto, compute_pseudo) \
|
|
|
|
__skb_checksum_validate(skb, proto, true, false, 0, compute_pseudo)
|
|
|
|
|
|
|
|
#define skb_checksum_validate_zero_check(skb, proto, check, \
|
|
|
|
compute_pseudo) \
|
2015-02-06 20:54:19 +03:00
|
|
|
__skb_checksum_validate(skb, proto, true, true, check, compute_pseudo)
|
2014-05-03 03:29:18 +04:00
|
|
|
|
|
|
|
#define skb_checksum_simple_validate(skb) \
|
|
|
|
__skb_checksum_validate(skb, 0, true, false, 0, null_compute_pseudo)
|
|
|
|
|
2014-09-01 02:12:42 +04:00
|
|
|
static inline bool __skb_checksum_convert_check(struct sk_buff *skb)
|
|
|
|
{
|
2017-05-18 16:44:39 +03:00
|
|
|
return (skb->ip_summed == CHECKSUM_NONE && skb->csum_valid);
|
2014-09-01 02:12:42 +04:00
|
|
|
}
|
|
|
|
|
2019-07-04 12:03:26 +03:00
|
|
|
static inline void __skb_checksum_convert(struct sk_buff *skb, __wsum pseudo)
|
2014-09-01 02:12:42 +04:00
|
|
|
{
|
|
|
|
skb->csum = ~pseudo;
|
|
|
|
skb->ip_summed = CHECKSUM_COMPLETE;
|
|
|
|
}
|
|
|
|
|
2019-07-04 12:03:26 +03:00
|
|
|
#define skb_checksum_try_convert(skb, proto, compute_pseudo) \
|
2014-09-01 02:12:42 +04:00
|
|
|
do { \
|
|
|
|
if (__skb_checksum_convert_check(skb)) \
|
2019-07-04 12:03:26 +03:00
|
|
|
__skb_checksum_convert(skb, compute_pseudo(skb, proto)); \
|
2014-09-01 02:12:42 +04:00
|
|
|
} while (0)
|
|
|
|
|
2015-02-11 03:30:31 +03:00
|
|
|
static inline void skb_remcsum_adjust_partial(struct sk_buff *skb, void *ptr,
|
|
|
|
u16 start, u16 offset)
|
|
|
|
{
|
|
|
|
skb->ip_summed = CHECKSUM_PARTIAL;
|
|
|
|
skb->csum_start = ((unsigned char *)ptr + start) - skb->head;
|
|
|
|
skb->csum_offset = offset - start;
|
|
|
|
}
|
|
|
|
|
2015-02-03 03:07:34 +03:00
|
|
|
/* Update skbuf and packet to reflect the remote checksum offload operation.
|
|
|
|
* When called, ptr indicates the starting point for skb->csum when
|
|
|
|
* ip_summed is CHECKSUM_COMPLETE. If we need create checksum complete
|
|
|
|
* here, skb_postpull_rcsum is done so skb->csum start is ptr.
|
|
|
|
*/
|
|
|
|
static inline void skb_remcsum_process(struct sk_buff *skb, void *ptr,
|
2015-02-11 03:30:31 +03:00
|
|
|
int start, int offset, bool nopartial)
|
2015-02-03 03:07:34 +03:00
|
|
|
{
|
|
|
|
__wsum delta;
|
|
|
|
|
2015-02-11 03:30:31 +03:00
|
|
|
if (!nopartial) {
|
|
|
|
skb_remcsum_adjust_partial(skb, ptr, start, offset);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2021-11-12 13:16:34 +03:00
|
|
|
if (unlikely(skb->ip_summed != CHECKSUM_COMPLETE)) {
|
2015-02-03 03:07:34 +03:00
|
|
|
__skb_checksum_complete(skb);
|
|
|
|
skb_postpull_rcsum(skb, skb->data, ptr - (void *)skb->data);
|
|
|
|
}
|
|
|
|
|
|
|
|
delta = remcsum_adjust(ptr, skb->csum, start, offset);
|
|
|
|
|
|
|
|
/* Adjust skb->csum since we changed the packet */
|
|
|
|
skb->csum = csum_add(skb->csum, delta);
|
|
|
|
}
|
|
|
|
|
2017-01-23 20:21:56 +03:00
|
|
|
static inline struct nf_conntrack *skb_nfct(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
2019-09-13 11:13:14 +03:00
|
|
|
return (void *)(skb->_nfct & NFCT_PTRMASK);
|
2017-01-23 20:21:56 +03:00
|
|
|
#else
|
|
|
|
return NULL;
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2019-09-13 11:13:14 +03:00
|
|
|
static inline unsigned long skb_get_nfct(const struct sk_buff *skb)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2019-09-13 11:13:14 +03:00
|
|
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
|
|
|
return skb->_nfct;
|
|
|
|
#else
|
|
|
|
return 0UL;
|
|
|
|
#endif
|
2005-04-17 02:20:36 +04:00
|
|
|
}
|
2019-09-13 11:13:14 +03:00
|
|
|
|
|
|
|
static inline void skb_set_nfct(struct sk_buff *skb, unsigned long nfct)
|
2005-04-17 02:20:36 +04:00
|
|
|
{
|
2019-09-13 11:13:14 +03:00
|
|
|
#if IS_ENABLED(CONFIG_NF_CONNTRACK)
|
2021-07-28 19:23:59 +03:00
|
|
|
skb->slow_gro |= !!nfct;
|
2019-09-13 11:13:14 +03:00
|
|
|
skb->_nfct = nfct;
|
2011-01-12 22:25:08 +03:00
|
|
|
#endif
|
2019-09-13 11:13:14 +03:00
|
|
|
}
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
|
|
|
|
#ifdef CONFIG_SKB_EXTENSIONS
|
|
|
|
enum skb_ext_id {
|
|
|
|
#if IS_ENABLED(CONFIG_BRIDGE_NETFILTER)
|
|
|
|
SKB_EXT_BRIDGE_NF,
|
2018-12-18 19:15:27 +03:00
|
|
|
#endif
|
|
|
|
#ifdef CONFIG_XFRM
|
|
|
|
SKB_EXT_SEC_PATH,
|
net: openvswitch: Set OvS recirc_id from tc chain index
Offloaded OvS datapath rules are translated one to one to tc rules,
for example the following simplified OvS rule:
recirc_id(0),in_port(dev1),eth_type(0x0800),ct_state(-trk) actions:ct(),recirc(2)
Will be translated to the following tc rule:
$ tc filter add dev dev1 ingress \
prio 1 chain 0 proto ip \
flower tcp ct_state -trk \
action ct pipe \
action goto chain 2
Received packets will first travel though tc, and if they aren't stolen
by it, like in the above rule, they will continue to OvS datapath.
