On x86 allyesconfig build:
The function compiles to 489 bytes of machine code.
It has 25 callsites.
text data bss dec hex filename
82441375 22255384 20627456 125324215 7784bb7 vmlinux.before
82434909 22255384 20627456 125317749 7783275 vmlinux
Signed-off-by: Denys Vlasenko <[email protected]>
CC: Jozsef Kadlecsik <[email protected]>
CC: Eric W. Biederman <[email protected]>
CC: David S. Miller <[email protected]>
CC: Jan Engelhardt <[email protected]>
CC: Jiri Pirko <[email protected]>
CC: [email protected]
CC: [email protected]
CC: [email protected]
---
include/linux/netfilter/ipset/ip_set.h | 24 ++----------------------
net/netfilter/ipset/ip_set_core.c | 25 +++++++++++++++++++++++++
2 files changed, 27 insertions(+), 22 deletions(-)
diff --git a/include/linux/netfilter/ipset/ip_set.h b/include/linux/netfilter/ipset/ip_set.h
index f1606fa..bf6e018 100644
--- a/include/linux/netfilter/ipset/ip_set.h
+++ b/include/linux/netfilter/ipset/ip_set.h
@@ -534,29 +534,9 @@ bitmap_bytes(u32 a, u32 b)
#include <linux/netfilter/ipset/ip_set_timeout.h>
#include <linux/netfilter/ipset/ip_set_comment.h>
-static inline int
+int
ip_set_put_extensions(struct sk_buff *skb, const struct ip_set *set,
- const void *e, bool active)
-{
- if (SET_WITH_TIMEOUT(set)) {
- unsigned long *timeout = ext_timeout(e, set);
-
- if (nla_put_net32(skb, IPSET_ATTR_TIMEOUT,
- htonl(active ? ip_set_timeout_get(timeout)
- : *timeout)))
- return -EMSGSIZE;
- }
- if (SET_WITH_COUNTER(set) &&
- ip_set_put_counter(skb, ext_counter(e, set)))
- return -EMSGSIZE;
- if (SET_WITH_COMMENT(set) &&
- ip_set_put_comment(skb, ext_comment(e, set)))
- return -EMSGSIZE;
- if (SET_WITH_SKBINFO(set) &&
- ip_set_put_skbinfo(skb, ext_skbinfo(e, set)))
- return -EMSGSIZE;
- return 0;
-}
+ const void *e, bool active);
#define IP_SET_INIT_KEXT(skb, opt, set) \
{ .bytes = (skb)->len, .packets = 1, \
diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index d259da3..6539b74 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -432,6 +432,31 @@ ip_set_get_extensions(struct ip_set *set, struct nlattr *tb[],
}
EXPORT_SYMBOL_GPL(ip_set_get_extensions);
+int
+ip_set_put_extensions(struct sk_buff *skb, const struct ip_set *set,
+ const void *e, bool active)
+{
+ if (SET_WITH_TIMEOUT(set)) {
+ unsigned long *timeout = ext_timeout(e, set);
+
+ if (nla_put_net32(skb, IPSET_ATTR_TIMEOUT,
+ htonl(active ? ip_set_timeout_get(timeout)
+ : *timeout)))
+ return -EMSGSIZE;
+ }
+ if (SET_WITH_COUNTER(set) &&
+ ip_set_put_counter(skb, ext_counter(e, set)))
+ return -EMSGSIZE;
+ if (SET_WITH_COMMENT(set) &&
+ ip_set_put_comment(skb, ext_comment(e, set)))
+ return -EMSGSIZE;
+ if (SET_WITH_SKBINFO(set) &&
+ ip_set_put_skbinfo(skb, ext_skbinfo(e, set)))
+ return -EMSGSIZE;
+ return 0;
+}
+EXPORT_SYMBOL_GPL(ip_set_put_extensions);
+
/*
* Creating/destroying/renaming/swapping affect the existence and
* the properties of a set. All of these can be executed from userspace
--
1.8.1.4
On Wed, May 06, 2015 at 04:28:57PM +0200, Denys Vlasenko wrote:
> On x86 allyesconfig build:
> The function compiles to 489 bytes of machine code.
> It has 25 callsites.
>
> text data bss dec hex filename
> 82441375 22255384 20627456 125324215 7784bb7 vmlinux.before
> 82434909 22255384 20627456 125317749 7783275 vmlinux
Jozsef, I'm going to applied this patch to nf-next.
I think that things like ip_set_put_skbinfo() can be also deinlined
and move to the core as exported symbol as this run from the control
plane path (ie. netlink).
Thanks.
On Thu, 14 May 2015, Pablo Neira Ayuso wrote:
> On Wed, May 06, 2015 at 04:28:57PM +0200, Denys Vlasenko wrote:
> > On x86 allyesconfig build:
> > The function compiles to 489 bytes of machine code.
> > It has 25 callsites.
> >
> > text data bss dec hex filename
> > 82441375 22255384 20627456 125324215 7784bb7 vmlinux.before
> > 82434909 22255384 20627456 125317749 7783275 vmlinux
>
> Jozsef, I'm going to applied this patch to nf-next.
Thanks!
> I think that things like ip_set_put_skbinfo() can be also deinlined
> and move to the core as exported symbol as this run from the control
> plane path (ie. netlink).
I'll add the patch for that to the next round of the ipset patches.
Best regards,
Jozsef
-
E-mail : [email protected], [email protected]
PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt
Address : Wigner Research Centre for Physics, Hungarian Academy of Sciences
H-1525 Budapest 114, POB. 49, Hungary