aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm/xfrm_user.c
diff options
context:
space:
mode:
authorJamal Hadi Salim <hadi@cyberus.ca>2007-04-26 03:10:29 -0400
committerDavid S. Miller <davem@davemloft.net>2007-04-26 03:10:29 -0400
commit28d8909bc790d936ce33f4402adf7577533bbd4b (patch)
tree8de479d6660aba23bc99fa555c150852548df58d /net/xfrm/xfrm_user.c
parent98486fa2f4894e2b01e325c659635596bdec1614 (diff)
[XFRM]: Export SAD info.
On a system with a lot of SAs, counting SAD entries chews useful CPU time since you need to dump the whole SAD to user space; i.e something like ip xfrm state ls | grep -i src | wc -l I have seen taking literally minutes on a 40K SAs when the system is swapping. With this patch, some of the SAD info (that was already being tracked) is exposed to user space. i.e you do: ip xfrm state count And you get the count; you can also pass -s to the command line and get the hash info. Signed-off-by: Jamal Hadi Salim <hadi@cyberus.ca> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/xfrm/xfrm_user.c')
-rw-r--r--net/xfrm/xfrm_user.c56
1 files changed, 56 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index f91521d5f2ab..cb4cc1bde5d1 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -672,6 +672,61 @@ static struct sk_buff *xfrm_state_netlink(struct sk_buff *in_skb,
672 return skb; 672 return skb;
673} 673}
674 674
675static int build_sadinfo(struct sk_buff *skb, u32 pid, u32 seq, u32 flags)
676{
677 struct xfrm_sadinfo si;
678 struct nlmsghdr *nlh;
679 u32 *f;
680
681 nlh = nlmsg_put(skb, pid, seq, XFRM_MSG_NEWSADINFO, sizeof(u32), 0);
682 if (nlh == NULL) /* shouldnt really happen ... */
683 return -EMSGSIZE;
684
685 f = nlmsg_data(nlh);
686 *f = flags;
687 xfrm_sad_getinfo(&si);
688
689 if (flags & XFRM_SAD_HMASK)
690 NLA_PUT_U32(skb, XFRMA_SADHMASK, si.sadhcnt);
691 if (flags & XFRM_SAD_HMAX)
692 NLA_PUT_U32(skb, XFRMA_SADHMAX, si.sadhmcnt);
693 if (flags & XFRM_SAD_CNT)
694 NLA_PUT_U32(skb, XFRMA_SADCNT, si.sadcnt);
695
696 return nlmsg_end(skb, nlh);
697
698nla_put_failure:
699 nlmsg_cancel(skb, nlh);
700 return -EMSGSIZE;
701}
702
703static int xfrm_get_sadinfo(struct sk_buff *skb, struct nlmsghdr *nlh,
704 struct rtattr **xfrma)
705{
706 struct sk_buff *r_skb;
707 u32 *flags = NLMSG_DATA(nlh);
708 u32 spid = NETLINK_CB(skb).pid;
709 u32 seq = nlh->nlmsg_seq;
710 int len = NLMSG_LENGTH(sizeof(u32));
711
712 if (*flags & XFRM_SAD_HMASK)
713 len += RTA_SPACE(sizeof(u32));
714 if (*flags & XFRM_SAD_HMAX)
715 len += RTA_SPACE(sizeof(u32));
716 if (*flags & XFRM_SAD_CNT)
717 len += RTA_SPACE(sizeof(u32));
718
719 r_skb = alloc_skb(len, GFP_ATOMIC);
720
721 if (r_skb == NULL)
722 return -ENOMEM;
723
724 if (build_sadinfo(r_skb, spid, seq, *flags) < 0)
725 BUG();
726
727 return nlmsg_unicast(xfrm_nl, r_skb, spid);
728}
729
675static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, 730static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh,
676 struct rtattr **xfrma) 731 struct rtattr **xfrma)
677{ 732{
@@ -1850,6 +1905,7 @@ static struct xfrm_link {
1850 [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = { .doit = xfrm_new_ae }, 1905 [XFRM_MSG_NEWAE - XFRM_MSG_BASE] = { .doit = xfrm_new_ae },
1851 [XFRM_MSG_GETAE - XFRM_MSG_BASE] = { .doit = xfrm_get_ae }, 1906 [XFRM_MSG_GETAE - XFRM_MSG_BASE] = { .doit = xfrm_get_ae },
1852 [XFRM_MSG_MIGRATE - XFRM_MSG_BASE] = { .doit = xfrm_do_migrate }, 1907 [XFRM_MSG_MIGRATE - XFRM_MSG_BASE] = { .doit = xfrm_do_migrate },
1908 [XFRM_MSG_GETSADINFO - XFRM_MSG_BASE] = { .doit = xfrm_get_sadinfo },
1853}; 1909};
1854 1910
1855static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh) 1911static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh)