mbox series

[ovs-dev,net-next,0/8] openvswitch: load and reference the NAT helper.

Message ID 20190326205715.22288-1-fbl@sysclose.org
Headers show
Series openvswitch: load and reference the NAT helper. | expand

Message

Flavio Leitner March 26, 2019, 8:57 p.m. UTC 
The request_module() is quite expensive and triggers the
usermode helper in userspace. Instead, load only if the
module is not present and keep module references to avoid
problems.

The first patch standardize the module alias which is already
there, but not in a formal way.

The second patch adds an API to point to the NAT helper.

The following patches will register each NAT helper using
the new API.

The last patch fixes openvswitch to use the new API to
load and reference the NAT helper and also report an error
if the operation fails.

Flavio Leitner (8):
  netfilter: use macros to create module aliases.
  netfilter: add API to manage NAT helpers.
  netfilter: nf_nat: register amanda NAT helper.
  netfilter: nf_nat: register ftp NAT helper.
  netfilter: nf_nat: register irc NAT helper.
  netfilter: nf_nat: register sip NAT helper.
  netfilter: nf_nat: register tftp NAT helper.
  openvswitch: load and reference the NAT helper.

 include/net/netfilter/nf_conntrack_helper.h |  23 ++++-
 net/ipv4/netfilter/nf_nat_h323.c            |   2 +-
 net/ipv4/netfilter/nf_nat_pptp.c            |   2 +-
 net/netfilter/nf_conntrack_amanda.c         |   2 +
 net/netfilter/nf_conntrack_ftp.c            |   6 +-
 net/netfilter/nf_conntrack_helper.c         | 108 +++++++++++++++++++-
 net/netfilter/nf_conntrack_irc.c            |   3 +-
 net/netfilter/nf_conntrack_sane.c           |   4 +-
 net/netfilter/nf_conntrack_sip.c            |  12 ++-
 net/netfilter/nf_conntrack_tftp.c           |   6 +-
 net/netfilter/nf_nat_amanda.c               |   9 +-
 net/netfilter/nf_nat_ftp.c                  |   8 +-
 net/netfilter/nf_nat_irc.c                  |   8 +-
 net/netfilter/nf_nat_sip.c                  |   8 +-
 net/netfilter/nf_nat_tftp.c                 |   8 +-
 net/openvswitch/conntrack.c                 |  27 +++--
 16 files changed, 209 insertions(+), 27 deletions(-)

Comments

David Miller March 28, 2019, 11:55 p.m. UTC | #1 
From: Flavio Leitner <fbl@sysclose.org>
Date: Tue, 26 Mar 2019 17:57:07 -0300

> The request_module() is quite expensive and triggers the
> usermode helper in userspace. Instead, load only if the
> module is not present and keep module references to avoid
> problems.
> 
> The first patch standardize the module alias which is already
> there, but not in a formal way.
> 
> The second patch adds an API to point to the NAT helper.
> 
> The following patches will register each NAT helper using
> the new API.
> 
> The last patch fixes openvswitch to use the new API to
> load and reference the NAT helper and also report an error
> if the operation fails.

These are mostly netfilter changes so I would like to see some
reviews/ACKs from netfilter folks.

Thanks.
David Miller March 31, 2019, 8:56 p.m. UTC | #2 
From: Flavio Leitner <fbl@sysclose.org>
Date: Tue, 26 Mar 2019 17:57:07 -0300

> The request_module() is quite expensive and triggers the
> usermode helper in userspace. Instead, load only if the
> module is not present and keep module references to avoid
> problems.
> 
> The first patch standardize the module alias which is already
> there, but not in a formal way.
> 
> The second patch adds an API to point to the NAT helper.
> 
> The following patches will register each NAT helper using
> the new API.
> 
> The last patch fixes openvswitch to use the new API to
> load and reference the NAT helper and also report an error
> if the operation fails.

I haven't seen any netfilter reviews of this series, so I'm dropping
it.