LVS
lvs-devel
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [PATCH v5 6/8] netfilter: Remove the now superfluous sentinel elemen

from [Julian Anastasov] [Permanent Link]
To: Joel Granados <j.granados@xxxxxxxxxxx>
Subject: Re: [PATCH v5 6/8] netfilter: Remove the now superfluous sentinel elements from ctl_table array
Cc: "David S. Miller" <davem@xxxxxxxxxxxxx>, Eric Dumazet <edumazet@xxxxxxxxxx>, Jakub Kicinski <kuba@xxxxxxxxxx>, Paolo Abeni <pabeni@xxxxxxxxxx>, Alexander Aring <alex.aring@xxxxxxxxx>, Stefan Schmidt <stefan@xxxxxxxxxxxxxxxxxx>, Miquel Raynal <miquel.raynal@xxxxxxxxxxx>, David Ahern <dsahern@xxxxxxxxxx>, Steffen Klassert <steffen.klassert@xxxxxxxxxxx>, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>, Matthieu Baerts <matttbe@xxxxxxxxxx>, Mat Martineau <martineau@xxxxxxxxxx>, Geliang Tang <geliang@xxxxxxxxxx>, Ralf Baechle <ralf@xxxxxxxxxxxxxx>, Remi Denis-Courmont <courmisch@xxxxxxxxx>, Allison Henderson <allison.henderson@xxxxxxxxxx>, David Howells <dhowells@xxxxxxxxxx>, Marc Dionne <marc.dionne@xxxxxxxxxxxx>, Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>, Xin Long <lucien.xin@xxxxxxxxx>, Wenjia Zhang <wenjia@xxxxxxxxxxxxx>, Jan Karcher <jaka@xxxxxxxxxxxxx>, "D. Wythe" <alibuda@xxxxxxxxxxxxxxxxx>, Tony Lu <tonylu@xxxxxxxxxxxxxxxxx>, Wen Gu <guwen@xxxxxxxxxxxxxxxxx>, Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>, Anna Schumaker <anna@xxxxxxxxxx>, Chuck Lever <chuck.lever@xxxxxxxxxx>, Jeff Layton <jlayton@xxxxxxxxxx>, Neil Brown <neilb@xxxxxxx>, Olga Kornievskaia <kolga@xxxxxxxxxx>, Dai Ngo <Dai.Ngo@xxxxxxxxxx>, Tom Talpey <tom@xxxxxxxxxx>, Jon Maloy <jmaloy@xxxxxxxxxx>, Ying Xue <ying.xue@xxxxxxxxxxxxx>, Martin Schiller <ms@xxxxxxxxxx>, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>, Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>, Florian Westphal <fw@xxxxxxxxx>, Roopa Prabhu <roopa@xxxxxxxxxx>, Nikolay Aleksandrov <razor@xxxxxxxxxxxxx>, Simon Horman <horms@xxxxxxxxxxxx>, Joerg Reuter <jreuter@xxxxxxxx>, Luis Chamberlain <mcgrof@xxxxxxxxxx>, Kees Cook <keescook@xxxxxxxxxxxx>, netdev@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx, dccp@xxxxxxxxxxxxxxx, linux-wpan@xxxxxxxxxxxxxxx, mptcp@xxxxxxxxxxxxxxx, linux-hams@xxxxxxxxxxxxxxx, linux-rdma@xxxxxxxxxxxxxxx, rds-devel@xxxxxxxxxxxxxx, linux-afs@xxxxxxxxxxxxxxxxxxx, linux-sctp@xxxxxxxxxxxxxxx, linux-s390@xxxxxxxxxxxxxxx, linux-nfs@xxxxxxxxxxxxxxx, tipc-discussion@xxxxxxxxxxxxxxxxxxxxx, linux-x25@xxxxxxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxx, coreteam@xxxxxxxxxxxxx, bridge@xxxxxxxxxxxxxxx, lvs-devel@xxxxxxxxxxxxxxx
From: Julian Anastasov <ja@xxxxxx>
Date: Fri, 26 Apr 2024 15:09:45 +0300 (EEST) 
        Hello,

On Fri, 26 Apr 2024, Joel Granados via B4 Relay wrote:

> From: Joel Granados <j.granados@xxxxxxxxxxx>
> 
> This commit comes at the tail end of a greater effort to remove the
> empty elements at the end of the ctl_table arrays (sentinels) which will
> reduce the overall build time size of the kernel and run time memory
> bloat by ~64 bytes per sentinel (further information Link :
> https://lore.kernel.org/all/ZO5Yx5JFogGi%2FcBo@xxxxxxxxxxxxxxxxxxxxxx/)
> 
> * Remove sentinel elements from ctl_table structs
> * Remove instances where an array element is zeroed out to make it look
>   like a sentinel. This is not longer needed and is safe after commit
>   c899710fe7f9 ("networking: Update to register_net_sysctl_sz") added
>   the array size to the ctl_table registration
> * Remove the need for having __NF_SYSCTL_CT_LAST_SYSCTL as the
>   sysctl array size is now in NF_SYSCTL_CT_LAST_SYSCTL
> * Remove extra element in ctl_table arrays declarations
> 
> Acked-by: Kees Cook <keescook@xxxxxxxxxxxx> # loadpin & yama
> Signed-off-by: Joel Granados <j.granados@xxxxxxxxxxx>
> ---
>  net/bridge/br_netfilter_hooks.c         | 1 -
>  net/ipv6/netfilter/nf_conntrack_reasm.c | 1 -
>  net/netfilter/ipvs/ip_vs_ctl.c          | 5 +----
>  net/netfilter/ipvs/ip_vs_lblc.c         | 5 +----
>  net/netfilter/ipvs/ip_vs_lblcr.c        | 5 +----
>  net/netfilter/nf_conntrack_standalone.c | 6 +-----
>  net/netfilter/nf_log.c                  | 3 +--
>  7 files changed, 5 insertions(+), 21 deletions(-)

...

> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> index 143a341bbc0a..50b5dbe40eb8 100644
> --- a/net/netfilter/ipvs/ip_vs_ctl.c
> +++ b/net/netfilter/ipvs/ip_vs_ctl.c

...

> @@ -4286,10 +4285,8 @@ static int __net_init 
> ip_vs_control_net_init_sysctl(struct netns_ipvs *ipvs)
>                       return -ENOMEM;
>  
>               /* Don't export sysctls to unprivileged users */
> -             if (net->user_ns != &init_user_ns) {
> -                     tbl[0].procname = NULL;
> +             if (net->user_ns != &init_user_ns)
>                       ctl_table_size = 0;
> -             }
>       } else
>               tbl = vs_vars;
>       /* Initialize sysctl defaults */

        We are in process of changing this code (not in trees yet):

https://marc.info/?t=171345219600002&r=1&w=2

        As I'm not sure which patch will win, the end result should
be this single if-block/hunk to be removed.

Regards

--
Julian Anastasov <ja@xxxxxx>
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [PATCH v5 5/8] net: Remove ctl_table sentinel elements from several networking subsystems, Joel Granados via B4 Relay
Next by Date:  Re: [PATCH v5 4/8] net: sunrpc: Remove the now superfluous sentinel elements from ctl_table array, Jeffrey Layton
Previous by Thread:  [PATCH v5 6/8] netfilter: Remove the now superfluous sentinel elements from ctl_table array, Joel Granados via B4 Relay
Next by Thread:  Re: [PATCH v5 6/8] netfilter: Remove the now superfluous sentinel elements from ctl_table array, Joel Granados
Indexes:  [Date] [Thread] [Top] [All Lists]