redonkable/alistair23-linux
redonkable/alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/net
History
Florian Westphal 482cfc3185 netfilter: xtables: avoid percpu ruleset duplication 
We store the rule blob per (possible) cpu.  Unfortunately this means we can
waste lot of memory on big smp machines. ipt_entry structure ('rule head')
is 112 byte, so e.g. with maxcpu=64 one single rule eats
close to 8k RAM.

Since previous patch made counters percpu it appears there is nothing
left in the rule blob that needs to be percpu.

On my test system (144 possible cpus, 400k dummy rules) this
change saves close to 9 Gigabyte of RAM.

Reported-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Acked-by: Jesper Dangaard Brouer <brouer@redhat.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
2015-06-12 14:27:10 +02:00
..
6lowpan
9p
802
8021q vlan: Add GRO support for non hardware accelerated vlan 2015-06-01 16:50:52 -07:00
appletalk
atm
ax25
batman-adv batman-adv: change the MAC of each VLAN upon ndo_set_mac_address 2015-06-07 17:07:20 +02:00
bluetooth Merge branch 'for-upstream' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next 2015-05-30 23:26:45 -07:00
bridge netfilter: bridge: restore vlan tag when refragmenting 2015-06-12 14:16:55 +02:00
caif Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-01 22:51:30 -07:00
can can: cangw: introduce optional uid to reference created routing jobs 2015-06-09 09:39:49 +02:00
ceph Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-01 22:51:30 -07:00
core net/ethtool: Add current supported tunable options 2015-06-11 00:36:37 -07:00
dcb
dccp
decnet
dns_resolver
dsa Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-01 22:51:30 -07:00
ethernet net: Add full IPv6 addresses to flow_keys 2015-06-04 15:44:30 -07:00
hsr
ieee802154 nl802154: add support to set cca ed level 2015-05-27 19:29:42 +02:00
ipv4 netfilter: xtables: avoid percpu ruleset duplication 2015-06-12 14:27:10 +02:00
ipv6 netfilter: xtables: avoid percpu ruleset duplication 2015-06-12 14:27:10 +02:00
ipx
irda irda: use msecs_to_jiffies for conversion to jiffies 2015-05-25 17:46:21 -04:00
iucv
key
l2tp
lapb
llc
mac80211 mac80211: convert HW flags to unsigned long bitmap 2015-06-10 16:05:36 +02:00
mac802154 nl802154: add support to set cca ed level 2015-05-27 19:29:42 +02:00
mpls Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-08 20:06:56 -07:00
netfilter netfilter: xtables: avoid percpu ruleset duplication 2015-06-12 14:27:10 +02:00
netlabel
netlink Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-05-23 01:22:35 -04:00
netrom
nfc
openvswitch Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-08 20:06:56 -07:00
packet net-packet: fix null pointer exception in rollover mode 2015-05-17 22:41:38 -04:00
phonet
rds net/rds Add getsockopt support for SO_RDS_TRANSPORT 2015-05-31 21:47:23 -07:00
rfkill net: rfkill: gpio: make better use of gpiod API 2015-05-29 13:13:45 +02:00
rose
rxrpc
sched bpf: make programs see skb->data == L2 for ingress and egress 2015-06-07 02:01:33 -07:00
sctp ipv6: Add rt6_get_cookie() function 2015-05-25 13:25:34 -04:00
sunrpc
switchdev switchdev: fix BUG when port driver doesn't support set attr op 2015-06-11 16:27:09 -07:00
tipc tipc: unconditionally put sock refcnt when sock timer to be deleted is pending 2015-05-30 18:08:37 -07:00
unix net/unix: support SCM_SECURITY for stream sockets 2015-06-10 22:49:20 -07:00
vmw_vsock
wimax
wireless cfg80211: ignore netif running state when changing iftype 2015-05-29 13:05:40 +02:00
x25
xfrm Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-06-01 22:51:30 -07:00
compat.c
Kconfig
Makefile
socket.c
sysctl_net.c