On Fri, 2005-02-04 at 15:09 +0100, Andi Kleen wrote:
> On kernels compiled with a big NR_CPUS netfilter rules would
> eat a lot of memory because all counters would be duplicated
> for all NR_CPUs CPUs. With NR_CPUS=256 this would add up
> to many MBs of memory.
> This patch only allocates enough memory for the possible CPUs,
> which is usually a much smaller number than NR_CPUS.
> This allows loading of bigger rule sets on 64bit systems.
> There is still a limit because someone else broke vmalloc to have a 64MB
> limit on 64bit systems for single allocations, 129MB on 32bit.
> It allocates an array of pages with kmalloc and kmalloc has a 128K limit.
> To be fixed with a separate patch.
> 64bit systems were hurt worst because they tend to have big NR_CPUS
> and the counters need more memory there, and the vmalloc limit is lower.
> But it will raise the limits even on 32bit.
> And in general it saves a lot of memory.
Patrick, could you apply and submit this patch to Davem? Or if Davem
applies it himself. It's pretty obvious and would help small SMP
machines with distribution kernels and/or strange admins.
Description: This is a digitally signed message part