bpf netd - minor perf improvement - move uid check first
effectively no-op, but since it's a trivial check (uid < APP_START),
better do it first, rather than the complex packet parsing in
skip_owner_match().
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I35a9188e108987d48f03a18cdf70ec4cdd715376
diff --git a/bpf_progs/netd.c b/bpf_progs/netd.c
index 84da79d..a998dc6 100644
--- a/bpf_progs/netd.c
+++ b/bpf_progs/netd.c
@@ -350,10 +350,10 @@
static __always_inline inline int bpf_owner_match(struct __sk_buff* skb, uint32_t uid,
bool egress, const unsigned kver) {
- if (skip_owner_match(skb, kver)) return PASS;
-
if (is_system_uid(uid)) return PASS;
+ if (skip_owner_match(skb, kver)) return PASS;
+
BpfConfig enabledRules = getConfig(UID_RULES_CONFIGURATION_KEY);
UidOwnerValue* uidEntry = bpf_uid_owner_map_lookup_elem(&uid);