This series gets rid of the remaining indirect calls in the conntrack packet
path (except the conntrack entry points themselves).
To do this, the last remaining modular l4 tracker (GRE) is made built-in.
The second upside is that this allows to remove all the 'dynamic registration'
infrastructure. While at it, this also moves the l4 sysctl handling into
a single location.
The nat core still contains several indirect calls, those are not addressed
here.
Before this series:
text data bss dec hex filename
6281 1732 4 8017 1f51 nf_conntrack_proto_gre.ko
108356 20613 236 129205 1f8b5 nf_conntrack.ko
After:
294864 net/netfilter/nf_conntrack.ko
text data bss dec hex filename
106979 19557 240 126776 1ef38 nf_conntrack.ko
So even with PROTO_GRE=y, total size is reduced.
Florian Westphal (16):
netfilter: conntrack: handle builtin l4proto packet functions via direct calls
netfilter: conntrack: handle icmp pkt_to_tuple helper via direct calls
netfilter: conntrack: gre: convert rwlock to rcu
netfilter: conntrack: gre: switch module to be built-in
netfilter: conntrack: remove net_id
netfilter: conntrack: remove pkt_to_tuple callback
netfilter: conntrack: remove invert_tuple callback
netfilter: conntrack: remove module owner field
netfilter: conntrack: remove remaining l4proto indirect packet calls
netfilter: conntrack: remove pernet l4 proto register interface
netfilter: conntrack: avoid unneeded nf_conntrack_l4proto lookups
netfilter: conntrack: unify sysctl handling
netfilter: conntrack: remove sysctl registration helpers
netfilter: conntrack: remove l4proto init and get_net callbacks
netfilter: conntrack: remove l4proto destroy hook
netfilter: conntrack: remove nf_ct_l4proto_find_get
include/linux/netfilter/nf_conntrack_proto_gre.h | 17
include/net/netfilter/ipv4/nf_conntrack_ipv4.h | 3
include/net/netfilter/nf_conntrack.h | 2
include/net/netfilter/nf_conntrack_core.h | 5
include/net/netfilter/nf_conntrack_l4proto.h | 126 ++++---
include/net/netns/conntrack.h | 32 -
net/ipv4/netfilter/nf_nat_l3proto_ipv4.c | 2
net/ipv6/netfilter/nf_nat_l3proto_ipv6.c | 2
net/netfilter/Kconfig | 2
net/netfilter/Makefile | 3
net/netfilter/nf_conntrack_core.c | 170 +++++----
net/netfilter/nf_conntrack_expect.c | 2
net/netfilter/nf_conntrack_netlink.c | 14
net/netfilter/nf_conntrack_pptp.c | 2
net/netfilter/nf_conntrack_proto.c | 406 +++--------------------
net/netfilter/nf_conntrack_proto_dccp.c | 136 +------
net/netfilter/nf_conntrack_proto_generic.c | 87 ----
net/netfilter/nf_conntrack_proto_gre.c | 208 ++---------
net/netfilter/nf_conntrack_proto_icmp.c | 69 ---
net/netfilter/nf_conntrack_proto_icmpv6.c | 71 ----
net/netfilter/nf_conntrack_proto_sctp.c | 130 -------
net/netfilter/nf_conntrack_proto_tcp.c | 162 ---------
net/netfilter/nf_conntrack_proto_udp.c | 82 ----
net/netfilter/nf_conntrack_standalone.c | 397 +++++++++++++++++++++-
net/netfilter/nf_flow_table_core.c | 2
net/netfilter/nf_nat_core.c | 12
net/netfilter/nfnetlink_cttimeout.c | 19 -
net/netfilter/nft_ct.c | 4
net/netfilter/xt_CT.c | 2
net/openvswitch/conntrack.c | 2
30 files changed, 808 insertions(+), 1363 deletions(-)
