netfilter: conntrack: don't cache nlattr_tuple_size result in nla_size

We currently call ->nlattr_tuple_size() once at register time and
cache result in l4proto->nla_size.

nla_size is the only member that is written to, avoiding this would
allow to make l4proto trackers const.

We can use ->nlattr_tuple_size() at run time, and cache result in
the individual trackers instead.

This is an intermediate step, next patch removes nlattr_size()
callback and computes size at compile time, then removes nla_size.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Florian Westphal 2017-11-02 19:41:09 +01:00 committed by Pablo Neira Ayuso
parent 7f4dae2d7f
commit 5caaed151a
7 changed files with 37 additions and 15 deletions

View File

@ -74,7 +74,7 @@ struct nf_conntrack_l4proto {
int (*tuple_to_nlattr)(struct sk_buff *skb, int (*tuple_to_nlattr)(struct sk_buff *skb,
const struct nf_conntrack_tuple *t); const struct nf_conntrack_tuple *t);
/* Calculate tuple nlattr size */ /* Calculate tuple nlattr size */
int (*nlattr_tuple_size)(void); unsigned int (*nlattr_tuple_size)(void);
int (*nlattr_to_tuple)(struct nlattr *tb[], int (*nlattr_to_tuple)(struct nlattr *tb[],
struct nf_conntrack_tuple *t); struct nf_conntrack_tuple *t);
const struct nla_policy *nla_policy; const struct nla_policy *nla_policy;
@ -144,7 +144,7 @@ int nf_ct_port_tuple_to_nlattr(struct sk_buff *skb,
const struct nf_conntrack_tuple *tuple); const struct nf_conntrack_tuple *tuple);
int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[], int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
struct nf_conntrack_tuple *t); struct nf_conntrack_tuple *t);
int nf_ct_port_nlattr_tuple_size(void); unsigned int nf_ct_port_nlattr_tuple_size(void);
extern const struct nla_policy nf_ct_port_nla_policy[]; extern const struct nla_policy nf_ct_port_nla_policy[];
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL

View File

@ -258,9 +258,14 @@ static int icmp_nlattr_to_tuple(struct nlattr *tb[],
return 0; return 0;
} }
static int icmp_nlattr_tuple_size(void) static unsigned int icmp_nlattr_tuple_size(void)
{ {
return nla_policy_len(icmp_nla_policy, CTA_PROTO_MAX + 1); static unsigned int size __read_mostly;
if (!size)
size = nla_policy_len(icmp_nla_policy, CTA_PROTO_MAX + 1);
return size;
} }
#endif #endif

View File

@ -259,9 +259,14 @@ static int icmpv6_nlattr_to_tuple(struct nlattr *tb[],
return 0; return 0;
} }
static int icmpv6_nlattr_tuple_size(void) static unsigned int icmpv6_nlattr_tuple_size(void)
{ {
return nla_policy_len(icmpv6_nla_policy, CTA_PROTO_MAX + 1); static unsigned int size __read_mostly;
if (!size)
size = nla_policy_len(icmpv6_nla_policy, CTA_PROTO_MAX + 1);
return size;
} }
#endif #endif

View File

@ -1563,9 +1563,14 @@ int nf_ct_port_nlattr_to_tuple(struct nlattr *tb[],
} }
EXPORT_SYMBOL_GPL(nf_ct_port_nlattr_to_tuple); EXPORT_SYMBOL_GPL(nf_ct_port_nlattr_to_tuple);
int nf_ct_port_nlattr_tuple_size(void) unsigned int nf_ct_port_nlattr_tuple_size(void)
{ {
return nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1); static unsigned int size __read_mostly;
if (!size)
size = nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
return size;
} }
EXPORT_SYMBOL_GPL(nf_ct_port_nlattr_tuple_size); EXPORT_SYMBOL_GPL(nf_ct_port_nlattr_tuple_size);
#endif #endif

View File

@ -533,11 +533,11 @@ nla_put_failure:
return -1; return -1;
} }
static inline size_t ctnetlink_proto_size(const struct nf_conn *ct) static size_t ctnetlink_proto_size(const struct nf_conn *ct)
{ {
const struct nf_conntrack_l3proto *l3proto; const struct nf_conntrack_l3proto *l3proto;
const struct nf_conntrack_l4proto *l4proto; const struct nf_conntrack_l4proto *l4proto;
size_t len; size_t len, len4 = 0;
l3proto = __nf_ct_l3proto_find(nf_ct_l3num(ct)); l3proto = __nf_ct_l3proto_find(nf_ct_l3num(ct));
len = l3proto->nla_size; len = l3proto->nla_size;
@ -545,8 +545,12 @@ static inline size_t ctnetlink_proto_size(const struct nf_conn *ct)
l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct)); l4proto = __nf_ct_l4proto_find(nf_ct_l3num(ct), nf_ct_protonum(ct));
len += l4proto->nla_size; len += l4proto->nla_size;
if (l4proto->nlattr_tuple_size) {
len4 = l4proto->nlattr_tuple_size();
len4 *= 3u; /* ORIG, REPLY, MASTER */
}
return len; return len + len4;
} }
static inline size_t ctnetlink_acct_size(const struct nf_conn *ct) static inline size_t ctnetlink_acct_size(const struct nf_conn *ct)

View File

@ -398,8 +398,6 @@ int nf_ct_l4proto_register_one(struct nf_conntrack_l4proto *l4proto)
l4proto->nla_size = 0; l4proto->nla_size = 0;
if (l4proto->nlattr_size) if (l4proto->nlattr_size)
l4proto->nla_size += l4proto->nlattr_size(); l4proto->nla_size += l4proto->nlattr_size();
if (l4proto->nlattr_tuple_size)
l4proto->nla_size += 3 * l4proto->nlattr_tuple_size();
rcu_assign_pointer(nf_ct_protos[l4proto->l3proto][l4proto->l4proto], rcu_assign_pointer(nf_ct_protos[l4proto->l3proto][l4proto->l4proto],
l4proto); l4proto);

View File

@ -1277,9 +1277,14 @@ static int tcp_nlattr_size(void)
+ nla_policy_len(tcp_nla_policy, CTA_PROTOINFO_TCP_MAX + 1); + nla_policy_len(tcp_nla_policy, CTA_PROTOINFO_TCP_MAX + 1);
} }
static int tcp_nlattr_tuple_size(void) static unsigned int tcp_nlattr_tuple_size(void)
{ {
return nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1); static unsigned int size __read_mostly;
if (!size)
size = nla_policy_len(nf_ct_port_nla_policy, CTA_PROTO_MAX + 1);
return size;
} }
#endif #endif