On Wed, Aug 29, 2018 at 02:41:29PM +0200, Florian Westphal wrote: > There is one synchronize_rcu instance left in the nf_tables config path, > its required when something has to be removed that might still be > visible from the packet path, such as rules or set elements. > > In such case, we have something like this: > 1. transaction changes are applied > 2. synchronize_rcu > 3. data is free'd > > all of this happens under (per netns) transaction mutex. > > This patch set moves the last two steps to a work queue, > so mutex can be released sooner. > > First patch splits set destructions into two phases. > One 'delete' phase, which performs all needed steps to > hide the to-be-removed element(s) from the configuration plane, > and one 'free' phase, which can perform resource release, e.g. > kfree, putting references and the like. > > Because a transaction can fail, its is necessary to re-add > already-hidden elements again, else we will no longer be able to > abort transactions properly. The first patch handles this. > > The last patch then makes transaction look like: > > 1. transaction changes are applied > 2. transaction log gets appended to list > 3. work queue is scheduled > > The work queue will still call synchronize_rcu, but this > does no longer happen from the nf_tables config path. Series applied, thanks!
