Skip to content

Commit 5caaed1

Browse files
Florian Westphalummakynes
authored andcommitted
netfilter: conntrack: don't cache nlattr_tuple_size result in nla_size
We currently call ->nlattr_tuple_size() once at register time and cache result in l4proto->nla_size. nla_size is the only member that is written to, avoiding this would allow to make l4proto trackers const. We can use ->nlattr_tuple_size() at run time, and cache result in the individual trackers instead. This is an intermediate step, next patch removes nlattr_size() callback and computes size at compile time, then removes nla_size. Signed-off-by: Florian Westphal <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
1 parent 7f4dae2 commit 5caaed1

File tree

7 files changed

+37
-15
lines changed

7 files changed

+37
-15
lines changed

include/net/netfilter/nf_conntrack_l4proto.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ struct nf_conntrack_l4proto {
7474
int (*tuple_to_nlattr)(struct sk_buff *skb,
7575
const struct nf_conntrack_tuple *t);
7676
/* Calculate tuple nlattr size */
77-
int (*nlattr_tuple_size)(void);
77+
unsigned int (*nlattr_tuple_size)(void);
7878
int (*nlattr_to_tuple)(struct nlattr *tb[],
7979
struct nf_conntrack_tuple *t);
8080
const struct nla_policy *nla_policy;
@@ -144,7 +144,7 @@ int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb,
144144
const struct nf_conntrack_tuple *tuple);
145145
int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
146146
struct nf_conntrack_tuple *t);
147-
int nf_ct_port_nlattr_tuple_size(void);
147+
unsigned int nf_ct_port_nlattr_tuple_size(void);
148148
extern const struct nla_policy nf_ct_port_nla_policy[];
149149

150150
#ifdef CONFIG_SYSCTL

net/ipv4/netfilter/nf_conntrack_proto_icmp.c

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -258,9 +258,14 @@ static int icmp_nlattr_to_tuple(struct nlattr *tb[],
258258
return 0;
259259
}
260260

261-
static int icmp_nlattr_tuple_size(void)
261+
static unsigned int icmp_nlattr_tuple_size(void)
262262
{
263-
return nla_policy_len(icmp_nla_policy, CTA_PROTO_MAX + 1);
263+
static unsigned int size __read_mostly;
264+
265+
if (!size)
266+
size = nla_policy_len(icmp_nla_policy, CTA_PROTO_MAX + 1);
267+
268+
return size;
264269
}
265270
#endif
266271

net/ipv6/netfilter/nf_conntrack_proto_icmpv6.c

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -259,9 +259,14 @@ static int icmpv6_nlattr_to_tuple(struct nlattr *tb[],
259259
return 0;
260260
}
261261

262-
static int icmpv6_nlattr_tuple_size(void)
262+
static unsigned int icmpv6_nlattr_tuple_size(void)
263263
{
264-
return nla_policy_len(icmpv6_nla_policy, CTA_PROTO_MAX + 1);
264+
static unsigned int size __read_mostly;
265+
266+
if (!size)
267+
size = nla_policy_len(icmpv6_nla_policy, CTA_PROTO_MAX + 1);
268+
269+
return size;
265270
}
266271
#endif
267272

net/netfilter/nf_conntrack_core.c

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1563,9 +1563,14 @@ int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
15631563
}
15641564
EXPORT_SYMBOL_GPL(nf_ct_port_nlattr_to_tuple);
15651565

1566-
int nf_ct_port_nlattr_tuple_size(void)
1566+
unsigned int nf_ct_port_nlattr_tuple_size(void)
15671567
{
1568-
return nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
1568+
static unsigned int size __read_mostly;
1569+
1570+
if (!size)
1571+
size = nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
1572+
1573+
return size;
15691574
}
15701575
EXPORT_SYMBOL_GPL(nf_ct_port_nlattr_tuple_size);
15711576
#endif

net/netfilter/nf_conntrack_netlink.c

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -533,20 +533,24 @@ ctnetlink_fill_info(struct sk_buff *skb, u32 portid, u32 seq, u32 type,
533533
return -1;
534534
}
535535

536-
static inline size_t ctnetlink_proto_size(const struct nf_conn *ct)
536+
static size_t ctnetlink_proto_size(const struct nf_conn *ct)
537537
{
538538
const struct nf_conntrack_l3proto *l3proto;
539539
const struct nf_conntrack_l4proto *l4proto;
540-
size_t len;
540+
size_t len, len4 = 0;
541541

542542
l3proto = __nf_ct_l3proto_find(nf_ct_l3num(ct));
543543
len = l3proto->nla_size;
544544
len *= 3u; /* ORIG, REPLY, MASTER */
545545

546546
l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct));
547547
len += l4proto->nla_size;
548+
if (l4proto->nlattr_tuple_size) {
549+
len4 = l4proto->nlattr_tuple_size();
550+
len4 *= 3u; /* ORIG, REPLY, MASTER */
551+
}
548552

549-
return len;
553+
return len + len4;
550554
}
551555

552556
static inline size_t ctnetlink_acct_size(const struct nf_conn *ct)

net/netfilter/nf_conntrack_proto.c

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -398,8 +398,6 @@ int nf_ct_l4proto_register_one(struct nf_conntrack_l4proto *l4proto)
398398
l4proto->nla_size = 0;
399399
if (l4proto->nlattr_size)
400400
l4proto->nla_size += l4proto->nlattr_size();
401-
if (l4proto->nlattr_tuple_size)
402-
l4proto->nla_size += 3 * l4proto->nlattr_tuple_size();
403401

404402
rcu_assign_pointer(nf_ct_protos[l4proto->l3proto][l4proto->l4proto],
405403
l4proto);

net/netfilter/nf_conntrack_proto_tcp.c

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1277,9 +1277,14 @@ static int tcp_nlattr_size(void)
12771277
+ nla_policy_len(tcp_nla_policy, CTA_PROTOINFO_TCP_MAX + 1);
12781278
}
12791279

1280-
static int tcp_nlattr_tuple_size(void)
1280+
static unsigned int tcp_nlattr_tuple_size(void)
12811281
{
1282-
return nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
1282+
static unsigned int size __read_mostly;
1283+
1284+
if (!size)
1285+
size = nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
1286+
1287+
return size;
12831288
}
12841289
#endif
12851290

0 commit comments

Comments
 (0)