git://ftp.safe.ca / safe / jmp / linux-2.6 / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fe1a5f0) | patch
xfrm: cache bundles instead of policies for outgoing flows
authorTimo Teräs <timo.teras@iki.fi>
Wed, 7 Apr 2010 00:30:05 +0000 (00:30 +0000)
committerDavid S. Miller <davem@davemloft.net>
Wed, 7 Apr 2010 10:43:19 +0000 (03:43 -0700)
commit80c802f3073e84c956846e921e8a0b02dfa3755f
tree895dc92dcf6b658d78838e0a23db3dd29c8be695tree | snapshot
parentfe1a5f031e76bd8761a7803d75b95ee96e84a574commit | diff
xfrm: cache bundles instead of policies for outgoing flows

__xfrm_lookup() is called for each packet transmitted out of
system. The xfrm_find_bundle() does a linear search which can
kill system performance depending on how many bundles are
required per policy.

This modifies __xfrm_lookup() to store bundles directly in
the flow cache. If we did not get a hit, we just create a new
bundle instead of doing slow search. This means that we can now
get multiple xfrm_dst's for same flow (on per-cpu basis).

Signed-off-by: Timo Teras <timo.teras@iki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/xfrm.h diff | blob | history
net/ipv4/xfrm4_policy.c diff | blob | history
net/ipv6/xfrm6_policy.c diff | blob | history
net/xfrm/xfrm_policy.c diff | blob | history
Full containers within linux kernel