From: Patrick McHardy <kaber@trash.net>
To: Eric Dumazet <dada1@cosmosbay.com>
Cc: David Miller <davem@davemloft.net>,
"netdev@vger.kernel.org" <netdev@vger.kernel.org>,
Netfilter Development Mailinglist
<netfilter-devel@vger.kernel.org>
Subject: Re: [PATCH] netfilter : struct xt_table_info diet
Date: Wed, 14 Nov 2007 18:19:41 +0100 [thread overview]
Message-ID: <473B2E2D.4010504@trash.net> (raw)
In-Reply-To: <20071114164735.1ba04bc3.dada1@cosmosbay.com>
[netfilter-devel CCed]
Eric Dumazet wrote:
> Hi David & Patrick
>
> Please find a patch against net-2.6.25
>
> Thank you
>
>
> [PATCH] netfilter : struct xt_table_info diet
>
> Instead of using a big array of NR_CPUS entries, we can compute the size needed at runtime, using nr_cpu_ids
>
> This should save some ram (especially on David's machines where NR_CPUS=4096 : 32 KB can be saved per table, and 64KB for dynamically allocated ones (because of slab/slub alignements) )
>
> In particular, the 'bootstrap' tables are not any more static (in data section) but on stack as their
> size is now very small.
>
> This also should reduce the size used on stack in compat functions
> (get_info() declares an automatic variable, that could be bigger than kernel stack size for big NR_CPUS)
Thanks, this looks good. One question:
> diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
> index 2909c92..ed3bd0b 100644
> --- a/net/ipv4/netfilter/arp_tables.c
> +++ b/net/ipv4/netfilter/arp_tables.c
> @@ -811,7 +811,7 @@ static int do_replace(void __user *user, unsigned int len)
> return -ENOPROTOOPT;
>
> /* overflow check */
> - if (tmp.size >= (INT_MAX - sizeof(struct xt_table_info)) / NR_CPUS -
> + if (tmp.size >= (INT_MAX - XT_TABLE_INFO_SZ) / NR_CPUS -
> SMP_CACHE_BYTES)
Shouldn't NR_CPUs be replaced by nr_cpu_ids here? I'm wondering
why we still include NR_CPUs in the calculation at all though,
unlike in 2.4, we don't allocate one huge area of memory anymore
but do one allocation per CPU. IIRC it even was you who changed
that.
next parent reply other threads:[~2007-11-14 17:19 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20071114164735.1ba04bc3.dada1@cosmosbay.com>
2007-11-14 17:19 ` Patrick McHardy [this message]
2007-11-14 17:55 ` [PATCH] netfilter : struct xt_table_info diet Eric Dumazet
2007-11-15 12:26 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=473B2E2D.4010504@trash.net \
--to=kaber@trash.net \
--cc=dada1@cosmosbay.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).