Skip to content

Commit

Permalink
Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/gi…
Browse files Browse the repository at this point in the history
…t/klassert/ipsec-next

Steffen Klassert says:

====================
pull request (net-next): ipsec-next 2022-07-20

1) Don't set DST_NOPOLICY in IPv4, a recent patch made this
   superfluous. From Eyal Birger.

2) Convert alg_key to flexible array member to avoid an iproute2
   compile warning when built with gcc-12.
   From Stephen Hemminger.

3) xfrm_register_km and xfrm_unregister_km do always return 0
   so change the type to void. From Zhengchao Shao.

4) Fix spelling mistake in esp6.c
   From Zhang Jiaming.

5) Improve the wording of comment above XFRM_OFFLOAD flags.
   From Petr Vaněk.

Please pull or let me know if there are problems.
====================

Signed-off-by: David S. Miller <[email protected]>
  • Loading branch information
davem330 committed Jul 25, 2022
2 parents 7e7125d + 5e25c25 commit e222dc8
Show file tree
Hide file tree
Showing 9 changed files with 25 additions and 42 deletions.
2 changes: 1 addition & 1 deletion drivers/net/vrf.c
Original file line number Diff line number Diff line change
Expand Up @@ -1077,7 +1077,7 @@ static int vrf_rtable_create(struct net_device *dev)
return -ENOMEM;

/* create a dst for routing packets out through a VRF device */
rth = rt_dst_alloc(dev, 0, RTN_UNICAST, 1, 1);
rth = rt_dst_alloc(dev, 0, RTN_UNICAST, 1);
if (!rth)
return -ENOMEM;

Expand Down
3 changes: 1 addition & 2 deletions include/net/route.h
Original file line number Diff line number Diff line change
Expand Up @@ -240,8 +240,7 @@ void ip_rt_multicast_event(struct in_device *);
int ip_rt_ioctl(struct net *, unsigned int cmd, struct rtentry *rt);
void ip_rt_get_source(u8 *src, struct sk_buff *skb, struct rtable *rt);
struct rtable *rt_dst_alloc(struct net_device *dev,
unsigned int flags, u16 type,
bool nopolicy, bool noxfrm);
unsigned int flags, u16 type, bool noxfrm);
struct rtable *rt_dst_clone(struct net_device *dev, struct rtable *rt);

struct in_ifaddr;
Expand Down
4 changes: 2 additions & 2 deletions include/net/xfrm.h
Original file line number Diff line number Diff line change
Expand Up @@ -583,8 +583,8 @@ struct xfrm_mgr {
bool (*is_alive)(const struct km_event *c);
};

int xfrm_register_km(struct xfrm_mgr *km);
int xfrm_unregister_km(struct xfrm_mgr *km);
void xfrm_register_km(struct xfrm_mgr *km);
void xfrm_unregister_km(struct xfrm_mgr *km);

struct xfrm_tunnel_skb_cb {
union {
Expand Down
12 changes: 6 additions & 6 deletions include/uapi/linux/xfrm.h
Original file line number Diff line number Diff line change
Expand Up @@ -102,21 +102,21 @@ struct xfrm_replay_state_esn {
struct xfrm_algo {
char alg_name[64];
unsigned int alg_key_len; /* in bits */
char alg_key[0];
char alg_key[];
};

struct xfrm_algo_auth {
char alg_name[64];
unsigned int alg_key_len; /* in bits */
unsigned int alg_trunc_len; /* in bits */
char alg_key[0];
char alg_key[];
};

struct xfrm_algo_aead {
char alg_name[64];
unsigned int alg_key_len; /* in bits */
unsigned int alg_icv_len; /* in bits */
char alg_key[0];
char alg_key[];
};

