[PATCH RFC 0/9] sk_buff: optimize layout for GRO
Paolo Abeni
pabeni at redhat.com
Wed Jul 21 16:44:32 UTC 2021
This is a very early draft - in a different world would be
replaced by hallway discussion at in-person conference - aimed at
outlining some ideas and collect feedback on the overall outlook.
There are still bugs to be fixed, more test and benchmark need, etc.
There are 3 main goals:
- [try to] avoid the overhead for uncommon conditions at GRO time
(patches 1-4)
- enable backpressure for the veth GRO path (patches 5-6)
- reduce the number of cacheline used by the sk_buff lifecycle
from 4 to 3, at least in some common scenarios (patches 1,7-9).
The idea here is avoid the initialization of some fields and
control their validity with a bitmask, as presented by at least
Florian and Jesper in the past.
The above requires a bit of code churn in some places and, yes,
a few new bits in the sk_buff struct (using some existing holes)
Paolo Abeni (9):
sk_buff: track nfct status in newly added skb->_state
sk_buff: track dst status in skb->_state
sk_buff: move the active_extensions into the state bitfield
net: optimize GRO for the common case.
skbuff: introduce has_sk state bit.
veth: use skb_prepare_for_gro()
sk_buff: move inner header fields after tail
sk_buff: move vlan field after tail.
sk_buff: access secmark via getter/setter
drivers/net/veth.c | 2 +-
include/linux/skbuff.h | 117 ++++++++++++++++++++++---------
include/net/dst.h | 3 +
include/net/sock.h | 9 +++
net/core/dev.c | 31 +++++---
net/core/skbuff.c | 40 +++++++----
net/netfilter/nfnetlink_queue.c | 6 +-
net/netfilter/nft_meta.c | 6 +-
net/netfilter/xt_CONNSECMARK.c | 8 +--
net/netfilter/xt_SECMARK.c | 2 +-
security/apparmor/lsm.c | 15 ++--
security/selinux/hooks.c | 10 +--
security/smack/smack_lsm.c | 4 +-
security/smack/smack_netfilter.c | 4 +-
14 files changed, 175 insertions(+), 82 deletions(-)
--
2.26.3
More information about the Linux-security-module-archive
mailing list