From: Liping Zhang <zlpnobody@gmail.com>
To: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
Cc: netfilter-devel@vger.kernel.org, pablo@netfilter.org
Subject: Re: [PATCH iptables] xtables: use exponential delay when waiting for xtables lock
Date: Thu, 28 Apr 2016 09:37:32 +0800 [thread overview]
Message-ID: <CAML_gOfhesCGBk5WWpmAsi3GQNHu5ZZpe9Wg36HCjGgQuRNeOg@mail.gmail.com> (raw)
In-Reply-To: <1460084845-28057-1-git-send-email-subashab@codeaurora.org>
2016-04-08 11:07 GMT+08:00 Subash Abhinov Kasiviswanathan
<subashab@codeaurora.org>:
> ip[6]tables currently waits for 1 second for the xtables lock to
> be freed if the -w option is used. We have seen that the lock is
> held much less than that resulting in unnecessary delay when
> trying to acquire the lock. This problem is even severe in case
> of latency sensitive applications.
>
> Introduce an exponential delay starting from 10ms (experimentally
> determined) up to a second.
>
> Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
> ---
> iptables/xshared.c | 10 ++++++++--
> 1 file changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/iptables/xshared.c b/iptables/xshared.c
> index 81c2581..d90ac13 100644
> --- a/iptables/xshared.c
> +++ b/iptables/xshared.c
> @@ -247,6 +247,7 @@ void xs_init_match(struct xtables_match *match)
> bool xtables_lock(int wait)
> {
> int fd, waited = 0, i = 0;
> + useconds_t base_delay = 10000;
>
> fd = open(XT_LOCK_NAME, O_CREAT, 0600);
> if (fd < 0)
> @@ -257,10 +258,15 @@ bool xtables_lock(int wait)
> return true;
> else if (wait >= 0 && waited >= wait)
> return false;
> - if (++i % 2 == 0)
> + if ((++i % 2 == 0) && (base_delay >= 200000))
> fprintf(stderr, "Another app is currently holding the xtables lock; "
> "waiting (%ds) for it to exit...\n", waited);
> waited++;
> - sleep(1);
This break the "-w" option's semantic, i.e. if the user input
"iptables -w 1", and concurrency happen,
we will just only wait 10ms and return an error.
> + if (base_delay > 1000000) {
> + sleep(1);
> + } else {
> + usleep(base_delay);
> + base_delay *= 2;
> + }
> }
> }
> --
> 1.8.2.1
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2016-04-28 1:37 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-08 3:07 [PATCH iptables] xtables: use exponential delay when waiting for xtables lock Subash Abhinov Kasiviswanathan
2016-04-28 1:37 ` Liping Zhang [this message]
2016-04-28 9:25 ` Pablo Neira Ayuso
2016-04-28 19:14 ` subashab
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAML_gOfhesCGBk5WWpmAsi3GQNHu5ZZpe9Wg36HCjGgQuRNeOg@mail.gmail.com \
--to=zlpnobody@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
--cc=pablo@netfilter.org \
--cc=subashab@codeaurora.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).