• F
    netfilter: merge ctinfo into nfct pointer storage area · a9e419dc
    Florian Westphal 提交于
    After this change conntrack operations (lookup, creation, matching from
    ruleset) only access one instead of two sk_buff cache lines.
    
    This works for normal conntracks because those are allocated from a slab
    that guarantees hw cacheline or 8byte alignment (whatever is larger)
    so the 3 bits needed for ctinfo won't overlap with nf_conn addresses.
    
    Template allocation now does manual address alignment (see previous change)
    on arches that don't have sufficent kmalloc min alignment.
    
    Some spots intentionally use skb->_nfct instead of skb_nfct() helpers,
    this is to avoid undoing the skb_nfct() use when we remove untracked
    conntrack object in the future.
    Signed-off-by: NFlorian Westphal <fw@strlen.de>
    Signed-off-by: NPablo Neira Ayuso <pablo@netfilter.org>
    a9e419dc
skbuff.h 111.3 KB