On 2024-09-12 17:03:15 [+0200], Daniel Borkmann wrote: > > Oh well, quite annoying that we need this context now everywhere also outside of XDP :( > Sebastian, do you see any way where this could be noop for !PREEMPT_RT? This isn't related to XDP but to the redirect part of BPF which is (or was) using per-CPU variables. I don't know how much pain it causes here for you and how much of this is actually helping and not making anything worse: - If netkit::active is likely to be NULL you could limit assigning the context only if it != NULL - If you can ensure (via verifier) that netkit_run() won't access the redirect helper (such as bpf_redirect()) and won't return NETKIT_REDIRECT (as a consequence) then the assignment could be avoided in this case. Sebastian
