The 'rbtree' set backend does not support insertion/removal of elements from the datapath (ruleset). Elements can only be added from the control plane, so there is no compelling reason for regular, async gc scans in the background. Change rbtree to use the existing 'commit' callback to do a gc scan instead. This is run as a last step in the commit phase, when all checks have passed. This makes rbtree less complex. It also avoids the need to use atomic allocations during gc: the commit hook is allowed to sleep, the transaction mutex prevents any interference during walk. Florian Westphal (3): netfilter: nf_tables: de-constify set commit ops function argument netfilter: nft_set_rbtree: rename gc deactivate+erase function netfilter: nft_set_rbtree: prefer sync gc to async worker include/net/netfilter/nf_tables.h | 2 +- net/netfilter/nft_set_pipapo.c | 7 +- net/netfilter/nft_set_rbtree.c | 135 ++++++++++++++++-------------- 3 files changed, 75 insertions(+), 69 deletions(-) -- 2.41.0
