Eric Dumazet wrote: > Le mardi 01 juin 2010 à 12:18 +0200, Patrick McHardy a écrit : > >> If a new conntrack is created in PRE_ROUTING or LOCAL_OUT, it will be >> added to the unconfirmed list and moved to the hash as soon as the >> packet passes POST_ROUTING. This means the number of unconfirmed entries >> created by the network is bound by the number of CPUs due to BH >> processing. The number created by locally generated packets is unbound >> in case of preemptible kernels however. >> > > OK, we should have a percpu list then. Yes, that makes sense. > BTW, I notice nf_conntrack_untracked is incorrectly annotated > '__read_mostly'. > > It can be written very often :( > > Should'nt we special case it and let be really const ? That would need quite a bit of special-casing to avoid touching the reference counts. So far this is completely hidden, so I'd say it just shouldn't be marked __read_mostly. Alternatively we can make "untracked" a nfctinfo state. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
