diff options
| author | Steffen Klassert <steffen.klassert@secunet.com> | 2024-10-23 12:53:43 +0200 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2024-10-29 11:56:12 +0100 |
| commit | 0045e3d80613cc7174dc15f189ee6fc4e73b9365 (patch) | |
| tree | b6f1062ea58d90a23f73499db175c105d02ffc18 /include/net | |
| parent | xfrm: Add support for per cpu xfrm state handling. (diff) | |
| download | linux-0045e3d80613cc7174dc15f189ee6fc4e73b9365.tar.xz linux-0045e3d80613cc7174dc15f189ee6fc4e73b9365.zip | |
xfrm: Cache used outbound xfrm states at the policy.
Now that we can have percpu xfrm states, the number of active
states might increase. To get a better lookup performance,
we cache the used xfrm states at the policy for outbound
IPsec traffic.
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Tested-by: Antony Antony <antony.antony@secunet.com>
Tested-by: Tobias Brunner <tobias@strongswan.org>
Diffstat (limited to 'include/net')
| -rw-r--r-- | include/net/xfrm.h | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index f5275618e744..0b394c5fb5f3 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -184,6 +184,7 @@ struct xfrm_state { }; struct hlist_node byspi; struct hlist_node byseq; + struct hlist_node state_cache; refcount_t refcnt; spinlock_t lock; @@ -537,6 +538,7 @@ struct xfrm_policy_queue { * @xp_net: network namespace the policy lives in * @bydst: hlist node for SPD hash table or rbtree list * @byidx: hlist node for index hash table + * @state_cache_list: hlist head for policy cached xfrm states * @lock: serialize changes to policy structure members * @refcnt: reference count, freed once it reaches 0 * @pos: kernel internal tie-breaker to determine age of policy @@ -567,6 +569,8 @@ struct xfrm_policy { struct hlist_node bydst; struct hlist_node byidx; + struct hlist_head state_cache_list; + /* This lock only affects elements except for entry. */ rwlock_t lock; refcount_t refcnt; |