netfilter: x_tables: pack percpu counter allocations
authorFlorian Westphal <fw@strlen.de>
Tue, 22 Nov 2016 13:44:19 +0000 (14:44 +0100)
committerPablo Neira Ayuso <pablo@netfilter.org>
Tue, 6 Dec 2016 20:42:19 +0000 (21:42 +0100)
commitae0ac0ed6fcf5af3be0f63eb935f483f44a402d2
treebdc9adb5d4744f958630b4e56defc818c905dbe3
parentf28e15bacedd444608e25421c72eb2cf4527c9ca
netfilter: x_tables: pack percpu counter allocations

instead of allocating each xt_counter individually, allocate 4k chunks
and then use these for counter allocation requests.

This should speed up rule evaluation by increasing data locality,
also speeds up ruleset loading because we reduce calls to the percpu
allocator.

As Eric points out we can't use PAGE_SIZE, page_allocator would fail on
arches with 64k page size.

Suggested-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
include/linux/netfilter/x_tables.h
net/ipv4/netfilter/arp_tables.c
net/ipv4/netfilter/ip_tables.c
net/ipv6/netfilter/ip6_tables.c
net/netfilter/x_tables.c