diff options
author | Jason A. Donenfeld <Jason@zx2c4.com> | 2021-06-04 17:17:37 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2021-06-04 14:25:14 -0700 |
commit | 624b07f8bac33565f9e081d9abb8b81994577bcd (patch) | |
tree | 43d574b4f3d76df014b3589a81749cbd1dbbe073 /drivers/net/wireguard/main.c | |
parent | b019d02e03623372f784f2eb3ac76bfcf379e21e (diff) | |
download | wireguard-linux-trimmed-624b07f8bac33565f9e081d9abb8b81994577bcd.tar.gz wireguard-linux-trimmed-624b07f8bac33565f9e081d9abb8b81994577bcd.zip |
wireguard: allowedips: allocate nodes in kmem_cache
The previous commit moved from O(n) to O(1) for removal, but in the
process introduced an additional pointer member to a struct that
increased the size from 60 to 68 bytes, putting nodes in the 128-byte
slab. With deployed systems having as many as 2 million nodes, this
represents a significant doubling in memory usage (128 MiB -> 256 MiB).
Fix this by using our own kmem_cache, that's sized exactly right. This
also makes wireguard's memory usage more transparent in tools like
slabtop and /proc/slabinfo.
Fixes: a8f1bc7bdea3 ("net: WireGuard secure network tunnel")
Suggested-by: Arnd Bergmann <arnd@arndb.de>
Suggested-by: Matthew Wilcox <willy@infradead.org>
Cc: stable@vger.kernel.org
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to '')
-rw-r--r-- | drivers/net/wireguard/main.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/drivers/net/wireguard/main.c b/drivers/net/wireguard/main.c index 0a3ebfd..75dbe77 100644 --- a/drivers/net/wireguard/main.c +++ b/drivers/net/wireguard/main.c @@ -21,10 +21,15 @@ static int __init mod_init(void) { int ret; + ret = wg_allowedips_slab_init(); + if (ret < 0) + goto err_allowedips; + #ifdef DEBUG + ret = -ENOTRECOVERABLE; if (!wg_allowedips_selftest() || !wg_packet_counter_selftest() || !wg_ratelimiter_selftest()) - return -ENOTRECOVERABLE; + goto err_peer; #endif wg_noise_init(); @@ -50,6 +55,8 @@ err_netlink: err_device: wg_peer_uninit(); err_peer: + wg_allowedips_slab_uninit(); +err_allowedips: return ret; } @@ -58,6 +65,7 @@ static void __exit mod_exit(void) wg_genetlink_uninit(); wg_device_uninit(); wg_peer_uninit(); + wg_allowedips_slab_uninit(); } module_init(mod_init); |