diff options
| author | Pablo Neira Ayuso | 2014-04-10 00:31:10 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso | 2014-05-19 12:06:13 +0200 |
| commit | c7c32e72cbe23cea97c5d87ffcf6e23cc1ec1a65 (patch) | |
| tree | 82615a2c98f2cf8d3f7446aa31040c0791f93287 /include/net/netfilter/nf_tables.h | |
| parent | netfilter: nf_tables: remove skb and nlh from context structure (diff) | |
| download | kernel-qcow2-linux-c7c32e72cbe23cea97c5d87ffcf6e23cc1ec1a65.tar.gz kernel-qcow2-linux-c7c32e72cbe23cea97c5d87ffcf6e23cc1ec1a65.tar.xz kernel-qcow2-linux-c7c32e72cbe23cea97c5d87ffcf6e23cc1ec1a65.zip | |
netfilter: nf_tables: defer all object release via rcu
Now that all objects are released in the reverse order via the
transaction infrastructure, we can enqueue the release via
call_rcu to save one synchronize_rcu. For small rule-sets loaded
via nft -f, it now takes around 50ms less here.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include/net/netfilter/nf_tables.h')
| -rw-r--r-- | include/net/netfilter/nf_tables.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/include/net/netfilter/nf_tables.h b/include/net/netfilter/nf_tables.h index 1ed2797fb964..7ee6ce6564ae 100644 --- a/include/net/netfilter/nf_tables.h +++ b/include/net/netfilter/nf_tables.h @@ -393,12 +393,14 @@ struct nft_rule { /** * struct nft_trans - nf_tables object update in transaction * + * @rcu_head: rcu head to defer release of transaction data * @list: used internally * @msg_type: message type * @ctx: transaction context * @data: internal information related to the transaction */ struct nft_trans { + struct rcu_head rcu_head; struct list_head list; int msg_type; struct nft_ctx ctx; |