[Devel] [PATCH RHEL7 COMMIT] vzprivnet: remove dst.privnet_mark usage as it is no more rtcached
Konstantin Khorenko
khorenko at virtuozzo.com
Mon Oct 31 08:56:45 PDT 2016
The commit is pushed to "branch-rh7-3.10.0-327.36.1.vz7.19.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-327.36.1.vz7.19.4
------>
commit 805d7fada3e590a6738f5e6a1e3d7778b856fa7e
Author: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
Date: Mon Oct 31 19:56:45 2016 +0400
vzprivnet: remove dst.privnet_mark usage as it is no more rtcached
Rtcache for dst was removed in ms kernel 3.6, explained in:
http://vger.kernel.org/~davem/columbia2012.pdf
https://jira.sw.ru/browse/PSBM-53646
based on: Revert "vzprivnet: Cache filtering result on dst"
This reverts commit a8c588576f98ad9619770c7dfaed44ba7d915574.
Conflicts:
net/ipv4/netfilter/ip_vzprivnet.c
Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
---
net/core/dst.c | 1 -
net/ipv4/netfilter/ip_vzprivnet.c | 50 ++++++++-------------------------------
2 files changed, 10 insertions(+), 41 deletions(-)
diff --git a/net/core/dst.c b/net/core/dst.c
index c1b0db7..530b7d6 100644
--- a/net/core/dst.c
+++ b/net/core/dst.c
@@ -195,7 +195,6 @@ void *dst_alloc(struct dst_ops *ops, struct net_device *dev,
atomic_set(&dst->__refcnt, initial_ref);
dst->__use = 0;
dst->lastuse = jiffies;
- dst->privnet_mark = 0;
dst->flags = flags;
dst->pending_confirm = 0;
dst->next = NULL;
diff --git a/net/ipv4/netfilter/ip_vzprivnet.c b/net/ipv4/netfilter/ip_vzprivnet.c
index e37fe97..4c1601e 100644
--- a/net/ipv4/netfilter/ip_vzprivnet.c
+++ b/net/ipv4/netfilter/ip_vzprivnet.c
@@ -35,25 +35,8 @@
#include <linux/vzprivnet.h>
#define VZPRIV_PROCNAME "ip_vzprivnet"
-enum {
- VZPRIV_MARK_UNKNOWN,
- VZPRIV_MARK_ACCEPT,
- VZPRIV_MARK_DROP,
- VZPRIV_MARK_MAX
-};
-
static DEFINE_PER_CPU(unsigned long, lookup_stat[2]);
-static inline unsigned int dst_pmark_get(struct dst_entry *dst)
-{
- return dst->privnet_mark;
-}
-
-static inline void dst_pmark_set(struct dst_entry *dst, unsigned int mark)
-{
- dst->privnet_mark = mark;
-}
-
struct vzprivnet {
u32 nmask;
int weak;
@@ -225,14 +208,14 @@ static noinline unsigned int vzprivnet_classify(struct sk_buff *skb, int type)
if (p1 == p2) {
if ((saddr & p1->nmask) == (daddr & p1->nmask))
- res = VZPRIV_MARK_ACCEPT;
+ res = NF_ACCEPT;
else
- res = VZPRIV_MARK_DROP;
+ res = NF_DROP;
} else {
if (p1->weak + p2->weak >= 3)
- res = VZPRIV_MARK_ACCEPT;
+ res = NF_ACCEPT;
else
- res = VZPRIV_MARK_DROP;
+ res = NF_DROP;
}
read_unlock(&vzprivlock);
@@ -248,7 +231,6 @@ EXPORT_SYMBOL(vzpn_filter_host);
static unsigned int vzprivnet_hook(struct sk_buff *skb, int can_be_bridge)
{
struct dst_entry *dst;
- unsigned int pmark = VZPRIV_MARK_UNKNOWN;
struct net *src_net;
if (WARN_ON_ONCE(!skb->dev && !skb->sk))
@@ -259,26 +241,14 @@ static unsigned int vzprivnet_hook(struct sk_buff *skb, int can_be_bridge)
return NF_ACCEPT;
dst = skb_dst(skb);
- if (dst != NULL) {
- if (can_be_bridge && dst->output != ip_output) { /* bridge */
- if (vzpn_handle_bridged) {
- pmark = vzprivnet_classify(skb, 1);
- return pmark == VZPRIV_MARK_ACCEPT ?
- NF_ACCEPT : NF_DROP;
- } else
- return NF_ACCEPT;
- }
-
- pmark = dst_pmark_get(dst);
- }
-
- if (unlikely(pmark == VZPRIV_MARK_UNKNOWN)) {
- pmark = vzprivnet_classify(skb, 0);
- if (dst != NULL)
- dst_pmark_set(dst, pmark);
+ if (dst != NULL && can_be_bridge && dst->output != ip_output) { /* bridge */
+ if (vzpn_handle_bridged)
+ return vzprivnet_classify(skb, 1);
+ else
+ return NF_ACCEPT;
}
- return pmark == VZPRIV_MARK_ACCEPT ? NF_ACCEPT : NF_DROP;
+ return vzprivnet_classify(skb, 0);
}
static unsigned int vzprivnet_fwd_hook(const struct nf_hook_ops *ops,
More information about the Devel
mailing list