Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netipsec Introduced a hash table to sahlist
details: https://anonhg.NetBSD.org/src/rev/ce991cb2bc0f
branches: trunk
changeset: 322061:ce991cb2bc0f
user: yamaguchi <yamaguchi%NetBSD.org@localhost>
date: Mon Apr 16 08:52:09 2018 +0000
description:
Introduced a hash table to sahlist
An saidx of sah included in the list is unique so that
the search can use a hash list whose hash is calculated by
the saidx to find an sah quickly.
The hash list of the sahlits is used in FreeBSD, too.
reviewed by ozaki-r@n.o, thanks.
diffstat:
sys/netipsec/key.c | 90 ++++++++++++++++++++++++++++++++++++++++++++---------
1 files changed, 74 insertions(+), 16 deletions(-)
diffs (177 lines):
diff -r 2d21512189a0 -r ce991cb2bc0f sys/netipsec/key.c
--- a/sys/netipsec/key.c Mon Apr 16 08:31:06 2018 +0000
+++ b/sys/netipsec/key.c Mon Apr 16 08:52:09 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.250 2018/04/09 06:26:05 yamaguchi Exp $ */
+/* $NetBSD: key.c,v 1.251 2018/04/16 08:52:09 yamaguchi Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.250 2018/04/09 06:26:05 yamaguchi Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.251 2018/04/16 08:52:09 yamaguchi Exp $");
/*
* This code is referred to RFC 2367
@@ -72,6 +72,7 @@
#include <sys/condvar.h>
#include <sys/localcount.h>
#include <sys/pserialize.h>
+#include <sys/hash.h>
#include <net/if.h>
#include <net/route.h>
@@ -119,6 +120,10 @@
#define PORT_LOOSE 1
#define PORT_STRICT 2
+#ifndef SAHHASH_NHASH
+#define SAHHASH_NHASH 128
+#endif
+
percpu_t *pfkeystat_percpu;
/*
@@ -201,20 +206,20 @@
/*
* Locking notes on SAD:
* - Data structures
- * - SAs are managed by the list called key_sad.sahlist and sav lists of sah
- * entries
+ * - SAs are managed by the list called key_sad.sahlists and sav lists of
+ * sah entries
* - An sav is supposed to be an SA from a viewpoint of users
* - A sah has sav lists for each SA state
- * - Multiple sahs with the same saidx can exist
+ * - Multiple saves with the same saidx can exist
* - Only one entry has MATURE state and others should be DEAD
* - DEAD entries are just ignored from searching
- * - Modifications to the key_sad.sahlist and sah.savlist must be done with
+ * - Modifications to the key_sad.sahlists and sah.savlist must be done with
* holding key_sad.lock which is a adaptive mutex
- * - Read accesses to the key_sad.sahlist and sah.savlist must be in
+ * - Read accesses to the key_sad.sahlists and sah.savlist must be in
* pserialize(9) read sections
* - sah's lifetime is managed by localcount(9)
* - Getting an sah entry
- * - We get an sah from the key_sad.sahlist
+ * - We get an sah from the key_sad.sahlists
* - Must iterate the list and increment the reference count of a found sah
* (by key_sah_ref) in a pserialize read section
* - A gotten sah must be released after use by key_sah_unref
@@ -258,7 +263,8 @@
static struct {
kmutex_t lock;
kcondvar_t cv_lc;
- struct pslist_head sahlist;
+ struct pslist_head *sahlists;
