[PATCH net-next 29/32] netfilter: nft_meta: track register operations

[PATCH net-next 00/32] Netfilter updates for net-next · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 01/32] netfilter: nfnetlink: add netns refcount tracker to struct nfulnl_instance · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
Re: [PATCH net-next 01/32] netfilter: nfnetlink: add netns refcount tracker to struct nfulnl_instance · patchwork-bot+netdevbpf@kernel.org · 2022-01-10
[PATCH net-next 05/32] netfilter: nf_tables: consolidate rule verdict trace call · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 02/32] netfilter: nf_nat_masquerade: add netns refcount tracker to masq_dev_work · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 04/32] netfilter: nft_payload: WARN_ON_ONCE instead of BUG · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 06/32] netfilter: nf_tables: replace WARN_ON by WARN_ON_ONCE for unknown verdicts · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 03/32] netfilter: nf_tables: remove rcu read-size lock · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 11/32] netfilter: nft_set_pipapo_avx2: remove redundant pointer lt · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 08/32] netfilter: conntrack: tag conntracks picked up in local out hook · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 07/32] netfilter: nf_tables: make counter support built-in · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 09/32] netfilter: nat: force port remap to prevent shadowing well-known ports · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 10/32] netfilter: flowtable: remove ipv4/ipv6 modules · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
Re: [PATCH net-next 10/32] netfilter: flowtable: remove ipv4/ipv6 modules · Geert Uytterhoeven <geert@linux-m68k.org> · 2022-01-11
[PATCH net-next 12/32] netfilter: conntrack: Use max() instead of doing it manually · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 14/32] netfilter: core: move ip_ct_attach indirection to struct nf_ct_hook · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 15/32] netfilter: make function op structures const · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 16/32] netfilter: conntrack: avoid useless indirection during conntrack destruction · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 13/32] netfilter: conntrack: convert to refcount_t api · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 17/32] net: prefer nf_ct_put instead of nf_conntrack_put · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 19/32] netfilter: nft_connlimit: move stateful fields out of expression data · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
Re: [PATCH net-next 19/32] netfilter: nft_connlimit: move stateful fields out of expression data · Julian Wiedmann <hidden> · 2022-01-10
Re: [PATCH net-next 19/32] netfilter: nft_connlimit: move stateful fields out of expression data · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-10
[PATCH net-next 21/32] netfilter: nft_quota: move stateful fields out of expression data · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 20/32] netfilter: nft_last: move stateful fields out of expression data · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 22/32] netfilter: nft_numgen: move stateful fields out of expression data · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 25/32] netfilter: nf_tables: add rule blob layout · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 28/32] netfilter: nft_payload: track register operations · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 31/32] netfilter: nft_payload: cancel register tracking after payload update · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 30/32] netfilter: nft_bitwise: track register operations · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 32/32] netfilter: nft_meta: cancel register tracking after meta update · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 18/32] netfilter: egress: avoid a lockdep splat · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
Re: [PATCH net-next 18/32] netfilter: egress: avoid a lockdep splat · Eric Dumazet <hidden> · 2022-02-28
Re: [PATCH net-next 18/32] netfilter: egress: avoid a lockdep splat · Florian Westphal <fw@strlen.de> · 2022-02-28
[PATCH net-next 29/32] netfilter: nft_meta: track register operations · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 26/32] netfilter: nf_tables: add NFT_REG32_NUM · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 24/32] netfilter: nft_limit: move stateful fields out of expression data · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 27/32] netfilter: nf_tables: add register tracking infrastructure · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09
[PATCH net-next 23/32] netfilter: nft_limit: rename stateful structure · Pablo Neira Ayuso <pablo@netfilter.org> · 2022-01-09

STALE1567d

Revisions (9)

2013-04-06 v1 [diff vs current]
2015-06-15 v1 [diff vs current]
2016-05-09 v1 [diff vs current]
2016-09-05 v1 [diff vs current]
2016-09-25 v1 [diff vs current]
2018-10-09 v1 [diff vs current]
2018-12-21 v1 [diff vs current]
2020-03-18 v1 [diff vs current]
2022-01-09 v1 current

From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: 2022-01-09 23:18:36
Also in: netfilter-devel
Subsystem: netfilter, networking [general], the rest · Maintainers: Pablo Neira Ayuso, Florian Westphal, "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Linus Torvalds

Check if the destination register already contains the data that this
meta store expression performs. This allows to skip this redundant
operation. If the destination contains a different selector, update
the register tracking information.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 net/netfilter/nft_meta.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/net/netfilter/nft_meta.c b/net/netfilter/nft_meta.c
index fe91ff5f8fbe..430f40bc3cb4 100644
--- a/net/netfilter/nft_meta.c
+++ b/net/netfilter/nft_meta.c

@@ -750,12 +750,40 @@ static int nft_meta_get_offload(struct nft_offload_ctx *ctx,
 	return 0;
 }
 
+static bool nft_meta_get_reduce(struct nft_regs_track *track,
+				const struct nft_expr *expr)
+{
+	const struct nft_meta *priv = nft_expr_priv(expr);
+	const struct nft_meta *meta;
+
+	if (!track->regs[priv->dreg].selector ||
+	    track->regs[priv->dreg].selector->ops != expr->ops) {
+		track->regs[priv->dreg].selector = expr;
+		track->regs[priv->dreg].bitwise = NULL;
+		return false;
+	}
+
+	meta = nft_expr_priv(track->regs[priv->dreg].selector);
+	if (priv->key != meta->key ||
+	    priv->dreg != meta->dreg) {
+		track->regs[priv->dreg].selector = expr;
+		track->regs[priv->dreg].bitwise = NULL;
+		return false;
+	}
+
+	if (!track->regs[priv->dreg].bitwise)
+		return true;
+
+	return false;
+}
+
 static const struct nft_expr_ops nft_meta_get_ops = {
 	.type		= &nft_meta_type,
 	.size		= NFT_EXPR_SIZE(sizeof(struct nft_meta)),
 	.eval		= nft_meta_get_eval,
 	.init		= nft_meta_get_init,
 	.dump		= nft_meta_get_dump,
+	.reduce		= nft_meta_get_reduce,
 	.validate	= nft_meta_get_validate,
 	.offload	= nft_meta_get_offload,
 };

-- 
2.30.2

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help