aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/kernel_netlink/kernel_netlink_shared.c
Commit message (Collapse)AuthorAgeFilesLines
* kernel-netlink: Wipe buffer used to read Netlink messagesTobias Brunner2017-08-071-2/+12
| | | | | | | | | When querying SAs the keys will end up in this buffer (the allocated messages that are returned are already wiped). The kernel also returns XFRM_MSG_NEWSA as response to XFRM_MSG_ALLOCSPI but we can't distinguish this here as we only see the response. References #2388.
* kernel-netlink: Directly handle Netlink messages if thread pool is emptyTobias Brunner2017-05-231-1/+2
| | | | | | | | | During initialization of the plugins the thread pool is not yet initialized so there is no watcher thread that could handle the queued Netlink message and the main thread will wait indefinitely for a response. Fixes #2199.
* kernel-netlink: Avoid O(n^2) copy operations when concatenating Netlink ↵Jiri Horky2017-03-271-7/+13
| | | | | | | | | | | | | | | | | | | | responses When constructing the result, all responses from Netlink were concatenated iteratively, i.e. for each response, the previously acquired result was copied to newly allocated memory and the current response appended to it. This results in O(n^2) copy operations. Instead, we now check for the total final length of the result and copy the individual responses to it in one pass, i.e. in O(n) copy operations. In particular, this issue caused very high CPU usage in memcpy() function as the result is copied over and over. Common way how to hit the issue is when having 1000+ routes and 5+ connecting clients a second. In that case, the memcpy() function can take 50%+ of one CPU thread on a decent CPU and the whole charon daemon is stuck just reading routes and concatenating them together (connecting clients are blocked in that particular case as this is done under mutex). Closes strongswan/strongswan#65. References #2055.
* kernel-netlink: Allow change of Netlink socket receive buffer sizeThomas Egerer2017-01-251-0/+44
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* kernel-netlink: Provide error information for Netlink socketsTobias Brunner2016-06-101-2/+4
| | | | #1467.
* kernel-netlink: Check proper watcher state in parallel modeTobias Brunner2016-05-061-1/+1
| | | | | | | | | | | | | After adding the read callback the state is WATCHER_QUEUED and it is switched to WATCHER_RUNNING only later by an asynchronous job. This means that a thread that sent a Netlink message shortly after registration might see the state as WATCHER_QUEUED. If it then tries to read the response and the watcher thread is quicker to actually read the message from the socket, it could block on recv() while still holding the lock. And the asynchronous job that actually read the message and tries to queue it will block while trying to acquire the lock, so we'd end up in a deadlock. This is probably mostly a problem in the unit tests.
* libhydra: Move all kernel plugins to libcharonTobias Brunner2016-03-031-0/+655
|
* Moved all kernel plugins to libhydra.Tobias Brunner2010-09-021-306/+0
|
* Moving charon to libcharon.Tobias Brunner2010-03-191-0/+306
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 20:47:34 +0000