git.kernelconcepts.de Git - karo-tx-linux.git/commit

author	Vladimir Davydov <VDavydov@parallels.com>
	Wed, 13 Mar 2013 23:40:14 +0000 (23:40 +0000)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Tue, 19 Mar 2013 16:08:31 +0000 (17:08 +0100)
commit	dece40e848f6e022f960dc9de54be518928460c3
tree	4350c34ed329d2a4335f71c9bc4d3856c2530a38	tree \| snapshot
parent	493763684fefca54502e2d95b057075ac8e279ea	commit \| diff

netfilter: nf_conntrack: speed up module removal path if netns in use

The patch introduces nf_conntrack_cleanup_net_list(), which cleanups
nf_conntrack for a list of netns and calls synchronize_net() only once
for them all. This should reduce netns destruction time.

I've measured cleanup time for 1k dummy net ns. Here are the results:

<without the patch>
# modprobe nf_conntrack
# time modprobe -r nf_conntrack

real 0m10.337s
user 0m0.000s
sys 0m0.376s

<with the patch>
# modprobe nf_conntrack
# time modprobe -r nf_conntrack

real    0m5.661s
user    0m0.000s
sys     0m0.216s

Signed-off-by: Vladimir Davydov <vdavydov@parallels.com>
Cc: Patrick McHardy <kaber@trash.net>
Cc: "David S. Miller" <davem@davemloft.net>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Acked-by: Gao feng <gaofeng@cn.fujitsu.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

include/net/netfilter/nf_conntrack_core.h		diff \| blob \| history
net/netfilter/nf_conntrack_core.c		diff \| blob \| history
net/netfilter/nf_conntrack_standalone.c		diff \| blob \| history