Re: Performance issue due to constant "modprobes"

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ed W <lists@wildgooses.com>
To: "Maciej Żenczykowski" <zenczykowski@gmail.com>
Cc: Jan Engelhardt <jengelh@medozas.de>, netfilter-devel@vger.kernel.org
Subject: Re: Performance issue due to constant "modprobes"
Date: Wed, 13 Apr 2011 12:35:15 +0100	[thread overview]
Message-ID: <4DA58A73.9030308@wildgooses.com> (raw)
In-Reply-To: <BANLkTik3=XWQHH9au7434RTJuf_Rg2sYSw@mail.gmail.com>

On 13/04/2011 10:10, Maciej Żenczykowski wrote:
> I should probably point out that iptables module autoloading behaviour
> is very different for a pre-my commit statically compiled, non-shared
> iptables binary
> vs a post-my commit or non-statically compiled binary.

Aha.  I am using a static (well, --static --shared) iptables

> The modprobe issue would only show up if you had a statically
> compiled, non-shared iptables binary.
> ie. one where all the extensions were already part of the iptables
> binary and would always get initialized at startup (even for iptables
> -h).

Thanks - although my evidence suggests its simply the statically
compiled bit which is enough to trigger this?  My binary is both static
and shared (is that the correct term?)

> The fix would probably be in xtables.c in compatible_revision() to
> change everything starting with:
>   xtables_load_ko(xtables_modprobe_program, true);
> into a for loop:
> 
> something along the lines of
> 
> for (int load = 0; load <= 1; ++load) {
>   if (load) xtables_load_ko(...);
> 
>   ...
> 
>   and replace "close(sockfd); return 0;" with "if (load) {
> close(sockfd); return 0; }; continue;"
> 
> I'll try to write up and maybe even test a real patch tomorrow.

Thanks - although I'm not quite sure that I see that this changes
anything?  There is already a "static int load;" in, I think it's
xtables_load_ko (?) which prevents the module loading more than once per
call of iptables - I'm not sure I understand how your loop above changes
that?

Additionally, as helpfully pointed out by Jan, a chunk of my problem is
my static iptables apparently trying to probe a kernel module which
isn't incorporated into my kernel version.  I can't immediately see a
solution to not uselessly probing for that (without patching iptables)?
 Any ideas?

Thanks

Ed W

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

next prev parent reply	other threads:[~2011-04-13 11:35 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-04-07 23:16 Performance issue due to constant "modprobes" Ed W
2011-04-08  0:18 ` Jan Engelhardt
2011-04-08 17:11   ` Ed W
2011-04-08  0:47 ` Maciej Żenczykowski
2011-04-08 17:11   ` Ed W
2011-04-08 19:54     ` Jan Engelhardt
2011-04-08 23:22       ` Ed W
2011-04-08 23:42         ` Jan Engelhardt
2011-04-09 20:39           ` Ed W
2011-04-09 22:30             ` Jan Engelhardt
2011-04-12 21:03               ` Ed W
2011-04-12 22:05                 ` Jan Engelhardt
2011-04-13 11:08                   ` Ed W
2011-04-13 12:06                     ` Jan Engelhardt
2011-04-13  9:10               ` Maciej Żenczykowski
2011-04-13 11:35                 ` Ed W [this message]
2011-04-13 12:13                   ` Jan Engelhardt
2011-04-13 12:35                     ` Ed W
2011-04-13 12:45                       ` Jan Engelhardt
2011-04-13 16:45                         ` Ed W
2011-04-13 19:20                           ` Mr Dash Four
2011-04-14  7:07                           ` Maciej Żenczykowski
2011-04-14  7:13                             ` Maciej Żenczykowski
2011-04-14  7:19                               ` Jan Engelhardt
2011-04-18 13:38                                 ` Patrick McHardy
2011-04-18 16:33                               ` Ed W
2011-04-19  1:12                                 ` Maciej Żenczykowski
2011-04-19  9:03                                   ` Maciej Żenczykowski
2011-04-19 16:10                                     ` Ed W
2011-04-20  1:26                                       ` Maciej Żenczykowski
2011-04-20  6:41                                         ` Maciej Żenczykowski
2011-04-20  7:31                                           ` Jozsef Kadlecsik
2011-04-20  8:54                                             ` Ed W

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4DA58A73.9030308@wildgooses.com \
    --to=lists@wildgooses.com \
    --cc=jengelh@medozas.de \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=zenczykowski@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.