On Tue, Oct 18, 2016 at 5:01 PM, Jarno Rajahalme <ja...@ovn.org> wrote:
> Port upstream change in conntrack labels extension. Add a new
> configure macro HAVE_NF_CONN_LABELS_WITH_WORDS to detect the old
> definition. Unfortunately there is no conntrack API to hide the
> difference, so the this makes conntrack.c deviate from upstream source
> a bit.
>
> Upstream commit:
> commit 23014011ba4209a086931ff402eac1c41abbe456
> Author: Florian Westphal <f...@strlen.de>
> Date: Thu Jul 21 12:51:16 2016 +0200
>
> netfilter: conntrack: support a fixed size of 128 distinct labels
>
> The conntrack label extension is currently variable-sized, e.g. if
> only 2 labels are used by iptables rules then the labels->bits[] array
> will only contain one element.
>
> We track size of each label storage area in the 'words' member.
>
> But in nftables and openvswitch we always have to ask for worst-case
> since we don't know what bit will be used at configuration time.
>
> As most arches are 64bit we need to allocate 24 bytes in this case:
>
> struct nf_conn_labels {
> u8 words; /* 0 1 */
> /* XXX 7 bytes hole, try to pack */
> long unsigned bits[2]; /* 8 24 */
>
> Make bits a fixed size and drop the words member, it simplifies
> the code and only increases memory requirements on x86 when
> less than 64bit labels are required.
>
> We still only allocate the extension if its needed.
>
> Signed-off-by: Florian Westphal <f...@strlen.de>
> Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
>
> Signed-off-by: Jarno Rajahalme <ja...@ovn.org>
Acked-by: Pravin B Shelar <pshe...@ovn.org>
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
