ipv4: Elide fib_validate_source() completely when possible. If rpfilter is off (or the SKB has an IPSEC path) and there are not tclassid users, we don't have to do anything at all when fib_validate_source() is invoked besides setting the itag to zero. We monitor tclassid uses with a counter (modified only under RTNL and marked __read_mostly) and we protect the fib_validate_source() real work with a test against this counter and whether rpfilter is to be done. Having a way to know whether we need no tclassid processing or not also opens the door for future optimized rpfilter algorithms that do not perform full FIB lookups. Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 7a9bc9b81a5bc6e44ebc80ef781332e4385083f2 [log] [tgz]
author: David S. Miller <davem@davemloft.net> Fri Jun 29 01:32:45 2012 -0700
committer: David S. Miller <davem@davemloft.net> Fri Jun 29 01:36:36 2012 -0700
tree: 1342c672823d47bfb112fee63951af9f6a3eb590
parent: b8c8430726e5bd552e01dacc5a44f3f83f7446ca [diff] [blame]
diff --git a/include/net/fib_rules.h b/include/net/fib_rules.h
index 075f1e3..e361f48 100644
--- a/include/net/fib_rules.h
+++ b/include/net/fib_rules.h

@@ -52,6 +52,7 @@
 					     struct sk_buff *,
 					     struct fib_rule_hdr *,
 					     struct nlattr **);
+	void			(*delete)(struct fib_rule *);
 	int			(*compare)(struct fib_rule *,
 					   struct fib_rule_hdr *,
 					   struct nlattr **);
commit	7a9bc9b81a5bc6e44ebc80ef781332e4385083f2	[log] [tgz]
author	David S. Miller <davem@davemloft.net>	Fri Jun 29 01:32:45 2012 -0700
committer	David S. Miller <davem@davemloft.net>	Fri Jun 29 01:36:36 2012 -0700
tree	1342c672823d47bfb112fee63951af9f6a3eb590
parent	b8c8430726e5bd552e01dacc5a44f3f83f7446ca [diff] [blame]