Zbr's days.

Zbr's days.

/(1648)

devel(941)

acrypto(35)

hifn(12)

arm(1)

captcha(9)

dst(102)

eventfs(3)

flat(63)

fs(170)

kevent(110)

aio(7)

math(17)

bezier(3)

codes(5)

hash(8)

networking(200)

dns(13)

ipw2100(3)

nta(27)

unetstack(5)

zcs(7)

other(178)

sh(17)

sky(2)

threading(25)

life(317)

music(1)

photo(1)

other(96)

About :: TODO :: Blog :: RSS :: Old blog :: Projects :: GIT :: Gallery :: Notes

Wed, 17 Aug 2005

Acrypto and asynchronous IPsec.

Something major happened between 2.6.12-rc2 and current kernel in XFRM processing engine. My old proof-of-concept patch can only send 5 packets now, but with old kernel it's asynchronous performance was almost the same as synchronous stack. So I need to investigate what changes in XFRM stack can cause such behaviour.

Test shows that it is ICMP which has such a strange behaviour - TCP ssh over asynchronous IPsec works perfectly without any stalls.

Ok, ICMP problem found - raw_sendmsg()->ip_append_data()->sock_alloc_send_skb()-> sock_alloc_send_pskb()->atomic_read(&sk->sk_wmem_alloc), this means that sk_wmem_alloc is never decreased enough to free space in socket queue, it is decremented in sock_wfree() which is called from kfree_skb(), so it looks like raw skbs do not pass the same way TCP/UDP skbs are processed...

Ok, this problem has been fixed and I released new patch. It's md5sum is 506ad2ad7148199c29e25d8b0afe0c66.

:: Link / Comments ()