struct xfrm_stats {
Expand Down Expand Up @@ -511,9 +511,9 @@ struct xfrm_user_offload {
int ifindex;
__u8 flags;
};
/* This flag was exposed without any kernel code that supporting it.
* Unfortunately, strongswan has the code that uses sets this flag,
* which makes impossible to reuse this bit.
/* This flag was exposed without any kernel code that supports it.
* Unfortunately, strongswan has the code that sets this flag,
* which makes it impossible to reuse this bit.
*
* So leave it here to make sure that it won't be reused by mistake.
*/
Expand Down
24 changes: 8 additions & 16 deletions net/ipv4/route.c
Original file line number Diff line number Diff line change
Expand Up @@ -1626,12 +1626,11 @@ static void rt_set_nexthop(struct rtable *rt, __be32 daddr,

struct rtable *rt_dst_alloc(struct net_device *dev,
unsigned int flags, u16 type,
bool nopolicy, bool noxfrm)
bool noxfrm)
{
struct rtable *rt;

rt = dst_alloc(&ipv4_dst_ops, dev, 1, DST_OBSOLETE_FORCE_CHK,
(nopolicy ? DST_NOPOLICY : 0) |
(noxfrm ? DST_NOXFRM : 0));

if (rt) {
Expand Down Expand Up @@ -1726,7 +1725,6 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
struct in_device *in_dev = __in_dev_get_rcu(dev);
unsigned int flags = RTCF_MULTICAST;
struct rtable *rth;
bool no_policy;
u32 itag = 0;
int err;

Expand All @@ -1737,12 +1735,11 @@ static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
if (our)
flags |= RTCF_LOCAL;

no_policy = IN_DEV_ORCONF(in_dev, NOPOLICY);
if (no_policy)
if (IN_DEV_ORCONF(in_dev, NOPOLICY))
IPCB(skb)->flags |= IPSKB_NOPOLICY;

rth = rt_dst_alloc(dev_net(dev)->loopback_dev, flags, RTN_MULTICAST,
no_policy, false);
false);
if (!rth)
return -ENOBUFS;

Expand Down Expand Up @@ -1801,7 +1798,7 @@ static int __mkroute_input(struct sk_buff *skb,
struct rtable *rth;
int err;
struct in_device *out_dev;
bool do_cache, no_policy;
bool do_cache;
u32 itag = 0;

/* get a working reference to the output device */
Expand Down Expand Up @@ -1846,8 +1843,7 @@ static int __mkroute_input(struct sk_buff *skb,
}
}

no_policy = IN_DEV_ORCONF(in_dev, NOPOLICY);
if (no_policy)
if (IN_DEV_ORCONF(in_dev, NOPOLICY))
IPCB(skb)->flags |= IPSKB_NOPOLICY;

fnhe = find_exception(nhc, daddr);
Expand All @@ -1862,7 +1858,7 @@ static int __mkroute_input(struct sk_buff *skb,
}
}

rth = rt_dst_alloc(out_dev->dev, 0, res->type, no_policy,
rth = rt_dst_alloc(out_dev->dev, 0, res->type,
IN_DEV_ORCONF(out_dev, NOXFRM));
if (!rth) {
err = -ENOBUFS;
Expand Down Expand Up @@ -2237,7 +2233,6 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
struct rtable *rth;
struct flowi4 fl4;
bool do_cache = true;
bool no_policy;

/* IP on this device is disabled. */

Expand Down Expand Up @@ -2356,8 +2351,7 @@ out: return err;
RT_CACHE_STAT_INC(in_brd);

local_input:
no_policy = IN_DEV_ORCONF(in_dev, NOPOLICY);
if (no_policy)
if (IN_DEV_ORCONF(in_dev, NOPOLICY))
IPCB(skb)->flags |= IPSKB_NOPOLICY;

do_cache &= res->fi && !itag;
Expand All @@ -2373,8 +2367,7 @@ out: return err;
}

rth = rt_dst_alloc(ip_rt_get_dev(net, res),
flags | RTCF_LOCAL, res->type,
no_policy, false);
flags | RTCF_LOCAL, res->type, false);
if (!rth)
goto e_nobufs;

