[RTEMS Project] #4621: libbsd/ipsec: ipsec-tools allocate big buffers

RTEMS trac trac at rtems.org
Thu Feb 24 09:11:57 UTC 2022


#4621: libbsd/ipsec: ipsec-tools allocate big buffers
--------------------------------+---------------------------------
 Reporter:  Christian Mauderer  |       Owner:  Christian Mauderer
     Type:  enhancement         |      Status:  closed
 Priority:  normal              |   Milestone:
Component:  network/libbsd      |     Version:
 Severity:  minor               |  Resolution:  fixed
 Keywords:                      |  Blocked By:
 Blocking:                      |
--------------------------------+---------------------------------
Changes (by Christian Mauderer <christian.mauderer@…>):

 * status:  assigned => closed
 * resolution:   => fixed


Comment:

 In [changeset:"0b30f38951d5f6291e9691ce8eb51a14242e26be/rtems-libbsd"
 0b30f38/rtems-libbsd]:
 {{{
 #!CommitTicketReference repository="rtems-libbsd"
 revision="0b30f38951d5f6291e9691ce8eb51a14242e26be"
 ipsec-tools: Reduce allocated buffer size

 By default, pfkey allocates a 2MB buffer that is used for SPD entries.
 This size is a good choice for a server system where a lot of clients
 should be handled. But on our embedded systems, an application with that
 much clients is unlikely and 2MB is a lot of space. So reduce that to
 the default value of 128kB which should be enough for a small number of
 ipsec connections.

 See https://bugzilla.redhat.com/show_bug.cgi?id=607361 for more details
 why the upstream project originally increased the size.

 If someone really needs a bigger size, there is a option in the
 configuration file of pfkey called `pfkey_buffer` that can overwrite
 this value.

 Closes #4621
 }}}

--
Ticket URL: <http://devel.rtems.org/ticket/4621#comment:1>
RTEMS Project <http://www.rtems.org/>
RTEMS Project


More information about the bugs mailing list