[XFRM]: Export SAD info.
On a system with a lot of SAs, counting SAD entries chews useful CPU time since you need to dump the whole SAD to user space; i.e something like ip xfrm state ls | grep -i src | wc -l I have seen taking literally minutes on a 40K SAs when the system is swapping. With this patch, some of the SAD info (that was already being tracked) is exposed to user space. i.e you do: ip xfrm state count And you get the count; you can also pass -s to the command line and get the hash info. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Jamal Hadi Salim
committed by
David S. Miller
David S. Miller
parent
98486fa2f4
commit
28d8909bc7
@@ -672,6 +672,61 @@ static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb,
|
||||
return skb;
|
||||
}
|
||||
|
||||
static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
|
||||
{
|
||||
struct xfrm_sadinfo si;
|
||||
struct nlmsghdr *nlh;
|
||||
u32 *f;
|
||||
|
||||
nlh = nlmsg_put(skb, pid, seq, XFRM_MSG_NEWSADINFO, sizeof(u32), 0);
|
||||
if (nlh == NULL) /* shouldnt really happen ... */
|
||||
return -EMSGSIZE;
|
||||
|
||||
f = nlmsg_data(nlh);
|
||||
*f = flags;
|
||||
xfrm_sad_getinfo(&si);
|
||||
|
||||
if (flags & XFRM_SAD_HMASK)
|
||||
NLA_PUT_U32(skb, XFRMA_SADHMASK, si.sadhcnt);
|
||||
if (flags & XFRM_SAD_HMAX)
|
||||
NLA_PUT_U32(skb, XFRMA_SADHMAX, si.sadhmcnt);
|
||||
if (flags & XFRM_SAD_CNT)
|
||||
NLA_PUT_U32(skb, XFRMA_SADCNT, si.sadcnt);
|
||||
|
||||
return nlmsg_end(skb, nlh);
|
||||
|
||||
nla_put_failure:
|
||||
nlmsg_cancel(skb, nlh);
|
||||
return -EMSGSIZE;
|
||||
}
|
||||
|
||||
static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
|
||||
struct rtattr **xfrma)
|
||||
{
|
||||
struct sk_buff *r_skb;
|
||||
u32 *flags = NLMSG_DATA(nlh);
|
||||
u32 spid = NETLINK_CB(skb).pid;
|
||||
u32 seq = nlh->nlmsg_seq;
|
||||
int len = NLMSG_LENGTH(sizeof(u32));
|
||||
|
||||
if (*flags & XFRM_SAD_HMASK)
|
||||
len += RTA_SPACE(sizeof(u32));
|
||||
if (*flags & XFRM_SAD_HMAX)
|
||||
len += RTA_SPACE(sizeof(u32));
|
||||
if (*flags & XFRM_SAD_CNT)
|
||||
len += RTA_SPACE(sizeof(u32));
|
||||
|
||||
r_skb = alloc_skb(len, GFP_ATOMIC);
|
||||
|
||||
if (r_skb == NULL)
|
||||
return -ENOMEM;
|
||||
|
||||
if (build_sadinfo(r_skb, spid, seq, *flags) < 0)
|
||||
BUG();
|
||||
|
||||
return nlmsg_unicast(xfrm_nl, r_skb, spid);
|
||||
}
|
||||
|
||||
static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
|
||||
struct rtattr **xfrma)
|
||||
{
|
||||
@@ -1850,6 +1905,7 @@ static struct xfrm_link {
|
||||
[XFRM_MSG_NEWAE - XFRM_MSG_BASE] = { .doit = xfrm_new_ae },
|
||||
[XFRM_MSG_GETAE - XFRM_MSG_BASE] = { .doit = xfrm_get_ae },
|
||||
[XFRM_MSG_MIGRATE - XFRM_MSG_BASE] = { .doit = xfrm_do_migrate },
|
||||
[XFRM_MSG_GETSADINFO - XFRM_MSG_BASE] = { .doit = xfrm_get_sadinfo },
|
||||
};
|
||||
|
||||
static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)
|
||||
|
||||
Reference in New Issue
Block a user