1. 04 12月, 2009 12 次提交
    • E
      net: Batch inet_twsk_purge · b099ce26
      Eric W. Biederman 提交于
      This function walks the whole hashtable so there is no point in
      passing it a network namespace.  Instead I purge all timewait
      sockets from dead network namespaces that I find.  If the namespace
      is one of the once I am trying to purge I am guaranteed no new timewait
      sockets can be formed so this will get them all.  If the namespace
      is one I am not acting for it might form a few more but I will
      call inet_twsk_purge again and  shortly to get rid of them.  In
      any even if the network namespace is dead timewait sockets are
      useless.
      
      Move the calls of inet_twsk_purge into batch_exit routines so
      that if I am killing a bunch of namespaces at once I will just
      call inet_twsk_purge once and save a lot of redundant unnecessary
      work.
      
      My simple 4k network namespace exit test the cleanup time dropped from
      roughly 8.2s to 1.6s.  While the time spent running inet_twsk_purge fell
      to about 2ms.  1ms for ipv4 and 1ms for ipv6.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      b099ce26
    • E
      net: Use rcu lookups in inet_twsk_purge. · 575f4cd5
      Eric W. Biederman 提交于
      While we are looking up entries to free there is no reason to take
      the lock in inet_twsk_purge.  We have to drop locks and restart
      occassionally anyway so adding a few more in case we get on the
      wrong list because of a timewait move is no big deal.  At the
      same time not taking the lock for long periods of time is much
      more polite to the rest of the users of the hash table.
      
      In my test configuration of killing 4k network namespaces
      this change causes 4k back to back runs of inet_twsk_purge on an
      empty hash table to go from roughly 20.7s to 3.3s, and the total
      time to destroy 4k network namespaces goes from roughly 44s to
      3.3s.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Acked-by: NEric Dumazet <eric.dumazet@gmail.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      575f4cd5
    • E
      net: Allow fib_rule_unregister to batch · e9c5158a
      Eric W. Biederman 提交于
      Refactor the code so fib_rules_register always takes a template instead
      of the actual fib_rules_ops structure that will be used.  This is
      required for network namespace support so 2 out of the 3 callers already
      do this, it allows the error handling to be made common, and it allows
      fib_rules_unregister to free the template for hte caller.
      
      Modify fib_rules_unregister to use call_rcu instead of syncrhonize_rcu
      to allw multiple namespaces to be cleaned up in the same rcu grace
      period.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      e9c5158a
    • E
      netns: Add an explicit rcu_barrier to unregister_pernet_{device|subsys} · 3a765eda
      Eric W. Biederman 提交于
      This allows namespace exit methods to batch work that comes requires an
      rcu barrier using call_rcu without having to treat the
      unregister_pernet_operations cases specially.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      3a765eda
    • E
      net: Allow xfrm_user_net_exit to batch efficiently. · d79d792e
      Eric W. Biederman 提交于
      xfrm.nlsk is provided by the xfrm_user module and is access via rcu from
      other parts of the xfrm code.  Add xfrm.nlsk_stash a copy of xfrm.nlsk that
      will never be set to NULL.  This allows the synchronize_net and
      netlink_kernel_release to be deferred until a whole batch of xfrm.nlsk sockets
      have been set to NULL.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d79d792e
    • E
      net: Move network device exit batching · 04dc7f6b
      Eric W. Biederman 提交于
      Move network device exit batching from a special case in
      net_namespace.c to using common mechanisms in dev.c
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      04dc7f6b
    • E
      net: Add support for batching network namespace cleanups · 72ad937a
      Eric W. Biederman 提交于
      - Add exit_list to struct net to support building lists of network
        namespaces to cleanup.
      
      - Add exit_batch to pernet_operations to allow running operations only
        once during a network namespace exit.  Instead of once per network
        namespace.
      
      - Factor opt ops_exit_list and ops_exit_free so the logic with cleanup
        up a network namespace does not need to be duplicated.
      Signed-off-by: NEric W. Biederman <ebiederm@xmission.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      72ad937a
    • P
      ipv4 05/05: add sysctl to accept packets with local source addresses · 8153a10c
      Patrick McHardy 提交于
      commit 8ec1e0ebe26087bfc5c0394ada5feb5758014fc8
      Author: Patrick McHardy <kaber@trash.net>
      Date:   Thu Dec 3 12:16:35 2009 +0100
      
          ipv4: add sysctl to accept packets with local source addresses
      
          Change fib_validate_source() to accept packets with a local source address when
          the "accept_local" sysctl is set for the incoming inet device. Combined with the
          previous patches, this allows to communicate between multiple local interfaces
          over the wire.
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      8153a10c
    • P
      net 04/05: fib_rules: allow to delete local rule · 5adef180
      Patrick McHardy 提交于
      commit d124356ce314fff22a047ea334379d5105b2d834
      Author: Patrick McHardy <kaber@trash.net>
      Date:   Thu Dec 3 12:16:35 2009 +0100
      
          net: fib_rules: allow to delete local rule
      
          Allow to delete the local rule and recreate it with a higher priority. This
          can be used to force packets with a local destination out on the wire instead
          of routing them to loopback. Additionally this patch allows to recreate rules
          with a priority of 0.
      
          Combined with the previous patch to allow oif classification, a socket can
          be bound to the desired interface and packets routed to the wire like this:
      
          # move local rule to lower priority
          ip rule add pref 1000 lookup local
          ip rule del pref 0
      
          # route packets of sockets bound to eth0 to the wire independant
          # of the destination address
          ip rule add pref 100 oif eth0 lookup 100
          ip route add default dev eth0 table 100
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5adef180
    • P
      net 03/05: fib_rules: add oif classification · 1b038a5e
      Patrick McHardy 提交于
      commit 68144d350f4f6c348659c825cde6a82b34c27a91
      Author: Patrick McHardy <kaber@trash.net>
      Date:   Thu Dec 3 12:05:25 2009 +0100
      
          net: fib_rules: add oif classification
      
          Support routing table lookup based on the flow's oif. This is useful to
          classify packets originating from sockets bound to interfaces differently.
      
          The route cache already includes the oif and needs no changes.
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1b038a5e
    • P
      net 02/05: fib_rules: rename ifindex/ifname/FRA_IFNAME to iifindex/iifname/FRA_IIFNAME · 491deb24
      Patrick McHardy 提交于
      commit 229e77eec406ad68662f18e49fda8b5d366768c5
      Author: Patrick McHardy <kaber@trash.net>
      Date:   Thu Dec 3 12:05:23 2009 +0100
      
          net: fib_rules: rename ifindex/ifname/FRA_IFNAME to iifindex/iifname/FRA_IIFNAME
      
          The next patch will add oif classification, rename interface related members
          and attributes to reflect that they're used for iif classification.
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      491deb24
    • P
      net 01/05: fib_rules: rearrange struct fib_rule · d2858340
      Patrick McHardy 提交于
      commit b8952893d5d86f69c4e499d191b98c6658f64b0f
      Author: Patrick McHardy <kaber@trash.net>
      Date:   Thu Dec 3 12:05:22 2009 +0100
      
          net: fib_rules: rearrange struct fib_rule
      
          The ifname member is only used to resolve interface names and is not needed
          during rule lookups. The target and ctarget members however are used during
          rule lookups and are currently located in a second cacheline.
      
          Move ifname further to the end to make sure both target and ctarget are
          located in the same cacheline as other members used during rule lookups.
      
          The layout on 64 bit changes from:
      
          struct fib_rule {
          	...
                  u32                        table;                /*    56     4 */
                  u8                         action;               /*    60     1 */
      
                  /* XXX 3 bytes hole, try to pack */
      
                  /* --- cacheline 1 boundary (64 bytes) --- */
                  u32                        target;               /*    64     4 */
      
                  /* XXX 4 bytes hole, try to pack */
      
                  struct fib_rule *          ctarget;              /*    72     8 */
                  struct rcu_head            rcu;                  /*    80    16 */
                  struct net *               fr_net;               /*    96     8 */
          };
      
          to:
      
          struct fib_rule {
          	...
                  u32                        table;                /*    40     4 */
                  u8                         action;               /*    44     1 */
      
                  /* XXX 3 bytes hole, try to pack */
      
                  u32                        target;               /*    48     4 */
      
                  /* XXX 4 bytes hole, try to pack */
      
                  struct fib_rule *          ctarget;              /*    56     8 */
                  /* --- cacheline 1 boundary (64 bytes) --- */
                  char                       ifname[16];           /*    64    16 */
                  struct rcu_head            rcu;                  /*    80    16 */
                  struct net *               fr_net;               /*    96     8 */
      
          };
      Signed-off-by: NPatrick McHardy <kaber@trash.net>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d2858340
  2. 03 12月, 2009 28 次提交