dscpPolicy: assume cache lookup always succeeds (though it might miss)
By construction it cannot actually fail, since
per_cpu_array[cookie % nr_entries_per_cpu]
is always a valid array item...
This allows us to do direct per-cpu write into the cache
instead of going via bpf map update helper function
Test: TreeHugger, atest CtsNetTestCases:android.net.cts.DscpPolicyTest^C
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I8a70ae341b21202db88877856522288149a54f31
diff --git a/bpf/progs/dscpPolicy.c b/bpf/progs/dscpPolicy.c
index 39f2961..4084933 100644
--- a/bpf/progs/dscpPolicy.c
+++ b/bpf/progs/dscpPolicy.c
@@ -113,8 +113,9 @@
// this array lookup cannot actually fail
RuleEntry* existing_rule = bpf_socket_policy_cache_map_lookup_elem(&cacheid);
- if (existing_rule &&
- v6_equal(src_ip, existing_rule->src_ip) &&
+ if (!existing_rule) return; // impossible
+
+ if (v6_equal(src_ip, existing_rule->src_ip) &&
v6_equal(dst_ip, existing_rule->dst_ip) &&
skb->ifindex == existing_rule->ifindex &&
sport == existing_rule->src_port &&
@@ -187,7 +188,8 @@
}
}
- RuleEntry value = {
+ // Update cache with found policy.
+ *existing_rule = (RuleEntry){
.src_ip = src_ip,
.dst_ip = dst_ip,
.ifindex = skb->ifindex,
@@ -197,9 +199,6 @@
.dscp_val = new_dscp,
};
- // Update cache with found policy.
- bpf_socket_policy_cache_map_update_elem(&cacheid, &value, BPF_ANY);
-
if (new_dscp < 0) return;
// Need to store bytes after updating map or program will not load.