Since we already did some actions (action ct in this case) which might
modify the packets, and updated action stats, we would like to continue
the proccessing with the correct recirc_id in OvS (here recirc_id(2))
where we left off.
To support this, introduce a new skb extension for tc, which
will be used for translating tc chain to ovs recirc_id to
handle these miss cases. Last tc chain index will be set
by tc goto chain action and read by OvS datapath.
Signed-off-by: Paul Blakey <paulb@mellanox.com>
Signed-off-by: Vlad Buslov <vladbu@mellanox.com>
Acked-by: Jiri Pirko <jiri@mellanox.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-09-04 16:56:37 +03:00
|
|
|
#endif
|
|
|
|
#if IS_ENABLED(CONFIG_NET_TC_SKB_EXT)
|
|
|
|
TC_SKB_EXT,
|
2020-01-09 18:59:19 +03:00
|
|
|
#endif
|
|
|
|
#if IS_ENABLED(CONFIG_MPTCP)
|
|
|
|
SKB_EXT_MPTCP,
|
2021-10-29 06:01:44 +03:00
|
|
|
#endif
|
|
|
|
#if IS_ENABLED(CONFIG_MCTP_FLOWS)
|
|
|
|
SKB_EXT_MCTP,
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
#endif
|
|
|
|
SKB_EXT_NUM, /* must be last */
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
* struct skb_ext - sk_buff extensions
|
|
|
|
* @refcnt: 1 on allocation, deallocated on 0
|
|
|
|
* @offset: offset to add to @data to obtain extension address
|
|
|
|
* @chunks: size currently allocated, stored in SKB_EXT_ALIGN_SHIFT units
|
|
|
|
* @data: start of extension data, variable sized
|
|
|
|
*
|
|
|
|
* Note: offsets/lengths are stored in chunks of 8 bytes, this allows
|
|
|
|
* to use 'u8' types while allowing up to 2kb worth of extension data.
|
|
|
|
*/
|
|
|
|
struct skb_ext {
|
|
|
|
refcount_t refcnt;
|
|
|
|
u8 offset[SKB_EXT_NUM]; /* in chunks of 8 bytes */
|
|
|
|
u8 chunks; /* same */
|
2020-03-24 03:22:24 +03:00
|
|
|
char data[] __aligned(8);
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
};
|
|
|
|
|
2020-05-16 11:46:23 +03:00
|
|
|
struct skb_ext *__skb_ext_alloc(gfp_t flags);
|
2020-01-09 18:59:24 +03:00
|
|
|
void *__skb_ext_set(struct sk_buff *skb, enum skb_ext_id id,
|
|
|
|
struct skb_ext *ext);
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
void *skb_ext_add(struct sk_buff *skb, enum skb_ext_id id);
|
|
|
|
void __skb_ext_del(struct sk_buff *skb, enum skb_ext_id id);
|
|
|
|
void __skb_ext_put(struct skb_ext *ext);
|
|
|
|
|
|
|
|
static inline void skb_ext_put(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (skb->active_extensions)
|
|
|
|
__skb_ext_put(skb->extensions);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void __skb_ext_copy(struct sk_buff *dst,
|
|
|
|
const struct sk_buff *src)
|
|
|
|
{
|
|
|
|
dst->active_extensions = src->active_extensions;
|
|
|
|
|
|
|
|
if (src->active_extensions) {
|
|
|
|
struct skb_ext *ext = src->extensions;
|
|
|
|
|
|
|
|
refcount_inc(&ext->refcnt);
|
|
|
|
dst->extensions = ext;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_ext_copy(struct sk_buff *dst, const struct sk_buff *src)
|
|
|
|
{
|
|
|
|
skb_ext_put(dst);
|
|
|
|
__skb_ext_copy(dst, src);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool __skb_ext_exist(const struct skb_ext *ext, enum skb_ext_id i)
|
|
|
|
{
|
|
|
|
return !!ext->offset[i];
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_ext_exist(const struct sk_buff *skb, enum skb_ext_id id)
|
|
|
|
{
|
|
|
|
return skb->active_extensions & (1 << id);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_ext_del(struct sk_buff *skb, enum skb_ext_id id)
|
|
|
|
{
|
|
|
|
if (skb_ext_exist(skb, id))
|
|
|
|
__skb_ext_del(skb, id);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void *skb_ext_find(const struct sk_buff *skb, enum skb_ext_id id)
|
|
|
|
{
|
|
|
|
if (skb_ext_exist(skb, id)) {
|
|
|
|
struct skb_ext *ext = skb->extensions;
|
|
|
|
|
|
|
|
return (void *)ext + (ext->offset[id] << 3);
|
|
|
|
}
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
}
|
2019-09-26 21:37:05 +03:00
|
|
|
|
|
|
|
static inline void skb_ext_reset(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
if (unlikely(skb->active_extensions)) {
|
|
|
|
__skb_ext_put(skb->extensions);
|
|
|
|
