Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/netipsec Make refcnt operations of SA and SP atomic
details: https://anonhg.NetBSD.org/src/rev/bc6683afce57
branches: trunk
changeset: 353962:bc6683afce57
user: ozaki-r <ozaki-r%NetBSD.org@localhost>
date: Tue May 30 01:31:07 2017 +0000
description:
Make refcnt operations of SA and SP atomic
Using atomic opeartions isn't optimal and should be optimized somehow
in the future though, the change allows a kernel with NET_MPSAFE to
run out a benchmark, which is useful to know performance improvement
and degradation by code changes.
diffstat:
sys/netipsec/ipsec.c | 14 ++++++------
sys/netipsec/key.c | 53 ++++++++++++++++++++++++++++++++-------------------
sys/netipsec/key.h | 5 +++-
3 files changed, 44 insertions(+), 28 deletions(-)
diffs (224 lines):
diff -r a19082ce3d87 -r bc6683afce57 sys/netipsec/ipsec.c
--- a/sys/netipsec/ipsec.c Mon May 29 23:22:00 2017 +0000
+++ b/sys/netipsec/ipsec.c Tue May 30 01:31:07 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: ipsec.c,v 1.94 2017/05/23 09:08:45 ozaki-r Exp $ */
+/* $NetBSD: ipsec.c,v 1.95 2017/05/30 01:31:07 ozaki-r Exp $ */
/* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */
/* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.94 2017/05/23 09:08:45 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.95 2017/05/30 01:31:07 ozaki-r Exp $");
/*
* IPsec controller part.
@@ -257,7 +257,7 @@
}
pcbsp->sp_cache[dir].cachesp->lastused = time_second;
- pcbsp->sp_cache[dir].cachesp->refcnt++;
+ KEY_SP_REF(pcbsp->sp_cache[dir].cachesp);
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
"DP cause refcnt++:%d SP:%p\n",
pcbsp->sp_cache[dir].cachesp->refcnt,
@@ -283,7 +283,7 @@
}
pcbsp->sp_cache[dir].cachesp = sp;
if (pcbsp->sp_cache[dir].cachesp) {
- pcbsp->sp_cache[dir].cachesp->refcnt++;
+ KEY_SP_REF(pcbsp->sp_cache[dir].cachesp);
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
"DP cause refcnt++:%d SP:%p\n",
pcbsp->sp_cache[dir].cachesp->refcnt,
@@ -393,7 +393,7 @@
sp->policy, IPSEC_POLICY_NONE);
sp->policy = IPSEC_POLICY_NONE;
}
- sp->refcnt++;
+ KEY_SP_REF(sp);
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP, "DP returns SP:%p (%u)\n",
sp, sp->refcnt);
@@ -513,7 +513,7 @@
switch (currsp->policy) {
case IPSEC_POLICY_BYPASS:
case IPSEC_POLICY_IPSEC:
- currsp->refcnt++;
+ KEY_SP_REF(currsp);
sp = currsp;
break;
@@ -546,7 +546,7 @@
break;
case IPSEC_POLICY_IPSEC:
- currsp->refcnt++;
+ KEY_SP_REF(currsp);
sp = currsp;
break;
diff -r a19082ce3d87 -r bc6683afce57 sys/netipsec/key.c
--- a/sys/netipsec/key.c Mon May 29 23:22:00 2017 +0000
+++ b/sys/netipsec/key.c Tue May 30 01:31:07 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.c,v 1.147 2017/05/29 10:11:10 ozaki-r Exp $ */
+/* $NetBSD: key.c,v 1.148 2017/05/30 01:31:07 ozaki-r Exp $ */
/* $FreeBSD: src/sys/netipsec/key.c,v 1.3.2.3 2004/02/14 22:23:23 bms Exp $ */
/* $KAME: key.c,v 1.191 2001/06/27 10:46:49 sakane Exp $ */
@@ -32,7 +32,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.147 2017/05/29 10:11:10 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: key.c,v 1.148 2017/05/30 01:31:07 ozaki-r Exp $");
/*
* This code is referd to RFC 2367
@@ -550,44 +550,44 @@
#endif
#define SA_ADDREF(p) do { \
- (p)->refcnt++; \
+ atomic_inc_uint(&(p)->refcnt); \
REFLOG("SA_ADDREF", (p), __func__, __LINE__); \
KASSERTMSG((p)->refcnt != 0, "SA refcnt overflow"); \
} while (0)
#define SA_ADDREF2(p, where, tag) do { \
- (p)->refcnt++; \
+ atomic_inc_uint(&(p)->refcnt); \
REFLOG("SA_ADDREF", (p), (where), (tag)); \
KASSERTMSG((p)->refcnt != 0, "SA refcnt overflow"); \
} while (0)
#define SA_DELREF(p) do { \
KASSERTMSG((p)->refcnt > 0, "SA refcnt underflow"); \
- (p)->refcnt--; \
