Skip to content

Commit f12064d

Browse files
Florian Westphalummakynes
Florian Westphal
authored and
ummakynes
committed
bridge: reduce size of input cb to 16 bytes
Reduce size of br_input_skb_cb from 24 to 16 bytes by using bitfield for those values that can only be 0 or 1. igmp is the igmp type value, so it needs to be at least u8. Furthermore, the bridge currently relies on step-by-step initialization of br_input_skb_cb fields as the skb passes through the stack. Explicitly zero out the bridge input cb instead, this avoids having to review/validate that no BR_INPUT_SKB_CB(skb)->foo test can see a 'random' value from previous protocol cb. AFAICS all current fields are always set up before they are read again, so this is not a bug fix. Signed-off-by: Florian Westphal <[email protected]> Acked-by: David S. Miller <[email protected]> Acked-by: Nikolay Aleksandrov <[email protected]> Signed-off-by: Pablo Neira Ayuso <[email protected]>
1 parent 26f7fe4 commit f12064d

File tree

3 files changed

+16
-16
lines changed

3 files changed

+16
-16
lines changed

net/bridge/br_arp_nd_proxy.c

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -131,7 +131,7 @@ void br_do_proxy_suppress_arp(struct sk_buff *skb, struct net_bridge *br,
131131
u8 *arpptr, *sha;
132132
__be32 sip, tip;
133133

134-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = false;
134+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 0;
135135

136136
if ((dev->flags & IFF_NOARP) ||
137137
!pskb_may_pull(skb, arp_hdr_len(dev)))
@@ -161,7 +161,7 @@ void br_do_proxy_suppress_arp(struct sk_buff *skb, struct net_bridge *br,
161161
return;
162162
if (ipv4_is_zeronet(sip) || sip == tip) {
163163
/* prevent flooding to neigh suppress ports */
164-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
164+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
165165
return;
166166
}
167167
}
@@ -181,7 +181,7 @@ void br_do_proxy_suppress_arp(struct sk_buff *skb, struct net_bridge *br,
181181
/* its our local ip, so don't proxy reply
182182
* and don't forward to neigh suppress ports
183183
*/
184-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
184+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
185185
return;
186186
}
187187

@@ -217,7 +217,7 @@ void br_do_proxy_suppress_arp(struct sk_buff *skb, struct net_bridge *br,
217217
*/
218218
if (replied ||
219219
br_opt_get(br, BROPT_NEIGH_SUPPRESS_ENABLED))
220-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
220+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
221221
}
222222

223223
neigh_release(n);
@@ -393,15 +393,15 @@ void br_do_suppress_nd(struct sk_buff *skb, struct net_bridge *br,
393393
struct ipv6hdr *iphdr;
394394
struct neighbour *n;
395395

396-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = false;
396+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 0;
397397

398398
if (p && (p->flags & BR_NEIGH_SUPPRESS))
399399
return;
400400

401401
if (msg->icmph.icmp6_type == NDISC_NEIGHBOUR_ADVERTISEMENT &&
402402
!msg->icmph.icmp6_solicited) {
403403
/* prevent flooding to neigh suppress ports */
404-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
404+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
405405
return;
406406
}
407407

@@ -414,7 +414,7 @@ void br_do_suppress_nd(struct sk_buff *skb, struct net_bridge *br,
414414

415415
if (ipv6_addr_any(saddr) || !ipv6_addr_cmp(saddr, daddr)) {
416416
/* prevent flooding to neigh suppress ports */
417-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
417+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
418418
return;
419419
}
420420

@@ -432,7 +432,7 @@ void br_do_suppress_nd(struct sk_buff *skb, struct net_bridge *br,
432432
/* its our own ip, so don't proxy reply
433433
* and don't forward to arp suppress ports
434434
*/
435-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
435+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
436436
return;
437437
}
438438

@@ -465,7 +465,7 @@ void br_do_suppress_nd(struct sk_buff *skb, struct net_bridge *br,
465465
*/
466466
if (replied ||
467467
br_opt_get(br, BROPT_NEIGH_SUPPRESS_ENABLED))
468-
BR_INPUT_SKB_CB(skb)->proxyarp_replied = true;
468+
BR_INPUT_SKB_CB(skb)->proxyarp_replied = 1;
469469
}
470470
neigh_release(n);
471471
}

net/bridge/br_input.c

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -227,6 +227,8 @@ rx_handler_result_t br_handle_frame(struct sk_buff **pskb)
227227
if (!skb)
228228
return RX_HANDLER_CONSUMED;
229229

230+
memset(skb->cb, 0, sizeof(struct br_input_skb_cb));
231+
230232
p = br_port_get_rcu(skb->dev);
231233
if (p->flags & BR_VLAN_TUNNEL) {
232234
if (br_handle_ingress_vlan_tunnel(skb, p,

net/bridge/br_private.h

Lines changed: 5 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -425,15 +425,13 @@ struct br_input_skb_cb {
425425
struct net_device *brdev;
426426

427427
#ifdef CONFIG_BRIDGE_IGMP_SNOOPING
428-
int igmp;
429-
int mrouters_only;
428+
u8 igmp;
429+
u8 mrouters_only:1;
430430
#endif
431-
432-
bool proxyarp_replied;
433-
bool src_port_isolated;
434-
431+
u8 proxyarp_replied:1;
432+
u8 src_port_isolated:1;
435433
#ifdef CONFIG_BRIDGE_VLAN_FILTERING
436-
bool vlan_filtered;
434+
u8 vlan_filtered:1;
437435
#endif
438436

439437
#ifdef CONFIG_NET_SWITCHDEV

0 commit comments

Comments
 (0)