skb->active_extensions = 0;
|
|
|
|
}
|
|
|
|
}
|
2019-11-21 08:56:23 +03:00
|
|
|
|
|
|
|
static inline bool skb_has_extensions(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return unlikely(skb->active_extensions);
|
|
|
|
}
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
#else
|
|
|
|
static inline void skb_ext_put(struct sk_buff *skb) {}
|
2019-09-26 21:37:05 +03:00
|
|
|
static inline void skb_ext_reset(struct sk_buff *skb) {}
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
static inline void skb_ext_del(struct sk_buff *skb, int unused) {}
|
|
|
|
static inline void __skb_ext_copy(struct sk_buff *d, const struct sk_buff *s) {}
|
|
|
|
static inline void skb_ext_copy(struct sk_buff *dst, const struct sk_buff *s) {}
|
2019-11-21 08:56:23 +03:00
|
|
|
static inline bool skb_has_extensions(struct sk_buff *skb) { return false; }
|
sk_buff: add skb extension infrastructure
This adds an optional extension infrastructure, with ispec (xfrm) and
bridge netfilter as first users.
objdiff shows no changes if kernel is built without xfrm and br_netfilter
support.
The third (planned future) user is Multipath TCP which is still
out-of-tree.
MPTCP needs to map logical mptcp sequence numbers to the tcp sequence
numbers used by individual subflows.
This DSS mapping is read/written from tcp option space on receive and
written to tcp option space on transmitted tcp packets that are part of
and MPTCP connection.
Extending skb_shared_info or adding a private data field to skb fclones
doesn't work for incoming skb, so a different DSS propagation method would
be required for the receive side.
mptcp has same requirements as secpath/bridge netfilter:
1. extension memory is released when the sk_buff is free'd.
2. data is shared after cloning an skb (clone inherits extension)
3. adding extension to an skb will COW the extension buffer if needed.
The "MPTCP upstreaming" effort adds SKB_EXT_MPTCP extension to store the
mapping for tx and rx processing.
Two new members are added to sk_buff:
1. 'active_extensions' byte (filling a hole), telling which extensions
are available for this skb.
This has two purposes.
a) avoids the need to initialize the pointer.
b) allows to "delete" an extension by clearing its bit
value in ->active_extensions.
While it would be possible to store the active_extensions byte
in the extension struct instead of sk_buff, there is one problem
with this:
When an extension has to be disabled, we can always clear the
bit in skb->active_extensions. But in case it would be stored in the
extension buffer itself, we might have to COW it first, if
we are dealing with a cloned skb. On kmalloc failure we would
be unable to turn an extension off.
2. extension pointer, located at the end of the sk_buff.
If the active_extensions byte is 0, the pointer is undefined,
it is not initialized on skb allocation.
This adds extra code to skb clone and free paths (to deal with
refcount/free of extension area) but this replaces similar code that
manages skb->nf_bridge and skb->sp structs in the followup patches of
the series.
It is possible to add support for extensions that are not preseved on
clones/copies.
To do this, it would be needed to define a bitmask of all extensions that
need copy/cow semantics, and change __skb_ext_copy() to check
->active_extensions & SKB_EXT_PRESERVE_ON_CLONE, then just set
->active_extensions to 0 on the new clone.
This isn't done here because all extensions that get added here
need the copy/cow semantics.
v2:
Allocate entire extension space using kmem_cache.
Upside is that this allows better tracking of used memory,
downside is that we will allocate more space than strictly needed in
most cases (its unlikely that all extensions are active/needed at same
time for same skb).
The allocated memory (except the small extension header) is not cleared,
so no additonal overhead aside from memory usage.
Avoid atomic_dec_and_test operation on skb_ext_put()
by using similar trick as kfree_skbmem() does with fclone_ref:
If recount is 1, there is no concurrent user and we can free right away.
