[Swan-dev] linux: pluto use kernel SA attribute XFRMA_LASTUSED

Paul Wouters paul at nohats.ca
Fri Feb 3 17:25:47 EET 2023

On Fri, 3 Feb 2023, Antony Antony wrote:

> New commits:
> commit 9a6e1d0335ccfd31a26dbf19e6eea716b9e27d1c
> Author: Antony Antony <antony at phenome.org>
> Date:   Mon Jun 27 05:19:34 2022 +0000
>    linux: pluto use kernel SA attribute XFRMA_LASTUSED
>    Linux kernel, since 6.2, updates lastused for all traffic, in and out.
>    Use lastused when available. Older kernels updates lastused only
>    for an outgoing IPv6 SA.

This is very cool!

-               flow->last_used = mononow();
+               if (lastused > 0)
+                       flow->last_used = monotime(lastused);
+               else
+                       flow->last_used = mononow();

It seems we have are in the byte calculation part here, eg to see if we
got new bytes. We did that so we could know "last use" but if we can now
determine that differently, should we even be looking at bytes at all ?

Ofcourse, a side effect of doing this was that we _did_ update the
byte counters so every time the dpddelay period was reached, or a whack
status or delete was issued, we would update the traffic counters. That
is probably a good thing to keep. Althoug that makes the addition of
the fixed lastused less useful to us. But I guess it does end up getting
more precision with lastused, then our "now" handling evert dpddelay
time. So that's good to have.

All of this could ofcourse go away if the kernel could send us an "idle"
callback, but I think that's still not there right?


More information about the Swan-dev mailing list