rhashtable: Per bucket locks & deferred expansion/shrinking

Introduces an array of spinlocks to protect bucket mutations. The number of spinlocks per CPU is configurable and selected based on the hash of the bucket. This allows for parallel insertions and removals of entries which do not share a lock. The patch also defers expansion and shrinking to a worker queue which allows insertion and removal from atomic context. Insertions and deletions may occur in parallel to it and are only held up briefly while the particular bucket is linked or unzipped. Mutations of the bucket table pointer is protected by a new mutex, read access is RCU protected. In the event of an expansion or shrinking, the new bucket table allocated is exposed as a so called future table as soon as the resize process starts. Lookups, deletions, and insertions will briefly use both tables. The future table becomes the main table after an RCU grace period and initial linking of the old to the new table was performed. Optimization of the chains to make use of the new number of buckets follows only the new table is in use. The side effect of this is that during that RCU grace period, a bucket traversal using any rht_for_each() variant on the main table will not see any insertions performed during the RCU grace period which would at that point land in the future table. The lookup will see them as it searches both tables if needed. Having multiple insertions and removals occur in parallel requires nelems to become an atomic counter. Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Thomas Graf <tgraf@suug.ch> 2015-01-02 17:00:20 -0500
committer: David S. Miller <davem@davemloft.net> 2015-01-03 14:32:57 -0500
commit: 97defe1ecf868b8127f8e62395499d6a06e4c4b1 (patch)
tree: d3ed6d3db4943e01b1ae58e73580537ba1642d9e /net/netfilter
parent: 113948d841e8d78039e5dbbb5248f5b73e99eafa (diff)
1 files changed, 12 insertions, 15 deletions
diff --git a/net/netfilter/nft_hash.c b/net/netfilter/nft_hash.c
index 7f903cf9a1b9..75887d7d2c6a 100644
--- a/net/netfilter/nft_hash.c
+++ b/net/netfilter/nft_hash.c
@@ -33,7 +33,7 @@ static bool nft_hash_lookup(const struct nft_set *set,
                            const struct nft_data *key,
                            struct nft_data *data)
 {
-        const struct rhashtable *priv = nft_set_priv(set);
+        struct rhashtable *priv = nft_set_priv(set);
        const struct nft_hash_elem *he;
        he = rhashtable_lookup(priv, key);
@@ -113,7 +113,7 @@ static bool nft_hash_compare(void *ptr, void *arg)
 static int nft_hash_get(const struct nft_set *set, struct nft_set_elem *elem)
 {
-        const struct rhashtable *priv = nft_set_priv(set);
+        struct rhashtable *priv = nft_set_priv(set);
        struct nft_compare_arg arg = {
                .set = set,
                .elem = elem,
@@ -129,7 +129,7 @@ static int nft_hash_get(const struct nft_set *set, struct nft_set_elem *elem)
 static void nft_hash_walk(const struct nft_ctx *ctx, const struct nft_set *set,
                          struct nft_set_iter *iter)
 {
-        const struct rhashtable *priv = nft_set_priv(set);
+        struct rhashtable *priv = nft_set_priv(set);
        const struct bucket_table *tbl;
        const struct nft_hash_elem *he;
        struct nft_set_elem elem;
@@ -162,13 +162,6 @@ static unsigned int nft_hash_privsize(const struct nlattr * const nla[])
        return sizeof(struct rhashtable);
 }
-#ifdef CONFIG_PROVE_LOCKING
-static int lockdep_nfnl_lock_is_held(void *parent)
-{
-        return lockdep_nfnl_is_held(NFNL_SUBSYS_NFTABLES);
-}
-#endif
 static int nft_hash_init(const struct nft_set *set,
                         const struct nft_set_desc *desc,
                         const struct nlattr * const tb[])
@@ -182,9 +175,6 @@ static int nft_hash_init(const struct nft_set *set,
                .hashfn = jhash,
                .grow_decision = rht_grow_above_75,
                .shrink_decision = rht_shrink_below_30,
-#ifdef CONFIG_PROVE_LOCKING
-                .mutex_is_held = lockdep_nfnl_lock_is_held,
-#endif
        };
        return rhashtable_init(priv, &params);
@@ -192,16 +182,23 @@ static int nft_hash_init(const struct nft_set *set,
 static void nft_hash_destroy(const struct nft_set *set)
 {
-        const struct rhashtable *priv = nft_set_priv(set);
+        struct rhashtable *priv = nft_set_priv(set);
-        const struct bucket_table *tbl = priv->tbl;
+        const struct bucket_table *tbl;
        struct nft_hash_elem *he;
        struct rhash_head *pos, *next;
        unsigned int i;
+        /* Stop an eventual async resizing */
+        priv->being_destroyed = true;
+        mutex_lock(&priv->mutex);
+        tbl = rht_dereference(priv->tbl, priv);
        for (i = 0; i < tbl->size; i++) {
                rht_for_each_entry_safe(he, pos, next, tbl, i, node)
                        nft_hash_elem_destroy(set, he);
        }
+        mutex_unlock(&priv->mutex);
        rhashtable_destroy(priv);
 }
author	Thomas Graf <tgraf@suug.ch>	2015-01-02 17:00:20 -0500
committer	David S. Miller <davem@davemloft.net>	2015-01-03 14:32:57 -0500
commit	97defe1ecf868b8127f8e62395499d6a06e4c4b1 (patch)
tree	d3ed6d3db4943e01b1ae58e73580537ba1642d9e /net/netfilter
parent	113948d841e8d78039e5dbbb5248f5b73e99eafa (diff)