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 19:15:16 +03:00
|
|
|
#endif /* CONFIG_SKB_EXTENSIONS */
|
|
|
|
|
2019-09-29 21:54:03 +03:00
|
|
|
static inline void nf_reset_ct(struct sk_buff *skb)
|
2006-03-21 06:23:05 +03:00
|
|
|
{
|
2007-03-23 21:17:07 +03:00
|
|
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
2017-01-23 20:21:59 +03:00
|
|
|
nf_conntrack_put(skb_nfct(skb));
|
|
|
|
skb->_nfct = 0;
|
2011-01-12 22:25:08 +03:00
|
|
|
#endif
|
2006-03-21 06:23:05 +03:00
|
|
|
}
|
|
|
|
|
2013-04-05 22:42:05 +04:00
|
|
|
static inline void nf_reset_trace(struct sk_buff *skb)
|
|
|
|
{
|
2014-02-16 02:48:45 +04:00
|
|
|
#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE) || defined(CONFIG_NF_TABLES)
|
2013-03-21 23:48:41 +04:00
|
|
|
skb->nf_trace = 0;
|
|
|
|
#endif
|
2006-03-21 06:23:05 +03:00
|
|
|
}
|
|
|
|
|
2017-10-26 11:57:05 +03:00
|
|
|
static inline void ipvs_reset(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
#if IS_ENABLED(CONFIG_IP_VS)
|
|
|
|
skb->ipvs_property = 0;
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2018-12-18 19:15:17 +03:00
|
|
|
/* Note: This doesn't put any conntrack info in dst. */
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
static inline void __nf_copy(struct sk_buff *dst, const struct sk_buff *src,
|
|
|
|
bool copy)
|
2007-03-15 02:43:37 +03:00
|
|
|
{
|
2007-03-23 21:17:07 +03:00
|
|
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
2017-01-23 20:21:59 +03:00
|
|
|
dst->_nfct = src->_nfct;
|
|
|
|
nf_conntrack_get(skb_nfct(src));
|
2011-01-12 22:25:08 +03:00
|
|
|
#endif
|
2014-02-16 02:48:45 +04:00
|
|
|
#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE) || defined(CONFIG_NF_TABLES)
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
if (copy)
|
|
|
|
dst->nf_trace = src->nf_trace;
|
2014-02-16 02:48:45 +04:00
|
|
|
#endif
|
2007-03-15 02:43:37 +03:00
|
|
|
}
|
|
|
|
|
2007-03-15 02:44:01 +03:00
|
|
|
static inline void nf_copy(struct sk_buff *dst, const struct sk_buff *src)
|
|
|
|
{
|
|
|
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
2017-01-23 20:21:59 +03:00
|
|
|
nf_conntrack_put(skb_nfct(dst));
|
2007-03-15 02:44:01 +03:00
|
|
|
#endif
|
2021-07-28 19:23:59 +03:00
|
|
|
dst->slow_gro = src->slow_gro;
|
net: reorganize sk_buff for faster __copy_skb_header()
With proliferation of bit fields in sk_buff, __copy_skb_header() became
quite expensive, showing as the most expensive function in a GSO
workload.
__copy_skb_header() performance is also critical for non GSO TCP
operations, as it is used from skb_clone()
This patch carefully moves all the fields that were not copied in a
separate zone : cloned, nohdr, fclone, peeked, head_frag, xmit_more
Then I moved all other fields and all other copied fields in a section
delimited by headers_start[0]/headers_end[0] section so that we
can use a single memcpy() call, inlined by compiler using long
word load/stores.
I also tried to make all copies in the natural orders of sk_buff,
to help hardware prefetching.
I made sure sk_buff size did not change.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-09-29 09:18:47 +04:00
|
|
|
__nf_copy(dst, src, true);
|
2007-03-15 02:44:01 +03:00
|
|
|
}
|
|
|
|
|
2006-06-09 11:29:17 +04:00
|
|
|
#ifdef CONFIG_NETWORK_SECMARK
|
|
|
|
static inline void skb_copy_secmark(struct sk_buff *to, const struct sk_buff *from)
|
|
|
|
{
|
|
|
|
to->secmark = from->secmark;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_init_secmark(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->secmark = 0;
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
static inline void skb_copy_secmark(struct sk_buff *to, const struct sk_buff *from)
|
|
|
|
{ }
|
|
|
|
|
|
|
|
static inline void skb_init_secmark(struct sk_buff *skb)
|
|
|
|
{ }
|
|
|
|
#endif
|
|
|
|
|
2018-12-18 19:15:19 +03:00
|
|
|
static inline int secpath_exists(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
#ifdef CONFIG_XFRM
|
2018-12-18 19:15:27 +03:00
|
|
|
return skb_ext_exist(skb, SKB_EXT_SEC_PATH);
|
2018-12-18 19:15:19 +03:00
|
|
|
#else
|
|
|
|
return 0;
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
2014-04-01 23:20:24 +04:00
|
|
|
static inline bool skb_irq_freeable(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return !skb->destructor &&
|
2018-12-18 19:15:19 +03:00
|
|
|
!secpath_exists(skb) &&
|
2017-01-23 20:21:56 +03:00
|
|
|
