twx-linux

History

Florian Westphal d9e7891476 netfilter: nf_tables: avoid retpoline overhead for some ct expression calls nft_ct expression cannot be made builtin to nf_tables without also forcing the conntrack itself to be builtin. However, this can be avoided by splitting retrieval of a few selector keys that only need to access the nf_conn structure, i.e. no function calls to nf_conntrack code. Many rulesets start with something like "ct status established,related accept" With this change, this no longer requires an indirect call, which gives about 1.8% more throughput with a simple conntrack-enabled forwarding test (retpoline thunk used). Signed-off-by: Florian Westphal <fw@strlen.de>		2023-01-18 13:05:25 +01:00
..
ipv4
ipv6
br_netfilter.h
nf_conntrack_acct.h	netfilter: conntrack: remove extension register api	2022-02-04 06:30:28 +01:00
nf_conntrack_act_ct.h	net/sched: act_ct: Fill offloading tuple iifidx	2022-01-04 12:12:55 +00:00
nf_conntrack_bpf.h	net: netfilter: move bpf_ct_set_nat_info kfunc in nf_nat_bpf.c	2022-10-03 09:17:32 -07:00
nf_conntrack_bridge.h
nf_conntrack_core.h	netfilter: conntrack: merge ipv4+ipv6 confirm functions	2022-11-30 18:55:30 +01:00
nf_conntrack_count.h	netfilter: nf_conncount: reduce unnecessary GC	2022-05-16 13:05:40 +02:00
nf_conntrack_ecache.h	netfilter: prefer extension check to pointer check	2022-05-13 18:56:28 +02:00
nf_conntrack_expect.h
nf_conntrack_extend.h	netfilter: extensions: introduce extension genid count	2022-05-13 18:52:16 +02:00
nf_conntrack_helper.h	net: move add ct helper function to nf_conntrack_helper for ovs and tc	2022-11-08 12:15:19 +01:00
nf_conntrack_l4proto.h
nf_conntrack_labels.h	netfilter: extensions: introduce extension genid count	2022-05-13 18:52:16 +02:00
nf_conntrack_seqadj.h	netfilter: conntrack: remove extension register api	2022-02-04 06:30:28 +01:00
nf_conntrack_synproxy.h
nf_conntrack_timeout.h	netfilter: nf_conntrack: add missing __rcu annotations	2022-07-11 16:25:15 +02:00
nf_conntrack_timestamp.h	netfilter: conntrack: remove extension register api	2022-02-04 06:30:28 +01:00
nf_conntrack_tuple.h
nf_conntrack_zones.h
nf_conntrack.h	netfilter: remove nf_conntrack_helper sysctl and modparam toggles	2022-08-31 12:12:32 +02:00
nf_dup_netdev.h
nf_flow_table.h	netfilter: flowtable: fix stuck flows on cleanup due to pending work	2022-08-24 07:43:21 +02:00
nf_hooks_lwtunnel.h
nf_log.h
nf_nat_helper.h	netfilter: nat: move repetitive nat port reserve loop to a helper	2022-09-07 16:46:04 +02:00
nf_nat_masquerade.h
nf_nat_redirect.h
nf_nat.h	net: move the nat function to nf_nat_ovs for ovs and tc	2022-12-12 10:14:03 +00:00
nf_queue.h	treewide: use get_random_u32() when possible	2022-10-11 17:42:58 -06:00
nf_reject.h	netfilter: conntrack: skip verification of zero UDP checksum	2022-05-13 18:56:28 +02:00
nf_socket.h
nf_synproxy.h
nf_tables_core.h	netfilter: nf_tables: avoid retpoline overhead for some ct expression calls	2023-01-18 13:05:25 +01:00
nf_tables_ipv4.h	netfilter: nf_tables: reduce nft_pktinfo by 8 bytes	2022-10-25 13:44:14 +02:00
nf_tables_ipv6.h	netfilter: nf_tables: reduce nft_pktinfo by 8 bytes	2022-10-25 13:44:14 +02:00
nf_tables_offload.h	netfilter: nf_tables: bail out early if hardware offload is not supported	2022-06-06 19:19:15 +02:00
nf_tables.h	netfilter: nf_tables: honor set timeout and garbage collection updates	2022-12-22 10:36:37 +01:00
nf_tproxy.h
nft_fib.h	netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters	2022-11-15 10:46:34 +01:00
nft_meta.h	netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters	2022-11-15 10:46:34 +01:00
nft_reject.h	netfilter: nf_tables: Extend nft_expr_ops::dump callback parameters	2022-11-15 10:46:34 +01:00
xt_rateest.h	net: sched: Merge Qdisc::bstats and Qdisc::cpu_bstats data types	2021-10-18 12:54:41 +01:00