Hi, The following patchset contains updates for the nf_tables set infrastructure, specifically new infrastructure to select between several set backend operation of one single type, a new fixed hashtable set implementation and general performance improvements for the hashtable set type: 1) Remove unnecessary forward declaration in nft_set_hash. 2) Do not lie to the set backend selection algorithm. If we don't know the number of set elements, we cannot provide any size. We now have the memory scalability notation to use it in this case. 3) Rename nft_hash_ to nft_rhash_ for the resizable hash implementation. 4) Pass set description to ->privsize, this is required by the new fixed size hashtable implementation. 5) Add nft_hash_buckets() helper function to calculate the number of hashtable buckets both for fixed and resizable hashtables. 6) Add infrastructure to select between several set backend variants, so we can accomodate the fixed hashtable implementation in the nf_tables hashtable set type. 7) Allow large allocation for new sets, the fixed size hashtable places the bucket array in a flexible array, and its size may trigger memory allocation failures via kmalloc(), thus, fall back to vmalloc(). 8) Add faster fixed size hashtable implementation. ~10% faster than the resizable hashtable, and this is just ~200 lines of code of a very simple hashtable implementation. 9) Add faster 2-byte and 4-byte lookup function for fixed hashtable, using the new set operation selection infrastructure. Pablo Neira Ayuso (9): netfilter: nft_set_hash: unnecessary forward declaration netfilter: nf_tables: no size estimation if number of set elements is unknown netfilter: nft_set_hash: use nft_rhash prefix for resizable set backend netfilter: nf_tables: select set backend flavour depending on description netfilter: nf_tables: pass set description to ->privsize netfilter: nft_set_hash: add nft_hash_buckets() netfilter: nf_tables: allow large allocations for new sets netfilter: nft_set_hash: add non-resizable hashtable implementation netfilter: nft_set_hash: add lookup variant for fixed size hashtable include/net/netfilter/nf_tables.h | 29 ++- net/netfilter/nf_tables_api.c | 80 ++++--- net/netfilter/nft_set_bitmap.c | 13 +- net/netfilter/nft_set_hash.c | 471 +++++++++++++++++++++++++++++--------- net/netfilter/nft_set_rbtree.c | 21 +- 5 files changed, 457 insertions(+), 157 deletions(-) -- 2.1.4 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