!skb_nfct(skb) &&
|
2014-04-01 23:20:24 +04:00
|
|
|
!skb->_skb_refdst &&
|
|
|
|
!skb_has_frag_list(skb);
|
|
|
|
}
|
|
|
|
|
2007-07-07 00:36:20 +04:00
|
|
|
static inline void skb_set_queue_mapping(struct sk_buff *skb, u16 queue_mapping)
|
|
|
|
{
|
|
|
|
skb->queue_mapping = queue_mapping;
|
|
|
|
}
|
|
|
|
|
2009-03-21 23:39:26 +03:00
|
|
|
static inline u16 skb_get_queue_mapping(const struct sk_buff *skb)
|
2007-10-22 04:01:29 +04:00
|
|
|
{
|
|
|
|
return skb->queue_mapping;
|
|
|
|
}
|
|
|
|
|
2007-07-07 00:36:20 +04:00
|
|
|
static inline void skb_copy_queue_mapping(struct sk_buff *to, const struct sk_buff *from)
|
|
|
|
{
|
|
|
|
to->queue_mapping = from->queue_mapping;
|
|
|
|
}
|
|
|
|
|
2009-01-28 03:22:11 +03:00
|
|
|
static inline void skb_record_rx_queue(struct sk_buff *skb, u16 rx_queue)
|
|
|
|
{
|
|
|
|
skb->queue_mapping = rx_queue + 1;
|
|
|
|
}
|
|
|
|
|
2009-03-21 23:39:26 +03:00
|
|
|
static inline u16 skb_get_rx_queue(const struct sk_buff *skb)
|
2009-01-28 03:22:11 +03:00
|
|
|
{
|
|
|
|
return skb->queue_mapping - 1;
|
|
|
|
}
|
|
|
|
|
2009-03-21 23:39:26 +03:00
|
|
|
static inline bool skb_rx_queue_recorded(const struct sk_buff *skb)
|
2009-01-28 03:22:11 +03:00
|
|
|
{
|
2010-09-23 00:43:57 +04:00
|
|
|
return skb->queue_mapping != 0;
|
2009-01-28 03:22:11 +03:00
|
|
|
}
|
|
|
|
|
2017-02-07 00:14:12 +03:00
|
|
|
static inline void skb_set_dst_pending_confirm(struct sk_buff *skb, u32 val)
|
|
|
|
{
|
|
|
|
skb->dst_pending_confirm = val;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline bool skb_get_dst_pending_confirm(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->dst_pending_confirm != 0;
|
|
|
|
}
|
|
|
|
|
2018-12-18 19:15:20 +03:00
|
|
|
static inline struct sec_path *skb_sec_path(const struct sk_buff *skb)
|
2008-10-28 23:24:06 +03:00
|
|
|
{
|
2013-10-02 05:58:32 +04:00
|
|
|
#ifdef CONFIG_XFRM
|
2018-12-18 19:15:27 +03:00
|
|
|
return skb_ext_find(skb, SKB_EXT_SEC_PATH);
|
2008-10-28 23:24:06 +03:00
|
|
|
#else
|
|
|
|
return NULL;
|
|
|
|
#endif
|
2013-10-02 05:58:32 +04:00
|
|
|
}
|
2008-10-28 23:24:06 +03:00
|
|
|
|
2013-02-14 18:02:41 +04:00
|
|
|
/* Keeps track of mac header offset relative to skb->head.
|
|
|
|
* It is useful for TSO of Tunneling protocol. e.g. GRE.
|
|
|
|
* For non-tunnel skb it points to skb_mac_header() and for
|
2013-10-19 22:42:56 +04:00
|
|
|
* tunnel skb it points to outer mac header.
|
|
|
|
* Keeps track of level of encapsulation of network headers.
|
|
|
|
*/
|
2013-02-14 18:02:41 +04:00
|
|
|
struct skb_gso_cb {
|
2016-04-11 04:45:03 +03:00
|
|
|
union {
|
|
|
|
int mac_offset;
|
|
|
|
int data_offset;
|
|
|
|
};
|
2013-10-19 22:42:56 +04:00
|
|
|
int encap_level;
|
2016-02-06 02:27:37 +03:00
|
|
|
__wsum csum;
|
2014-06-05 04:20:02 +04:00
|
|
|
__u16 csum_start;
|
2013-02-14 18:02:41 +04:00
|
|
|
};
|
2020-03-26 10:33:14 +03:00
|
|
|
#define SKB_GSO_CB_OFFSET 32
|
|
|
|
#define SKB_GSO_CB(skb) ((struct skb_gso_cb *)((skb)->cb + SKB_GSO_CB_OFFSET))
|
2013-02-14 18:02:41 +04:00
|
|
|
|
|
|
|
static inline int skb_tnl_header_len(const struct sk_buff *inner_skb)
|
|
|
|
{
|
|
|
|
return (skb_mac_header(inner_skb) - inner_skb->head) -
|
|
|
|
SKB_GSO_CB(inner_skb)->mac_offset;
|
|
|
|
}
|
|
|
|
|
2013-05-30 10:45:27 +04:00
|
|
|
static inline int gso_pskb_expand_head(struct sk_buff *skb, int extra)
|
|
|
|
{
|
|
|
|
int new_headroom, headroom;
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
headroom = skb_headroom(skb);
|
|
|
|
ret = pskb_expand_head(skb, extra, 0, GFP_ATOMIC);
|
|
|
|
if (ret)
|
|
|
|
return ret;
|
|
|
|
|
|
|
|
new_headroom = skb_headroom(skb);
|
|
|
|
SKB_GSO_CB(skb)->mac_offset += (new_headroom - headroom);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2016-02-06 02:27:49 +03:00
|
|
|
static inline void gso_reset_checksum(struct sk_buff *skb, __wsum res)
|
|
|
|
{
|
|
|
|
/* Do not update partial checksums if remote checksum is enabled. */
|
|
|
|
if (skb->remcsum_offload)
|
|
|
|
return;
|
|
|
|
|
|
|
|
SKB_GSO_CB(skb)->csum = res;
|
|
|
|
SKB_GSO_CB(skb)->csum_start = skb_checksum_start(skb) - skb->head;
|
|
|
|
}
|
|
|
|
|
2014-06-05 04:20:02 +04:00
|
|
|
/* Compute the checksum for a gso segment. First compute the checksum value
|
|
|
|
* from the start of transport header to SKB_GSO_CB(skb)->csum_start, and
|
|
|
|
* then add in skb->csum (checksum from csum_start to end of packet).
