netfilter: bridge: neigh_head and physoutdev can't be used at same time

The neigh_header is only needed when we detect DNAT after prerouting and neigh cache didn't have a mac address for us. The output port has not been chosen yet so we can re-use the storage area, bringing struct size down to 32 bytes on x86_64. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

netfilter: bridge: neigh_head and physoutdev can't be used at same time
The neigh_header is only needed when we detect DNAT after prerouting and neigh cache didn't have a mac address for us. The output port has not been chosen yet so we can re-use the storage area, bringing struct size down to 32 bytes on x86_64. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
7fb48c5b · Florian Westphal · Pablo Neira Ayuso · a9756e6f · 7fb48c5b · 7fb48c5b
Commit 7fb48c5b authored May 03, 2015 by Florian Westphal Committed by Pablo Neira Ayuso May 14, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 3 deletions

include/linux/skbuff.h include/linux/skbuff.h +5 -3

net/bridge/br_netfilter.c net/bridge/br_netfilter.c +2 -0

No files found.
--- a/include/linux/skbuff.h
+++ b/include/linux/skbuff.h
@@ -170,12 +170,14 @@ struct nf_bridge_info {
 		BRNF_PROTO_UNCHANGED,
 		BRNF_PROTO_8021Q,
 		BRNF_PROTO_PPPOE
-	} orig_proto;
+	} orig_proto:8;
 	bool			pkt_otherhost;
 	unsigned int		mask;
 	struct net_device	*physindev;
-	struct net_device	*physoutdev;
+	union {
-	char			neigh_header[8];
+		struct net_device *physoutdev;
+		char neigh_header[8];
+	};
 };
 #endif

--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -973,6 +973,8 @@ static void br_nf_pre_routing_finish_bridge_slow(struct sk_buff *skb)
 				       nf_bridge->neigh_header,
 				       ETH_HLEN - ETH_ALEN);
 	skb->dev = nf_bridge->physindev;
+	nf_bridge->physoutdev = NULL;
 	br_handle_frame_finish(NULL, skb);
 }