Patchwork [2/5] netfilter: nf_tables: save 48 bits per rule

login
register
mail settings
Submitter Patrick McHardy
Date Dec. 10, 2012, 5:20 p.m.
Message ID <1355160012-13952-3-git-send-email-kaber@trash.net>
Download mbox | patch
Permalink /patch/204996/
State Accepted
Headers show

Comments

Patrick McHardy - Dec. 10, 2012, 5:20 p.m.
From: Patrick McHardy <kaber@trash.net>

We currently have a hole of 48 bits in the layout of struct nft_rule
because the increased handle size. Using 48 bits for the handle should
be enough to avoid overflow and allows to plug that hole.

Signed-off-by: Patrick McHardy <kaber@trash.net>
---
 include/net/netfilter/nf_tables.h | 4 ++--
 1 Datei geändert, 2 Zeilen hinzugefügt(+), 2 Zeilen entfernt(-)

Patch

diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h
index 2301b74..a3defd8 100644
--- a/include/net/netfilter/nf_tables.h
+++ b/include/net/netfilter/nf_tables.h
@@ -303,8 +303,8 @@  static inline void *nft_expr_priv(const struct nft_expr *expr)
 struct nft_rule {
 	struct list_head		list;
 	struct rcu_head			rcu_head;
-	u64				handle;
-	u16				dlen;
+	u64				handle:48,
+					dlen:16;
 	unsigned char			data[]
 		__attribute__((aligned(__alignof__(struct nft_expr))));
 };