|
|
|
|
* skb->csum and csum_start are then updated to reflect the checksum of the
|
|
|
|
* resultant packet starting from the transport header-- the resultant checksum
|
|
|
|
* is in the res argument (i.e. normally zero or ~ of checksum of a pseudo
|
|
|
|
* header.
|
|
|
|
*/
|
|
|
|
static inline __sum16 gso_make_checksum(struct sk_buff *skb, __wsum res)
|
|
|
|
{
|
2016-02-06 02:27:37 +03:00
|
|
|
unsigned char *csum_start = skb_transport_header(skb);
|
|
|
|
int plen = (skb->head + SKB_GSO_CB(skb)->csum_start) - csum_start;
|
|
|
|
__wsum partial = SKB_GSO_CB(skb)->csum;
|
2014-06-05 04:20:02 +04:00
|
|
|
|
2016-02-06 02:27:37 +03:00
|
|
|
SKB_GSO_CB(skb)->csum = res;
|
|
|
|
SKB_GSO_CB(skb)->csum_start = csum_start - skb->head;
|
2014-06-05 04:20:02 +04:00
|
|
|
|
2016-02-06 02:27:37 +03:00
|
|
|
return csum_fold(csum_partial(csum_start, plen, partial));
|
2014-06-05 04:20:02 +04:00
|
|
|
}
|
|
|
|
|
2012-03-08 05:53:36 +04:00
|
|
|
static inline bool skb_is_gso(const struct sk_buff *skb)
|
2006-07-09 00:34:32 +04:00
|
|
|
{
|
|
|
|
return skb_shinfo(skb)->gso_size;
|
|
|
|
}
|
|
|
|
|
2013-09-29 12:21:32 +04:00
|
|
|
/* Note: Should be called only if skb_is_gso(skb) is true */
|
2012-03-08 05:53:36 +04:00
|
|
|
static inline bool skb_is_gso_v6(const struct sk_buff *skb)
|
2007-10-13 14:33:32 +04:00
|
|
|
{
|
|
|
|
return skb_shinfo(skb)->gso_type & SKB_GSO_TCPV6;
|
|
|
|
}
|
|
|
|
|
2018-03-03 05:03:46 +03:00
|
|
|
/* Note: Should be called only if skb_is_gso(skb) is true */
|
|
|
|
static inline bool skb_is_gso_sctp(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb_shinfo(skb)->gso_type & SKB_GSO_SCTP;
|
|
|
|
}
|
|
|
|
|
2019-03-06 22:35:15 +03:00
|
|
|
/* Note: Should be called only if skb_is_gso(skb) is true */
|
2019-02-07 22:54:16 +03:00
|
|
|
static inline bool skb_is_gso_tcp(const struct sk_buff *skb)
|
|
|
|
{
|
2019-03-06 22:35:15 +03:00
|
|
|
return skb_shinfo(skb)->gso_type & (SKB_GSO_TCPV4 | SKB_GSO_TCPV6);
|
2019-02-07 22:54:16 +03:00
|
|
|
}
|
|
|
|
|
2016-08-18 02:00:39 +03:00
|
|
|
static inline void skb_gso_reset(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb_shinfo(skb)->gso_size = 0;
|
|
|
|
skb_shinfo(skb)->gso_segs = 0;
|
|
|
|
skb_shinfo(skb)->gso_type = 0;
|
|
|
|
}
|
|
|
|
|
2018-03-03 05:03:46 +03:00
|
|
|
static inline void skb_increase_gso_size(struct skb_shared_info *shinfo,
|
|
|
|
u16 increment)
|
|
|
|
{
|
|
|
|
if (WARN_ON_ONCE(shinfo->gso_size == GSO_BY_FRAGS))
|
|
|
|
return;
|
|
|
|
shinfo->gso_size += increment;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_decrease_gso_size(struct skb_shared_info *shinfo,
|
|
|
|
u16 decrement)
|
|
|
|
{
|
|
|
|
if (WARN_ON_ONCE(shinfo->gso_size == GSO_BY_FRAGS))
|
|
|
|
return;
|
|
|
|
shinfo->gso_size -= decrement;
|
|
|
|
}
|
|
|
|
|
2013-09-27 01:48:15 +04:00
|
|
|
void __skb_warn_lro_forwarding(const struct sk_buff *skb);
|
2008-06-20 03:22:28 +04:00
|
|
|
|
|
|
|
static inline bool skb_warn_if_lro(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
/* LRO sets gso_size but not gso_type, whereas if GSO is really
|
|
|
|
* wanted then gso_type will be set. */
|
2011-10-21 01:45:43 +04:00
|
|
|
const struct skb_shared_info *shinfo = skb_shinfo(skb);
|
|
|
|
|
2010-06-02 16:24:37 +04:00
|
|
|
if (skb_is_nonlinear(skb) && shinfo->gso_size != 0 &&
|
|
|
|
unlikely(shinfo->gso_type == 0)) {
|
2008-06-20 03:22:28 +04:00
|
|
|
__skb_warn_lro_forwarding(skb);
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2007-03-27 10:22:20 +04:00
|
|
|
static inline void skb_forward_csum(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
