projects / linux-block.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: be2ab5b) | patch
netfilter: nf_tables: avoid global info storage
authorFlorian Westphal <fw@strlen.de>
Wed, 11 Jul 2018 11:45:13 +0000 (13:45 +0200)
committerPablo Neira Ayuso <pablo@netfilter.org>
Wed, 18 Jul 2018 09:26:47 +0000 (11:26 +0200)
commit2a43ecf96ba6a6eed70dbcd99d0888fc0ad3b82b
treec11616a1dfa43ce19cb49d881e5f27e61de2e429tree | snapshot
parentbe2ab5b4d5c0bf041a34ec2e1397d50afbfb095ecommit | diff
netfilter: nf_tables: avoid global info storage

This works because all accesses are currently serialized by nfnl
nf_tables subsys mutex.

If we want to have per-netns locking, we need to make this scratch
area pernetns or allocate it on demand.

This does the latter, its ~28kbyte but we can fallback to vmalloc
so it should be fine.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/nf_tables_api.c diff | blob | blame | history
Linux 6.x block layer and io_uring tree(s)