On Thu, Apr 16, 2009 at 03:33:54PM -0700, David Miller wrote: > From: Patrick McHardy <kaber@xxxxxxxxx> > Date: Thu, 16 Apr 2009 15:11:31 +0200 > > > Linus Torvalds wrote: > >> On Wed, 15 Apr 2009, Stephen Hemminger wrote: > >>> The counters are the bigger problem, otherwise we could just free > >>> table > >>> info via rcu. Do we really have to support: replace where the counter > >>> values coming out to user space are always exactly accurate, or is it > >>> allowed to replace a rule and maybe lose some counter ticks (worst > >>> case > >>> NCPU-1). > >> Why not just read the counters fromt he old one at RCU free time (they > >> are guaranteed to be stable at that point, since we're all done with > >> those entries), and apply them at that point to the current setup? > > > > We need the counters immediately to copy them to userspace, so waiting > > for an asynchronous RCU free is not going to work. > > It just occurred to me that since all netfilter packet handling > goes through one place, we could have a sort-of "netfilter RCU" > of sorts to solve this problem. OK, I am putting one together... It will be needed sooner or later, though I suspect per-CPU locking would work fine in this case. Thanx, Paul -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
