On Tue, Jul 05, 2016 at 12:07:23PM +0200, Florian Westphal wrote:
> The nat extension structure is 32bytes in size on x86_64:
>
> struct nf_conn_nat {
> struct hlist_node bysource; /* 0 16 */
> struct nf_conn * ct; /* 16 8 */
> union nf_conntrack_nat_help help; /* 24 4 */
> int masq_index; /* 28 4 */
> /* size: 32, cachelines: 1, members: 4 */
> /* last cacheline: 32 bytes */
> };
>
> The hlist is needed to quickly check for possible tuple collisions
> when installing a new nat binding. Storing this in the extension
> area has two drawbacks:
>
> 1. We need ct backpointer to get the conntrack struct from the extension.
> 2. When reallocation of extension area occurs we need to fixup the bysource
> hash head via hlist_replace_rcu.
>
> We can avoid both by placing the hlist_head in nf_conn and place nf_conn in
> the bysource hash rather than the extenstion.
>
> We can also remove the ->move support; no other extension needs it.
>
> Moving the entire nat extension into nf_conn would be possible as well but
> then we have to add yet another callback for deletion from the bysource
> hash table rather than just using nat extension ->destroy hook for this.
>
> nf_conn size doesn't increase due to aligment, followup patch replaces
> hlist_node with single pointer.
Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
