mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net/ipv4/netfilter
History
Stephen Hemminger 942e4a2bd6 netfilter: revised locking for x_tables 
The x_tables are organized with a table structure and a per-cpu copies
of the counters and rules. On older kernels there was a reader/writer 
lock per table which was a performance bottleneck. In 2.6.30-rc, this
was converted to use RCU and the counters/rules which solved the performance
problems for do_table but made replacing rules much slower because of
the necessary RCU grace period.

This version uses a per-cpu set of spinlocks and counters to allow to
table processing to proceed without the cache thrashing of a global
reader lock and keeps the same performance for table updates.

Signed-off-by: Stephen Hemminger <shemminger@vyatta.com>
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2009-04-28 22:36:33 -07:00
..
Kconfig netfilter: Kconfig spelling fixes (trivial) 2009-03-16 15:17:23 +01:00
Makefile netfilter: Combine ipt_ttl and ip6t_hl source 2009-02-18 18:39:31 +01:00
arp_tables.c netfilter: revised locking for x_tables 2009-04-28 22:36:33 -07:00
arpt_mangle.c netfilter: xtables: move extension arguments into compound structure (5/6) 2008-10-08 11:35:19 +02:00
arptable_filter.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
ip_queue.c netfilter: auto-load ip_queue module when socket opened 2009-03-16 15:31:10 +01:00
ip_tables.c netfilter: revised locking for x_tables 2009-04-28 22:36:33 -07:00
ipt_CLUSTERIP.c net: replace NIPQUAD() in net/ipv4/netfilter/ 2008-10-31 00:53:08 -07:00
ipt_ECN.c netfilter: xtables: move extension arguments into compound structure (5/6) 2008-10-08 11:35:19 +02:00
ipt_LOG.c netfilter: use a linked list of loggers 2009-03-16 14:54:21 +01:00
ipt_MASQUERADE.c netfilter: xtables: move extension arguments into compound structure (5/6) 2008-10-08 11:35:19 +02:00
ipt_NETMAP.c netfilter: xtables: move extension arguments into compound structure (5/6) 2008-10-08 11:35:19 +02:00
ipt_REDIRECT.c netfilter: xtables: move extension arguments into compound structure (5/6) 2008-10-08 11:35:19 +02:00
ipt_REJECT.c netfilter: xtables: move extension arguments into compound structure (5/6) 2008-10-08 11:35:19 +02:00
ipt_ULOG.c netfilter: use a linked list of loggers 2009-03-16 14:54:21 +01:00
ipt_addrtype.c netfilter: netns-aware ipt_addrtype 2008-11-04 14:21:48 +01:00
ipt_ah.c netfilter: xtables: move extension arguments into compound structure (2/6) 2008-10-08 11:35:18 +02:00
ipt_ecn.c netfilter: xtables: move extension arguments into compound structure (2/6) 2008-10-08 11:35:18 +02:00
iptable_filter.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
iptable_mangle.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
iptable_raw.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
iptable_security.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
nf_conntrack_l3proto_ipv4.c netfilter: nf_conntrack: calculate per-protocol nlattr size 2009-03-25 21:53:39 +01:00
nf_conntrack_l3proto_ipv4_compat.c netfilter: nf_conntrack: use SLAB_DESTROY_BY_RCU and get rid of call_rcu() 2009-03-25 21:05:46 +01:00
nf_conntrack_proto_icmp.c netfilter: nf_conntrack: calculate per-protocol nlattr size 2009-03-25 21:53:39 +01:00
nf_defrag_ipv4.c netfilter: restore lost #ifdef guarding defrag exception 2008-10-14 11:56:59 -07:00
nf_nat_amanda.c [NETFILTER]: remove unneeded rcu_dereference() calls 2007-11-07 04:08:23 -08:00
nf_nat_core.c netfilter: nf_nat: add support for persistent mappings 2009-04-16 18:33:01 +02:00
nf_nat_ftp.c [NETFILTER]: remove unneeded rcu_dereference() calls 2007-11-07 04:08:23 -08:00
nf_nat_h323.c net: replace NIPQUAD() in net/ipv4/netfilter/ 2008-10-31 00:53:08 -07:00
nf_nat_helper.c netfilter: netns nf_conntrack: pass conntrack to nf_conntrack_event_cache() not skb 2008-10-08 11:35:07 +02:00
nf_nat_irc.c net: replace NIPQUAD() in net/ipv4/netfilter/ 2008-10-31 00:53:08 -07:00
nf_nat_pptp.c netfilter: netns nat: PPTP NAT in netns 2008-10-08 11:35:11 +02:00
nf_nat_proto_common.c nf_nat: use secure_ipv4_port_ephemeral() for NAT port randomization 2008-08-18 21:32:32 -07:00
nf_nat_proto_dccp.c [NETFILTER]: nf_conntrack: const annotations in nf_conntrack_sctp, nf_nat_proto_gre 2008-04-14 11:15:54 +02:00
nf_nat_proto_gre.c [NETFILTER]: nf_conntrack: const annotations in nf_conntrack_sctp, nf_nat_proto_gre 2008-04-14 11:15:54 +02:00
nf_nat_proto_icmp.c [NETFILTER]: nf_nat: use bool type in nf_nat_proto 2008-04-14 11:15:53 +02:00
nf_nat_proto_sctp.c sctp: remove unnecessary byteshifting, calculate directly in big-endian 2008-07-18 23:07:09 -07:00
nf_nat_proto_tcp.c [NETFILTER]: nf_nat: use bool type in nf_nat_proto 2008-04-14 11:15:53 +02:00
nf_nat_proto_udp.c [NETFILTER]: nf_nat: use bool type in nf_nat_proto 2008-04-14 11:15:53 +02:00
nf_nat_proto_udplite.c [NETFILTER]: nf_nat: use bool type in nf_nat_proto 2008-04-14 11:15:53 +02:00
nf_nat_proto_unknown.c [NETFILTER]: nf_nat: use bool type in nf_nat_proto 2008-04-14 11:15:53 +02:00
nf_nat_rule.c netfilter: x_tables: remove unneeded initializations 2009-02-18 16:30:20 +01:00
nf_nat_sip.c net: replace NIPQUAD() in net/ipv4/netfilter/ 2008-10-31 00:53:08 -07:00
nf_nat_snmp_basic.c net: replace uses of __constant_{endian} 2009-02-01 00:45:17 -08:00
nf_nat_standalone.c [NETFILTER]: nf_nat: kill helper and seq_adjust hooks 2008-04-14 11:15:52 +02:00
nf_nat_tftp.c [NETFILTER]: nf_{conntrack,nat}_tftp: annotate TFTP helper with const 2008-01-31 19:28:08 -08:00