+ atomic_dec_uint(&(p)->refcnt); \
REFLOG("SA_DELREF", (p), __func__, __LINE__); \
} while (0)
-#define SA_DELREF2(p, where, tag) do { \
+#define SA_DELREF2(p, nv, where, tag) do { \
KASSERTMSG((p)->refcnt > 0, "SA refcnt underflow"); \
- (p)->refcnt--; \
+ nv = atomic_dec_uint_nv(&(p)->refcnt); \
REFLOG("SA_DELREF", (p), (where), (tag)); \
} while (0)
#define SP_ADDREF(p) do { \
- (p)->refcnt++; \
+ atomic_inc_uint(&(p)->refcnt); \
REFLOG("SP_ADDREF", (p), __func__, __LINE__); \
KASSERTMSG((p)->refcnt != 0, "SP refcnt overflow"); \
} while (0)
#define SP_ADDREF2(p, where, tag) do { \
- (p)->refcnt++; \
+ atomic_inc_uint(&(p)->refcnt); \
REFLOG("SP_ADDREF", (p), (where), (tag)); \
KASSERTMSG((p)->refcnt != 0, "SP refcnt overflow"); \
} while (0)
#define SP_DELREF(p) do { \
KASSERTMSG((p)->refcnt > 0, "SP refcnt underflow"); \
- (p)->refcnt--; \
+ atomic_dec_uint(&(p)->refcnt); \
REFLOG("SP_DELREF", (p), __func__, __LINE__); \
} while (0)
-#define SP_DELREF2(p, where, tag) do { \
+#define SP_DELREF2(p, nv, where, tag) do { \
KASSERTMSG((p)->refcnt > 0, "SP refcnt underflow"); \
- (p)->refcnt--; \
+ nv = atomic_dec_uint_nv(&(p)->refcnt); \
REFLOG("SP_DELREF", (p), (where), (tag)); \
} while (0)
@@ -1238,6 +1238,17 @@
return sav;
}
+void
+key_sp_ref(struct secpolicy *sp, const char* where, int tag)
+{
+
+ SP_ADDREF2(sp, where, tag);
+
+ KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
+ "DP SP:%p (ID=%u) from %s:%u; refcnt now %u\n",
+ sp, sp->id, where, tag, sp->refcnt);
+}
+
/*
* Must be called after calling key_allocsp().
* For both the packet without socket and key_freeso().
@@ -1246,16 +1257,17 @@
_key_freesp(struct secpolicy **spp, const char* where, int tag)
{
struct secpolicy *sp = *spp;
+ unsigned int nv;
KASSERT(sp != NULL);
- SP_DELREF2(sp, where, tag);
+ SP_DELREF2(sp, nv, where, tag);
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
"DP SP:%p (ID=%u) from %s:%u; refcnt now %u\n",
- sp, sp->id, where, tag, sp->refcnt);
-
- if (sp->refcnt == 0) {
+ sp, sp->id, where, tag, nv);
+
+ if (nv == 0) {
*spp = NULL;
key_delsp(sp);
}
@@ -1345,16 +1357,17 @@
key_freesav(struct secasvar **psav, const char* where, int tag)
{
struct secasvar *sav = *psav;
+ unsigned int nv;
KASSERT(sav != NULL);
- SA_DELREF2(sav, where, tag);
+ SA_DELREF2(sav, nv, where, tag);
KEYDEBUG_PRINTF(KEYDEBUG_IPSEC_STAMP,
"DP SA:%p (SPI %lu) from %s:%u; refcnt now %u\n",
- sav, (u_long)ntohl(sav->spi), where, tag, sav->refcnt);
-
- if (sav->refcnt == 0) {
+ sav, (u_long)ntohl(sav->spi), where, tag, nv);
+
+ if (nv == 0) {
*psav = NULL;
key_delsav(sav);
}
diff -r a19082ce3d87 -r bc6683afce57 sys/netipsec/key.h
--- a/sys/netipsec/key.h Mon May 29 23:22:00 2017 +0000
+++ b/sys/netipsec/key.h Tue May 30 01:31:07 2017 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: key.h,v 1.18 2017/05/26 08:10:46 ozaki-r Exp $ */
+/* $NetBSD: key.h,v 1.19 2017/05/30 01:31:07 ozaki-r Exp $ */
/* $FreeBSD: src/sys/netipsec/key.h,v 1.1.4.1 2003/01/24 05:11:36 sam Exp $ */
/* $KAME: key.h,v 1.21 2001/07/27 03:51:30 itojun Exp $ */
@@ -58,6 +58,7 @@
const struct sockaddr *, const char*, int);
/* NB: prepend with _ for KAME IPv6 compatbility */
void _key_freesp(struct secpolicy **, const char*, int);
+void key_sp_ref(struct secpolicy *, const char*, int);
/*
* Access to the SADB are interlocked with splsoftnet. In particular,
@@ -76,6 +77,8 @@
key_gettunnel(osrc, odst, isrc, idst, __func__, __LINE__)
#define KEY_FREESP(spp) \
_key_freesp(spp, __func__, __LINE__)
+#define KEY_SP_REF(sp) \
+ key_sp_ref(sp, __func__, __LINE__)
struct secasvar *key_allocsa(const union sockaddr_union *,
u_int, u_int32_t, u_int16_t, u_int16_t, const char*, int);
Home |
Main Index |
Thread Index |
Old Index