/* Unfortunately we don't support this one. Any brave souls? */
|
|
|
|
if (skb->ip_summed == CHECKSUM_COMPLETE)
|
|
|
|
skb->ip_summed = CHECKSUM_NONE;
|
|
|
|
}
|
|
|
|
|
2010-09-03 00:07:41 +04:00
|
|
|
/**
|
|
|
|
* skb_checksum_none_assert - make sure skb ip_summed is CHECKSUM_NONE
|
|
|
|
* @skb: skb to check
|
|
|
|
*
|
|
|
|
* fresh skbs have their ip_summed set to CHECKSUM_NONE.
|
|
|
|
* Instead of forcing ip_summed to CHECKSUM_NONE, we can
|
|
|
|
* use this helper, to document places where we make this assertion.
|
|
|
|
*/
|
2011-10-21 01:45:43 +04:00
|
|
|
static inline void skb_checksum_none_assert(const struct sk_buff *skb)
|
2010-09-03 00:07:41 +04:00
|
|
|
{
|
2022-05-11 20:23:05 +03:00
|
|
|
DEBUG_NET_WARN_ON_ONCE(skb->ip_summed != CHECKSUM_NONE);
|
2010-09-03 00:07:41 +04:00
|
|
|
}
|
|
|
|
|
2008-02-05 07:49:54 +03:00
|
|
|
bool skb_partial_csum_set(struct sk_buff *skb, u16 start, u16 off);
|
2011-07-06 16:22:12 +04:00
|
|
|
|
2014-01-09 14:02:46 +04:00
|
|
|
int skb_checksum_setup(struct sk_buff *skb, bool recalculate);
|
2015-05-02 15:01:07 +03:00
|
|
|
struct sk_buff *skb_checksum_trimmed(struct sk_buff *skb,
|
|
|
|
unsigned int transport_len,
|
|
|
|
__sum16(*skb_chkf)(struct sk_buff *skb));
|
2014-01-09 14:02:46 +04:00
|
|
|
|
2012-05-03 05:09:42 +04:00
|
|
|
/**
|
|
|
|
* skb_head_is_locked - Determine if the skb->head is locked down
|
|
|
|
* @skb: skb to check
|
|
|
|
*
|
|
|
|
* The head on skbs build around a head frag can be removed if they are
|
|
|
|
* not cloned. This function returns true if the skb head is locked down
|
|
|
|
* due to either being allocated via kmalloc, or by being a clone with
|
|
|
|
* multiple references to the head.
|
|
|
|
*/
|
|
|
|
static inline bool skb_head_is_locked(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return !skb->head_frag || skb_cloned(skb);
|
|
|
|
}
|
net: ip, ipv6: handle gso skbs in forwarding path
Marcelo Ricardo Leitner reported problems when the forwarding link path
has a lower mtu than the incoming one if the inbound interface supports GRO.
Given:
Host <mtu1500> R1 <mtu1200> R2
Host sends tcp stream which is routed via R1 and R2. R1 performs GRO.
In this case, the kernel will fail to send ICMP fragmentation needed
messages (or pkt too big for ipv6), as GSO packets currently bypass dstmtu
checks in forward path. Instead, Linux tries to send out packets exceeding
the mtu.
When locking route MTU on Host (i.e., no ipv4 DF bit set), R1 does
not fragment the packets when forwarding, and again tries to send out
packets exceeding R1-R2 link mtu.
This alters the forwarding dstmtu checks to take the individual gso
segment lengths into account.
For ipv6, we send out pkt too big error for gso if the individual
segments are too big.
For ipv4, we either send icmp fragmentation needed, or, if the DF bit
is not set, perform software segmentation and let the output path
create fragments when the packet is leaving the machine.
It is not 100% correct as the error message will contain the headers of
the GRO skb instead of the original/segmented one, but it seems to
work fine in my (limited) tests.
Eric Dumazet suggested to simply shrink mss via ->gso_size to avoid
sofware segmentation.
However it turns out that skb_segment() assumes skb nr_frags is related
to mss size so we would BUG there. I don't want to mess with it considering
Herbert and Eric disagree on what the correct behavior should be.
Hannes Frederic Sowa notes that when we would shrink gso_size
skb_segment would then also need to deal with the case where
SKB_MAX_FRAGS would be exceeded.
