Minki/linux
1
0
Fork 1
mirror of https://github.com/torvalds/linux.git synced 2024-12-31 23:31:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

[XFRM] Optimize policy dumping

Browse Source 
This change optimizes the dumping of Security policies.

1) Before this change ..
speedopolis:~# time ./ip xf pol

real    0m22.274s
user    0m0.000s
sys     0m22.269s

2) Turn off sub-policies

speedopolis:~# ./ip xf pol

real    0m13.496s
user    0m0.000s
sys     0m13.493s

i suppose the above is to be expected

3) With this change ..
speedopolis:~# time ./ip x policy

real    0m7.901s
user    0m0.008s
sys     0m7.896s
This commit is contained in:
Jamal Hadi Salim 2006-12-04 20:02:37 -08:00 committed by David S. Miller
parent 1b6651f1bf
commit baf5d743d1
1 changed files with 25 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
net/xfrm/xfrm_policy.c
View File

@ -860,33 +860,12 @@ EXPORT_SYMBOL(xfrm_policy_flush);
int xfrm_policy_walk(u8 type, int (*func)(struct xfrm_policy *, int, int, void*), int xfrm_policy_walk(u8 type, int (*func)(struct xfrm_policy *, int, int, void*),
void *data) void *data)
{ {
struct xfrm_policy *pol; struct xfrm_policy *pol, *last = NULL;
struct hlist_node *entry; struct hlist_node *entry;
int dir, count, error; int dir, last_dir = 0, count, error;
read_lock_bh(&xfrm_policy_lock); read_lock_bh(&xfrm_policy_lock);
count = 0; count = 0;
for (dir = 0; dir < 2*XFRM_POLICY_MAX; dir++) {
struct hlist_head *table = xfrm_policy_bydst[dir].table;
int i;
hlist_for_each_entry(pol, entry,
&xfrm_policy_inexact[dir], bydst) {
if (pol->type == type)
count++;
}
for (i = xfrm_policy_bydst[dir].hmask; i >= 0; i--) {
hlist_for_each_entry(pol, entry, table + i, bydst) {
if (pol->type == type)
count++;
}
}
}
if (count == 0) {
error = -ENOENT;
goto out;
}
for (dir = 0; dir < 2*XFRM_POLICY_MAX; dir++) { for (dir = 0; dir < 2*XFRM_POLICY_MAX; dir++) {
struct hlist_head *table = xfrm_policy_bydst[dir].table; struct hlist_head *table = xfrm_policy_bydst[dir].table;
@ -896,21 +875,37 @@ int xfrm_policy_walk(u8 type, int (*func)(struct xfrm_policy *, int, int, void*)
&xfrm_policy_inexact[dir], bydst) { &xfrm_policy_inexact[dir], bydst) {
if (pol->type != type) if (pol->type != type)
continue; continue;
error = func(pol, dir % XFRM_POLICY_MAX, --count, data); if (last) {
if (error) error = func(last, last_dir % XFRM_POLICY_MAX,
goto out; count, data);
if (error)
goto out;
}
last = pol;
last_dir = dir;
count++;
} }
for (i = xfrm_policy_bydst[dir].hmask; i >= 0; i--) { for (i = xfrm_policy_bydst[dir].hmask; i >= 0; i--) {
hlist_for_each_entry(pol, entry, table + i, bydst) { hlist_for_each_entry(pol, entry, table + i, bydst) {
if (pol->type != type) if (pol->type != type)
continue; continue;
error = func(pol, dir % XFRM_POLICY_MAX, --count, data); if (last) {
if (error) error = func(last, last_dir % XFRM_POLICY_MAX,
goto out; count, data);
if (error)
goto out;
}
last = pol;
last_dir = dir;
count++;
} }
} }
} }
error = 0; if (count == 0) {
error = -ENOENT;
goto out;
}
error = func(last, last_dir % XFRM_POLICY_MAX, 0, data);
out: out:
read_unlock_bh(&xfrm_policy_lock); read_unlock_bh(&xfrm_policy_lock);
return error; return error;