From: Florian Westphal Date: Wed, 16 Jan 2013 11:56:44 +0000 (+0100) Subject: nfq: avoid extra copy when running in workers mode X-Git-Tag: suricata-2.0beta1~154 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=6678c9feb992feb49fc5b94c63d5e89562625b83;p=thirdparty%2Fsuricata.git nfq: avoid extra copy when running in workers mode currently, the packet payload recv()d from the nfqueue netlink socket is copied into a new packet buffer. This is required because the recv-buffer space used is tied to the current thread, but a packet may be handed off to other threads, and the recv-buffer can be re-used while the packet is handled by another thread. However, in worker runmode, the packet will always be handled by the current thread, and the recv-buffer will only be reused after the entire packet processing stack is done with the packet. Thus, in worker runmode, we can avoid the copy and assign the packet data area directly. --- diff --git a/src/source-nfq.c b/src/source-nfq.c index 3d1626ac95..740fc1eb22 100644 --- a/src/source-nfq.c +++ b/src/source-nfq.c @@ -107,7 +107,8 @@ extern int max_pending_packets; #define MAX_ALREADY_TREATED 5 #define NFQ_VERDICT_RETRY_TIME 3 -int already_seen_warning; +static int already_seen_warning; +static int runmode_workers; #define NFQ_BURST_FACTOR 4 @@ -277,12 +278,13 @@ static inline void NFQMutexInit(NFQQueueVars *nq) if (active_runmode && !strcmp("workers", active_runmode)) { nq->use_mutex = 0; + runmode_workers = 1; SCLogInfo("NFQ running in 'workers' runmode, will not use mutex."); } else { nq->use_mutex = 1; - } - if (nq->use_mutex) + runmode_workers = 0; SCMutexInit(&nq->mutex_qh, NULL); + } } #define NFQMutexLock(nq) do { \ @@ -346,6 +348,8 @@ int NFQSetupPkt (Packet *p, struct nfq_q_handle *qh, void *data) * This is unlikely to happen */ SCLogWarning(SC_ERR_INVALID_ARGUMENTS, "NFQ sent too big packet"); SET_PKT_LEN(p, 0); + } else if (runmode_workers) { + PacketSetData(p, (uint8_t *)pktdata, ret); } else { PacketCopyData(p, (uint8_t *)pktdata, ret); }