From: Julian Anastasov <ja@ssi.bg>
To: Joel Granados <j.granados@samsung.com>
Cc: "David S. Miller" <davem@davemloft.net>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Alexander Aring <alex.aring@gmail.com>,
Stefan Schmidt <stefan@datenfreihafen.org>,
Miquel Raynal <miquel.raynal@bootlin.com>,
David Ahern <dsahern@kernel.org>,
Steffen Klassert <steffen.klassert@secunet.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
Matthieu Baerts <matttbe@kernel.org>,
Mat Martineau <martineau@kernel.org>,
Geliang Tang <geliang@kernel.org>,
Ralf Baechle <ralf@linux-mips.org>,
Remi Denis-Courmont <courmisch@gmail.com>,
Allison Henderson <allison.henderson@oracle.com>,
David Howells <dhowells@redhat.com>,
Marc Dionne <marc.dionne@auristor.com>,
Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>,
Xin Long <lucien.xin@gmail.com>,
Wenjia Zhang <wenjia@linux.ibm.com>,
Jan Karcher <jaka@linux.ibm.com>,
"D. Wythe" <alibuda@linux.alibaba.com>,
Tony Lu <tonylu@linux.alibaba.com>,
Wen Gu <guwen@linux.alibaba.com>,
Trond Myklebust <trond.myklebust@hammerspace.com>,
Anna Schumaker <anna@kernel.org>,
Chuck Lever <chuck.lever@oracle.com>,
Jeff Layton <jlayton@kernel.org>, Neil Brown <neilb@suse.de>,
Olga Kornievskaia <kolga@netapp.com>,
Dai Ngo <Dai.Ngo@oracle.com>, Tom Talpey <tom@talpey.com>,
Jon Maloy <jmaloy@redhat.com>, Ying Xue <ying.xue@windriver.com>,
Martin Schiller <ms@dev.tdt.de>,
Pablo Neira Ayuso <pablo@netfilter.org>,
Jozsef Kadlecsik <kadlec@netfilter.org>,
Florian Westphal <fw@strlen.de>, Roopa Prabhu <roopa@nvidia.com>,
Nikolay Aleksandrov <razor@blackwall.org>,
Simon Horman <horms@verge.net.au>,
Joerg Reuter <jreuter@yaina.de>,
Luis Chamberlain <mcgrof@kernel.org>,
Kees Cook <keescook@chromium.org>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
dccp@vger.kernel.org, linux-wpan@vger.kernel.org,
mptcp@lists.linux.dev, linux-hams@vger.kernel.org,
linux-rdma@vger.kernel.org, rds-devel@oss.oracle.com,
linux-afs@lists.infradead.org, linux-sctp@vger.kernel.org,
linux-s390@vger.kernel.org, linux-nfs@vger.kernel.org,
tipc-discussion@lists.sourceforge.net, linux-x25@vger.kernel.org,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
bridge@lists.linux.dev, lvs-devel@vger.kernel.org
Subject: Re: [PATCH v5 6/8] netfilter: Remove the now superfluous sentinel elements from ctl_table array
Date: Fri, 26 Apr 2024 15:09:45 +0300 (EEST) [thread overview]
Message-ID: <d78c6353-99b9-41f8-0c54-19eb86e1fce3@ssi.bg> (raw)
In-Reply-To: <20240426-jag-sysctl_remset_net-v5-6-e3b12f6111a6@samsung.com>
Hello,
On Fri, 26 Apr 2024, Joel Granados via B4 Relay wrote:
> From: Joel Granados <j.granados@samsung.com>
>
> This commit comes at the tail end of a greater effort to remove the
> empty elements at the end of the ctl_table arrays (sentinels) which will
> reduce the overall build time size of the kernel and run time memory
> bloat by ~64 bytes per sentinel (further information Link :
> https://lore.kernel.org/all/ZO5Yx5JFogGi%2FcBo@bombadil.infradead.org/)
>
> * Remove sentinel elements from ctl_table structs
> * Remove instances where an array element is zeroed out to make it look
> like a sentinel. This is not longer needed and is safe after commit
> c899710fe7f9 ("networking: Update to register_net_sysctl_sz") added
> the array size to the ctl_table registration
> * Remove the need for having __NF_SYSCTL_CT_LAST_SYSCTL as the
> sysctl array size is now in NF_SYSCTL_CT_LAST_SYSCTL
> * Remove extra element in ctl_table arrays declarations
>
> Acked-by: Kees Cook <keescook@chromium.org> # loadpin & yama
> Signed-off-by: Joel Granados <j.granados@samsung.com>
> ---
> net/bridge/br_netfilter_hooks.c | 1 -
> net/ipv6/netfilter/nf_conntrack_reasm.c | 1 -
> net/netfilter/ipvs/ip_vs_ctl.c | 5 +----
> net/netfilter/ipvs/ip_vs_lblc.c | 5 +----
> net/netfilter/ipvs/ip_vs_lblcr.c | 5 +----
> net/netfilter/nf_conntrack_standalone.c | 6 +-----
> net/netfilter/nf_log.c | 3 +--
> 7 files changed, 5 insertions(+), 21 deletions(-)
...
> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> index 143a341bbc0a..50b5dbe40eb8 100644
> --- a/net/netfilter/ipvs/ip_vs_ctl.c
> +++ b/net/netfilter/ipvs/ip_vs_ctl.c
...
> @@ -4286,10 +4285,8 @@ static int __net_init ip_vs_control_net_init_sysctl(struct netns_ipvs *ipvs)
> return -ENOMEM;
>
> /* Don't export sysctls to unprivileged users */
> - if (net->user_ns != &init_user_ns) {
> - tbl[0].procname = NULL;
> + if (net->user_ns != &init_user_ns)
> ctl_table_size = 0;
> - }
> } else
> tbl = vs_vars;
> /* Initialize sysctl defaults */
We are in process of changing this code (not in trees yet):
https://marc.info/?t=171345219600002&r=1&w=2
As I'm not sure which patch will win, the end result should
be this single if-block/hunk to be removed.
Regards
--
Julian Anastasov <ja@ssi.bg>
next prev parent reply other threads:[~2024-04-26 12:10 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-26 10:46 [PATCH v5 0/8] sysctl: Remove sentinel elements from networking Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 10:46 ` [PATCH v5 1/8] net: Remove the now superfluous sentinel elements from ctl_table array Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-29 8:53 ` Sabrina Dubroca
2024-04-29 12:33 ` Joel Granados
2024-04-29 14:49 ` Sabrina Dubroca
2024-04-30 12:41 ` Joel Granados
2024-04-26 10:46 ` [PATCH v5 2/8] net: ipv{6,4}: " Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 10:46 ` [PATCH v5 3/8] net: rds: " Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 10:46 ` [PATCH v5 4/8] net: sunrpc: " Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 12:26 ` Jeffrey Layton
2024-04-26 12:58 ` Chuck Lever
2024-04-26 10:46 ` [PATCH v5 5/8] net: Remove ctl_table sentinel elements from several networking subsystems Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 15:13 ` Sabrina Dubroca
2024-04-29 9:10 ` Joel Granados
2024-04-26 10:46 ` [PATCH v5 6/8] netfilter: Remove the now superfluous sentinel elements from ctl_table array Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 12:09 ` Julian Anastasov [this message]
2024-04-29 9:32 ` Joel Granados
2024-04-26 10:46 ` [PATCH v5 7/8] appletalk: " Joel Granados via B4 Relay
2024-04-26 10:46 ` Joel Granados
2024-04-26 10:47 ` [PATCH v5 8/8] ax.25: x.25: " Joel Granados via B4 Relay
2024-04-26 10:47 ` Joel Granados
2024-04-27 8:14 ` Sabrina Dubroca
2024-04-29 10:05 ` Joel Granados
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d78c6353-99b9-41f8-0c54-19eb86e1fce3@ssi.bg \
--to=ja@ssi.bg \
--cc=Dai.Ngo@oracle.com \
--cc=alex.aring@gmail.com \
--cc=alibuda@linux.alibaba.com \
--cc=allison.henderson@oracle.com \
--cc=anna@kernel.org \
--cc=bridge@lists.linux.dev \
--cc=chuck.lever@oracle.com \
--cc=coreteam@netfilter.org \
--cc=courmisch@gmail.com \
--cc=davem@davemloft.net \
--cc=dccp@vger.kernel.org \
--cc=dhowells@redhat.com \
--cc=dsahern@kernel.org \
--cc=edumazet@google.com \
--cc=fw@strlen.de \
--cc=geliang@kernel.org \
--cc=guwen@linux.alibaba.com \
--cc=herbert@gondor.apana.org.au \
--cc=horms@verge.net.au \
--cc=j.granados@samsung.com \
--cc=jaka@linux.ibm.com \
--cc=jlayton@kernel.org \
--cc=jmaloy@redhat.com \
--cc=jreuter@yaina.de \
--cc=kadlec@netfilter.org \
--cc=keescook@chromium.org \
--cc=kolga@netapp.com \
--cc=kuba@kernel.org \
--cc=linux-afs@lists.infradead.org \
--cc=linux-hams@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=linux-sctp@vger.kernel.org \
--cc=linux-wpan@vger.kernel.org \
--cc=linux-x25@vger.kernel.org \
--cc=lucien.xin@gmail.com \
--cc=lvs-devel@vger.kernel.org \
--cc=marc.dionne@auristor.com \
--cc=marcelo.leitner@gmail.com \
--cc=martineau@kernel.org \
--cc=matttbe@kernel.org \
--cc=mcgrof@kernel.org \
--cc=miquel.raynal@bootlin.com \
--cc=mptcp@lists.linux.dev \
--cc=ms@dev.tdt.de \
--cc=neilb@suse.de \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pablo@netfilter.org \
--cc=ralf@linux-mips.org \
--cc=razor@blackwall.org \
--cc=rds-devel@oss.oracle.com \
--cc=roopa@nvidia.com \
--cc=stefan@datenfreihafen.org \
--cc=steffen.klassert@secunet.com \
--cc=tipc-discussion@lists.sourceforge.net \
--cc=tom@talpey.com \
--cc=tonylu@linux.alibaba.com \
--cc=trond.myklebust@hammerspace.com \
--cc=wenjia@linux.ibm.com \
--cc=ying.xue@windriver.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.