+ u_long sahlistmask;
pserialize_t psz;
kcondvar_t cv_psz;
@@ -338,13 +344,23 @@
#define SAHLIST_WRITER_REMOVE(sah) \
PSLIST_WRITER_REMOVE((sah), pslist_entry)
#define SAHLIST_READER_FOREACH(sah) \
- PSLIST_READER_FOREACH((sah), &key_sad.sahlist, struct secashead,\
- pslist_entry)
+ for(int _i_sah = 0; _i_sah <= key_sad.sahlistmask; _i_sah++) \
+ PSLIST_READER_FOREACH((sah), &key_sad.sahlists[_i_sah], \
+ struct secashead, pslist_entry)
+#define SAHLIST_READER_FOREACH_SAIDX(sah, saidx) \
+ PSLIST_READER_FOREACH((sah), \
+ &key_sad.sahlists[key_saidxhash((saidx), \
+ key_sad.sahlistmask)], \
+ struct secashead, pslist_entry)
#define SAHLIST_WRITER_FOREACH(sah) \
- PSLIST_WRITER_FOREACH((sah), &key_sad.sahlist, struct secashead,\
- pslist_entry)
+ for(int _i_sah = 0; _i_sah <= key_sad.sahlistmask; _i_sah++) \
+ PSLIST_WRITER_FOREACH((sah), &key_sad.sahlists[_i_sah], \
+ struct secashead, pslist_entry)
#define SAHLIST_WRITER_INSERT_HEAD(sah) \
- PSLIST_WRITER_INSERT_HEAD(&key_sad.sahlist, (sah), pslist_entry)
+ PSLIST_WRITER_INSERT_HEAD( \
+ &key_sad.sahlists[key_saidxhash(&(sah)->saidx, \
+ key_sad.sahlistmask)], \
+ (sah), pslist_entry)
/* Macros for key_sad.sahlist#savlist */
#define SAVLIST_ENTRY_INIT(sav) \
@@ -791,6 +807,9 @@
static struct workqueue *key_timehandler_wq;
static struct work key_timehandler_wk;
+static inline uint32_t
+ key_saidxhash(const struct secasindex *, u_long);
+
/*
* Utilities for percpu counters for sadb_lifetime_allocations and
* sadb_lifetime_bytes.
@@ -3364,7 +3383,7 @@
{
struct secashead *sah;
- SAHLIST_READER_FOREACH(sah) {
+ SAHLIST_READER_FOREACH_SAIDX(sah, saidx) {
if (sah->state == SADB_SASTATE_DEAD)
continue;
if (key_saidx_match(&sah->saidx, saidx, flag))
@@ -8088,7 +8107,8 @@
PSLIST_INIT(&key_spd.socksplist);
- PSLIST_INIT(&key_sad.sahlist);
+ key_sad.sahlists = hashinit(SAHHASH_NHASH, HASH_PSLIST, true,
+ &key_sad.sahlistmask);
for (i = 0; i <= SADB_SATYPE_MAX; i++) {
LIST_INIT(&key_misc.reglist[i]);
@@ -8534,6 +8554,44 @@
}
}
+/*
+ * Calculate hash using protocol, source address,
+ * and destination address included in saidx.
+ */
+static inline uint32_t
+key_saidxhash(const struct secasindex *saidx, u_long mask)
+{
+ uint32_t hash32;
+ const struct sockaddr_in *sin;
+ const struct sockaddr_in6 *sin6;
+
+ hash32 = saidx->proto;
+
+ switch (saidx->src.sa.sa_family) {
+ case AF_INET:
+ sin = &saidx->src.sin;
+ hash32 = hash32_buf(&sin->sin_addr,
+ sizeof(sin->sin_addr), hash32);
+ sin = &saidx->dst.sin;
+ hash32 = hash32_buf(&sin->sin_addr,
+ sizeof(sin->sin_addr), hash32 << 1);
+ break;
+ case AF_INET6:
+ sin6 = &saidx->src.sin6;
+ hash32 = hash32_buf(&sin6->sin6_addr,
+ sizeof(sin6->sin6_addr), hash32);
+ sin6 = &saidx->dst.sin6;
+ hash32 = hash32_buf(&sin6->sin6_addr,
+ sizeof(sin6->sin6_addr), hash32 << 1);
+ break;
+ default:
+ hash32 = 0;
+ break;
+ }
+
+ return hash32 & mask;
+}
+
static int
sysctl_net_key_dumpsa(SYSCTLFN_ARGS)
{
Home |
Main Index |
Thread Index |
Old Index