This uses sofware segmentation in the forward path when we hit ipv4
non-DF packets and the outgoing link mtu is too small. Its not perfect,
but given the lack of bug reports wrt. GRO fwd being broken this is a
rare case anyway. Also its not like this could not be improved later
once the dust settles.
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Reported-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 02:09:12 +04:00
|
|
|
|
2016-02-11 23:48:04 +03:00
|
|
|
/* Local Checksum Offload.
|
|
|
|
* Compute outer checksum based on the assumption that the
|
|
|
|
* inner checksum will be offloaded later.
|
2019-01-06 02:29:15 +03:00
|
|
|
* See Documentation/networking/checksum-offloads.rst for
|
2016-02-12 00:03:37 +03:00
|
|
|
* explanation of how this works.
|
2016-02-11 23:48:04 +03:00
|
|
|
* Fill in outer checksum adjustment (e.g. with sum of outer
|
|
|
|
* pseudo-header) before calling.
|
|
|
|
* Also ensure that inner checksum is in linear data area.
|
|
|
|
*/
|
|
|
|
static inline __wsum lco_csum(struct sk_buff *skb)
|
|
|
|
{
|
2016-02-17 22:23:55 +03:00
|
|
|
unsigned char *csum_start = skb_checksum_start(skb);
|
|
|
|
unsigned char *l4_hdr = skb_transport_header(skb);
|
|
|
|
__wsum partial;
|
2016-02-11 23:48:04 +03:00
|
|
|
|
|
|
|
/* Start with complement of inner checksum adjustment */
|
2016-02-17 22:23:55 +03:00
|
|
|
partial = ~csum_unfold(*(__force __sum16 *)(csum_start +
|
|
|
|
skb->csum_offset));
|
|
|
|
|
2016-02-11 23:48:04 +03:00
|
|
|
/* Add in checksum of our headers (incl. outer checksum
|
2016-02-17 22:23:55 +03:00
|
|
|
* adjustment filled in by caller) and return result.
|
2016-02-11 23:48:04 +03:00
|
|
|
*/
|
2016-02-17 22:23:55 +03:00
|
|
|
return csum_partial(l4_hdr, csum_start - l4_hdr, partial);
|
2016-02-11 23:48:04 +03:00
|
|
|
}
|
|
|
|
|
2020-03-25 15:47:18 +03:00
|
|
|
static inline bool skb_is_redirected(const struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->redirected;
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_set_redirected(struct sk_buff *skb, bool from_ingress)
|
|
|
|
{
|
|
|
|
skb->redirected = 1;
|
2021-07-02 14:18:23 +03:00
|
|
|
#ifdef CONFIG_NET_REDIRECT
|
2020-03-25 15:47:18 +03:00
|
|
|
skb->from_ingress = from_ingress;
|
|
|
|
if (skb->from_ingress)
|
2022-03-02 22:55:31 +03:00
|
|
|
skb_clear_tstamp(skb);
|
2020-03-25 15:47:18 +03:00
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void skb_reset_redirect(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
skb->redirected = 0;
|
|
|
|
}
|
|
|
|
|
2021-01-16 09:13:37 +03:00
|
|
|
static inline bool skb_csum_is_sctp(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
return skb->csum_not_inet;
|
|
|
|
}
|
|
|
|
|
2020-10-29 20:36:19 +03:00
|
|
|
static inline void skb_set_kcov_handle(struct sk_buff *skb,
|
|
|
|
const u64 kcov_handle)
|
|
|
|
{
|
2020-11-26 01:48:40 +03:00
|
|
|
#ifdef CONFIG_KCOV
|
|
|
|
skb->kcov_handle = kcov_handle;
|
|
|
|
#endif
|
2020-10-29 20:36:19 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline u64 skb_get_kcov_handle(struct sk_buff *skb)
|
|
|
|
{
|
2020-11-26 01:48:40 +03:00
|
|
|
#ifdef CONFIG_KCOV
|
|
|
|
return skb->kcov_handle;
|
2020-10-29 20:36:19 +03:00
|
|
|
#else
|
2020-11-26 01:48:40 +03:00
|
|
|
return 0;
|
|
|
|
#endif
|
|
|
|
}
|
2020-10-29 20:36:19 +03:00
|
|
|
|
2021-06-07 22:02:38 +03:00
|
|
|
#ifdef CONFIG_PAGE_POOL
|
2021-08-06 05:46:19 +03:00
|
|
|
static inline void skb_mark_for_recycle(struct sk_buff *skb)
|
2021-06-07 22:02:38 +03:00
|
|
|
{
|
|
|
|
skb->pp_recycle = 1;
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
static inline bool skb_pp_recycle(struct sk_buff *skb, void *data)
|
|
|
|
{
|
|
|
|
if (!IS_ENABLED(CONFIG_PAGE_POOL) || !skb->pp_recycle)
|
|
|
|
return false;
|
|
|
|
return page_pool_return_skb_page(virt_to_page(data));
|
|
|
|
}
|
|
|
|
|
2005-04-17 02:20:36 +04:00
|
|
|
#endif /* __KERNEL__ */
|
|
|
|
#endif /* _LINUX_SKBUFF_H */
|