[PATCH nf-next v2 00/11] netfilter: reduce struct net size

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nf-next v2 00/11] netfilter: reduce struct net size
Date: Thu,  1 Apr 2021 16:11:03 +0200	[thread overview]
Message-ID: <20210401141114.24712-1-fw@strlen.de> (raw)

This series moves part of netfilter related pernet data from
struct net to net_generic() infrastructure.

All of these users can be modules, so if they are not loaded there
is no need to waste space.

Also, none of the struct members that are (re)moved are used in packet
path.

A followup patch series will also remove ebt/arp/ip/ip6tables xt_table
anchors from struct net.

Size reduction is 7 cachelines on x86_64.

Only change since v1 is in patch 7, it removes a 'unused variable'
warning.

Florian Westphal (11):
  netfilter: nfnetlink: add and use nfnetlink_broadcast
  netfilter: nfnetlink: use net_generic infra
  netfilter: cttimeout: use net_generic infra
  netfilter: nf_defrag_ipv6: use net_generic infra
  netfilter: nf_defrag_ipv4: use net_generic infra
  netfilter: ebtables: use net_generic infra
  netfilter: nf_tables: use net_generic infra for transaction data
  netfilter: x_tables: move known table lists to net_generic infra
  netfilter: conntrack: move sysctl pointer to net_generic infra
  netfilter: conntrack: move ecache dwork to net_generic infra
  net: remove obsolete members from struct net

 include/linux/netfilter/nfnetlink.h         |   2 +
 include/net/net_namespace.h                 |   9 -
 include/net/netfilter/ipv6/nf_defrag_ipv6.h |   6 +
 include/net/netfilter/nf_conntrack.h        |   7 +
 include/net/netfilter/nf_conntrack_ecache.h |  33 +--
 include/net/netfilter/nf_tables.h           |  11 +
 include/net/netns/conntrack.h               |   4 -
 include/net/netns/netfilter.h               |   6 -
 include/net/netns/nftables.h                |   7 -
 include/net/netns/x_tables.h                |   1 -
 net/bridge/netfilter/ebtables.c             |  39 ++-
 net/ipv4/netfilter/nf_defrag_ipv4.c         |  20 +-
 net/ipv6/netfilter/nf_conntrack_reasm.c     |  68 +++--
 net/ipv6/netfilter/nf_defrag_ipv6_hooks.c   |  15 +-
 net/netfilter/nf_conntrack_core.c           |   7 +-
 net/netfilter/nf_conntrack_ecache.c         |  31 +-
 net/netfilter/nf_conntrack_standalone.c     |  10 +-
 net/netfilter/nf_tables_api.c               | 313 +++++++++++++-------
 net/netfilter/nf_tables_offload.c           |  30 +-
 net/netfilter/nfnetlink.c                   |  67 +++--
 net/netfilter/nfnetlink_acct.c              |   3 +-
 net/netfilter/nfnetlink_cttimeout.c         |  41 ++-
 net/netfilter/nft_chain_filter.c            |  11 +-
 net/netfilter/nft_dynset.c                  |   6 +-
 net/netfilter/x_tables.c                    |  46 ++-
 25 files changed, 518 insertions(+), 275 deletions(-)

-- 
2.26.3

next             reply	other threads:[~2021-04-01 17:41 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-04-01 14:11 Florian Westphal [this message]
2021-04-01 14:11 ` [PATCH nf-next v2 01/11] netfilter: nfnetlink: add and use nfnetlink_broadcast Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 02/11] netfilter: nfnetlink: use net_generic infra Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 03/11] netfilter: cttimeout: " Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 04/11] netfilter: nf_defrag_ipv6: " Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 05/11] netfilter: nf_defrag_ipv4: " Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 06/11] netfilter: ebtables: " Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 07/11] netfilter: nf_tables: use net_generic infra for transaction data Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 08/11] netfilter: x_tables: move known table lists to net_generic infra Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 09/11] netfilter: conntrack: move sysctl pointer " Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 10/11] netfilter: conntrack: move ecache dwork " Florian Westphal
2021-04-01 14:11 ` [PATCH nf-next v2 11/11] net: remove obsolete members from struct net Florian Westphal
2021-04-05 22:35 ` [PATCH nf-next v2 00/11] netfilter: reduce struct net size Pablo Neira Ayuso

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210401141114.24712-1-fw@strlen.de \
    --to=fw@strlen.de \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).