Jan Engelhardt wrote:
[NETFILTER]: Move extensions' arguments into compound structure (1/2)
The function signatures for Xtables extensions have grown over time.
It involves a lot of typing/replication, and also a bit of stack space
even if they are not used. Realize an NFWS2008 idea and pack them into
structs. The skb remains outside of the struct so gcc can continue to
apply its optimizations.
This patch does this for matches (only).
This looks good to me, it will reduce the maintenance overhead
considerably when doing changes in this area.
@@ -223,9 +223,18 @@ do_match(struct ip6t_entry_match *m,
unsigned int protoff,
bool *hotdrop)
{
+ struct xt_match_param par = {
+ .in = in,
+ .out = out,
+ .match = m->u.kernel.match,
+ .matchinfo = m->data,
+ .fragoff = offset,
+ .thoff = protoff,
+ .hotdrop = hotdrop,
+ };
Some of these members are constant during evaluation, so it would save
some overhead to initialize the structure on a higher level and only
fill in the match specific bits in do_match(). Alternatively you could
use two structures, one for the fixes bits related to the packet, one
for the match specific bits.
BTW, networking is using the same patch headline scheme as most of
the other subsystems nowadays, so please use "netfilter: " instead
of [NETFILTER]: in future patches. I also usually add the netfilter
internal subsystem, so this one would probably be
"netfilter: x_tables: move extensions' arguments ...".
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
