Hi Valery, On Fri, Oct 21, 2022 at 05:06:44PM +0300, Valery Smyslov wrote: > > > > The percpu SAs don't need locking as long as you can make sure that > > it is never ever accessed by a remote cpu. To guarantee this, something > > that does the 'dirt work' is needed. In our case that would be the > > fallback SA. > > Then how per-SAs are installed? Doesn't it require some locking?
Yes, the percpu SAs can be completely lockless if you have the fallback SA. All other solutions I've seen so far require to implement locking for the percpu SAs too. That's my whole point :-) _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
