Eric Dumazet <eric.dumazet@xxxxxxxxx> wrote: > Number one offender is the nfnl_lock mutex hold each time we give a > verdict. Yes, the nfnl mutex is fairly annoying for nfqueue. Unfortunately it is not possible to just remove it completely since it also protects against module removal. But I guess even having to grab a refcount would be a huge win as opposed to holding on to the nfnl mutex... We'd also need to audit all ->call implementations; most of them assume the nfnl_mutex is being hold. > Time to add RCU ;) Thanks for volunteering ;-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
