Re: [PATCH ipsec-next v3] xfrm: avoid creating temporary SA when there are... | netdev

[PATCH] xfrm: avoid creating temporary SA when there are no listeners · Horia Geanta <hidden> · 2014-01-29
Re: [PATCH] xfrm: avoid creating temporary SA when there are no listeners · Horia Geantă <hidden> · 2014-01-29
Re: [PATCH] xfrm: avoid creating temporary SA when there are no listeners · Steffen Klassert <steffen.klassert@secunet.com> · 2014-02-12
[PATCH ipsec-next v2] xfrm: avoid creating temporary SA when there are no listeners · Horia Geanta <hidden> · 2014-02-12
[PATCH ipsec-next v3] xfrm: avoid creating temporary SA when there are no listeners · Horia Geanta <hidden> · 2014-02-12
Re: [PATCH ipsec-next v3] xfrm: avoid creating temporary SA when there are no listeners · Steffen Klassert <steffen.klassert@secunet.com> · 2014-02-13

Re: [PATCH ipsec-next v3] xfrm: avoid creating temporary SA when there are no listeners

From: Steffen Klassert <steffen.klassert@secunet.com>
Date: 2014-02-13 12:08:31

On Wed, Feb 12, 2014 at 04:20:06PM +0200, Horia Geanta wrote:

In the case when KMs have no listeners, km_query() will fail and
temporary SAs are garbage collected immediately after their allocation.
This causes strain on memory allocation, leading even to OOM since
temporary SA alloc/free cycle is performed for every packet
and garbage collection does not keep up the pace.

The sane thing to do is to make sure we have audience before
temporary SA allocation.

Signed-off-by: Horia Geanta <redacted>

Applied to ipsec-next, thanks!

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help