net: Move skb decrypted field, avoid explicity copy

Commit 784abe24c903 ("net: Add decrypted field to skb")
introduced a 'decrypted' field that is explicitly copied on skb
copy and clone.

Move it between headers_start[0] and headers_end[0], so that we
don't need to copy it explicitly as it's copied by the memcpy()
in __copy_skb_header().

While at it, drop the assignment in __skb_clone(), it was
already redundant.

This doesn't change the size of sk_buff or cacheline boundaries.

The 15-bits hole before tc_index becomes a 14-bits hole, and
will be again a 15-bits hole when this change is merged with
commit 8b7008620b84 ("net: Don't copy pfmemalloc flag in
__copy_skb_header()").

v2: as reported by kbuild test robot (oops, I forgot to build
    with CONFIG_TLS_DEVICE it seems), we can't use
    CHECK_SKB_FIELD() on a bit-field member. Just drop the
    check for the moment being, perhaps we could think of some
    magic to also check bit-field members one day.

Fixes: 784abe24c903 ("net: Add decrypted field to skb")
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
index 3ceb8dcc54da45bb305b4fcadbb31c766308d95f..14bc9ebe30f2cdb671ff3ae975c05a36311a3fec 100644 (file)
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -630,7 +630,6 @@ typedef unsigned char *sk_buff_data_t;
  *     @hash: the packet hash
  *     @queue_mapping: Queue mapping for multiqueue devices
  *     @xmit_more: More SKBs are pending for this queue
- *     @decrypted: Decrypted SKB
  *     @ndisc_nodetype: router type (from link layer)
  *     @ooo_okay: allow the mapping of a socket to a queue to be changed
  *     @l4_hash: indicate hash is a canonical 4-tuple hash over transport
@@ -641,6 +640,7 @@ typedef unsigned char *sk_buff_data_t;
  *     @no_fcs:  Request NIC to treat last 4 bytes as Ethernet FCS
  *     @csum_not_inet: use CRC32c to resolve CHECKSUM_PARTIAL
  *     @dst_pending_confirm: need to confirm neighbour
+ *     @decrypted: Decrypted SKB
   *    @napi_id: id of the NAPI struct this skb came from
  *     @secmark: security marking
  *     @mark: Generic packet mark
@@ -737,11 +737,7 @@ struct sk_buff {
                                peeked:1,
                                head_frag:1,
                                xmit_more:1,
-#ifdef CONFIG_TLS_DEVICE
-                               decrypted:1;
-#else
                                __unused:1;
-#endif
 
        /* fields enclosed in headers_start/headers_end are copied
         * using a single memcpy() in __copy_skb_header()
@@ -797,6 +793,9 @@ struct sk_buff {
        __u8                    tc_redirected:1;
        __u8                    tc_from_ingress:1;
 #endif
+#ifdef CONFIG_TLS_DEVICE
+       __u8                    decrypted:1;
+#endif
 
 #ifdef CONFIG_NET_SCHED
        __u16                   tc_index;       /* traffic control index */

diff --git a/net/core/skbuff.c b/net/core/skbuff.c
index cfd6c6f35f9c585533199ee8375e6c29de452d12..c4e24ac274641e6c4a6435fad19f9671aa15b0a1 100644 (file)
--- a/net/core/skbuff.c
+++ b/net/core/skbuff.c
@@ -805,9 +805,6 @@ static void __copy_skb_header(struct sk_buff *new, const struct sk_buff *old)
         * It is not yet because we do not want to have a 16 bit hole
         */
        new->queue_mapping = old->queue_mapping;
-#ifdef CONFIG_TLS_DEVICE
-       new->decrypted = old->decrypted;
-#endif
 
        memcpy(&new->headers_start, &old->headers_start,
               offsetof(struct sk_buff, headers_end) -
@@ -868,9 +865,6 @@ static struct sk_buff *__skb_clone(struct sk_buff *n, struct sk_buff *skb)
        C(head_frag);
        C(data);
        C(truesize);
-#ifdef CONFIG_TLS_DEVICE
-       C(decrypted);
-#endif
        refcount_set(&n->users, 1);
 
        atomic_inc(&(skb_shinfo(skb)->dataref));