Expand Down Expand Up @@ -2597,7 +2590,6 @@ static struct rtable *__mkroute_output(const struct fib_result *res,

add:
rth = rt_dst_alloc(dev_out, flags, type,
IN_DEV_ORCONF(in_dev, NOPOLICY),
IN_DEV_ORCONF(in_dev, NOXFRM));
if (!rth)
return ERR_PTR(-ENOBUFS);
Expand Down
4 changes: 2 additions & 2 deletions net/ipv6/esp6.c
Original file line number Diff line number Diff line change
Expand Up @@ -343,7 +343,7 @@ static struct ip_esp_hdr *esp_output_set_esn(struct sk_buff *skb,
struct esp_output_extra *extra)
{
/* For ESN we move the header forward by 4 bytes to
* accomodate the high bits. We will move it back after
* accommodate the high bits. We will move it back after
* encryption.
*/
if ((x->props.flags & XFRM_STATE_ESN)) {
Expand Down Expand Up @@ -896,7 +896,7 @@ static void esp_input_set_header(struct sk_buff *skb, __be32 *seqhi)
struct xfrm_state *x = xfrm_input_state(skb);

/* For ESN we move the header forward by 4 bytes to
* accomodate the high bits. We will move it back after
* accommodate the high bits. We will move it back after
* decryption.
*/
if ((x->props.flags & XFRM_STATE_ESN)) {
Expand Down
6 changes: 1 addition & 5 deletions net/key/af_key.c
Original file line number Diff line number Diff line change
Expand Up @@ -3894,14 +3894,10 @@ static int __init ipsec_pfkey_init(void)
err = sock_register(&pfkey_family_ops);
if (err != 0)
goto out_unregister_pernet;
err = xfrm_register_km(&pfkeyv2_mgr);
if (err != 0)
goto out_sock_unregister;
xfrm_register_km(&pfkeyv2_mgr);
out:
return err;

out_sock_unregister:
sock_unregister(PF_KEY);
out_unregister_pernet:
unregister_pernet_subsys(&pfkey_net_ops);
out_unregister_key_proto:
Expand Down
6 changes: 2 additions & 4 deletions net/xfrm/xfrm_state.c
Original file line number Diff line number Diff line change
Expand Up @@ -2481,22 +2481,20 @@ EXPORT_SYMBOL(xfrm_user_policy);

static DEFINE_SPINLOCK(xfrm_km_lock);

int xfrm_register_km(struct xfrm_mgr *km)
void xfrm_register_km(struct xfrm_mgr *km)
{
spin_lock_bh(&xfrm_km_lock);
list_add_tail_rcu(&km->list, &xfrm_km_list);
spin_unlock_bh(&xfrm_km_lock);
return 0;
}
EXPORT_SYMBOL(xfrm_register_km);

int xfrm_unregister_km(struct xfrm_mgr *km)
void xfrm_unregister_km(struct xfrm_mgr *km)
{
spin_lock_bh(&xfrm_km_lock);
list_del_rcu(&km->list);
spin_unlock_bh(&xfrm_km_lock);
synchronize_rcu();
return 0;
}
EXPORT_SYMBOL(xfrm_unregister_km);

Expand Down
6 changes: 2 additions & 4 deletions net/xfrm/xfrm_user.c
Original file line number Diff line number Diff line change
Expand Up @@ -3633,10 +3633,8 @@ static int __init xfrm_user_init(void)
rv = register_pernet_subsys(&xfrm_user_net_ops);
if (rv < 0)
return rv;
rv = xfrm_register_km(&netlink_mgr);
if (rv < 0)
unregister_pernet_subsys(&xfrm_user_net_ops);
return rv;
xfrm_register_km(&netlink_mgr);
return 0;
}

static void __exit xfrm_user_exit(void)
Expand Down

0 comments on commit e222dc8

Please sign in to comment.