From: Fan Du <fan.du@windriver.com>
To: Steffen Klassert <steffen.klassert@secunet.com>, <timo.teras@iki.fi>
Cc: Eric Dumazet <eric.dumazet@gmail.com>, <davem@davemloft.net>,
<netdev@vger.kernel.org>
Subject: Re: [PATCHv4 net-next] xfrm: Namespacify xfrm_policy_sk_bundles
Date: Wed, 25 Dec 2013 14:40:36 +0800 [thread overview]
Message-ID: <52BA7DE4.9070404@windriver.com> (raw)
In-Reply-To: <20131224103521.GB29716@secunet.com>
ccing Timo
On 2013年12月24日 18:35, Steffen Klassert wrote:
> On Fri, Dec 20, 2013 at 11:34:41AM +0800, Fan Du wrote:
>>
>> Subject: [PATCHv4 net-next] xfrm: Namespacify xfrm_policy_sk_bundles
>>
>> xfrm_policy_sk_bundles, protected by net->xfrm.xfrm_policy_sk_bundle_lock
>> should be put into netns xfrm structure, otherwise xfrm_policy_sk_bundles
>> can be corrupted from different net namespace.
>
> I'm ok with this patch, but I wonder where we use these cached socket
> bundles. After a quick look I see where we add and where we delete
> them, but I can't see how we use these cached bundles.
Interesting
The per socket bundles is introduced by Timo in commit 80c802f3
("xfrm: cache bundles instead of policies for outgoing flows")
But one fundamental question is why not use existing flow cache
for per socket bundles as well? then no need to create such per
sock xdst for every packet, and also share the same flow cache
flush mechanism.
My first impression is it can be done this way, I'm going to head
this way unless turn out otherwise.
So Timo ?
--
浮沉随浪只记今朝笑
--fan
next prev parent reply other threads:[~2013-12-25 6:41 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-12-18 3:34 [PATCHv2 ipsec-next] xfrm: Namespacify xfrm_policy_sk_bundles Fan Du
2013-12-18 4:50 ` Eric Dumazet
2013-12-18 5:33 ` Cong Wang
2013-12-18 5:33 ` Fan Du
2013-12-18 5:44 ` Eric Dumazet
2013-12-19 1:35 ` Fan Du
2013-12-19 2:15 ` Eric Dumazet
2013-12-19 3:17 ` [PATCHv3 net-next] " Fan Du
2013-12-19 3:44 ` Eric Dumazet
2013-12-19 7:47 ` Fan Du
2013-12-20 3:34 ` [PATCHv4 " Fan Du
2013-12-24 1:12 ` Fan Du
2013-12-24 5:31 ` David Miller
2013-12-24 5:39 ` Fan Du
2013-12-24 9:50 ` Steffen Klassert
2013-12-24 9:56 ` Fan Du
2013-12-24 17:54 ` David Miller
2013-12-24 10:35 ` Steffen Klassert
2013-12-25 6:40 ` Fan Du [this message]
2013-12-25 8:11 ` Timo Teras
2013-12-25 8:44 ` Fan Du
2014-01-06 10:35 ` Steffen Klassert
2014-01-07 2:43 ` Fan Du
2014-01-09 12:38 ` Steffen Klassert
2014-01-10 9:23 ` Fan Du
2013-12-19 3:48 ` [PATCHv3 " Eric Dumazet
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52BA7DE4.9070404@windriver.com \
--to=fan.du@windriver.com \
--cc=davem@davemloft.net \
--cc=eric.dumazet@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
--cc=timo.teras@iki.fi \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).