mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-11-01 17:08:10 +00:00
Code Issues Releases Wiki Activity

net: Create and use new helper xfrm_dst_child().

Browse source 
Only IPSEC routes have a non-NULL dst->child pointer.  And IPSEC
routes are identified by a non-NULL dst->xfrm pointer.

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David Miller 2017-11-28 15:40:22 -05:00 committed by David S. Miller
parent 071fb37ec4
commit b92cf4aab8
8 changed files with 26 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
include/net/xfrm.h
View file

@ -994,6 +994,15 @@ struct xfrm_dst {
u32 path_cookie; u32 path_cookie;
}; };
static inline struct dst_entry *xfrm_dst_child(const struct dst_entry *dst)
{
#ifdef CONFIG_XFRM
if (dst->xfrm)
return dst->child;
#endif
return NULL;
}
#ifdef CONFIG_XFRM #ifdef CONFIG_XFRM
static inline void xfrm_dst_destroy(struct xfrm_dst *xdst) static inline void xfrm_dst_destroy(struct xfrm_dst *xdst)
{ {

6
net/core/dst.c
View file

@ -116,12 +116,14 @@ EXPORT_SYMBOL(dst_alloc);
struct dst_entry *dst_destroy(struct dst_entry * dst) struct dst_entry *dst_destroy(struct dst_entry * dst)
{ {
struct dst_entry *child; struct dst_entry *child = NULL;
smp_rmb(); smp_rmb();
#ifdef CONFIG_XFRM
if (dst->xfrm)
child = dst->child; child = dst->child;
#endif
if (!(dst->flags & DST_NOCOUNT)) if (!(dst->flags & DST_NOCOUNT))
dst_entries_add(dst->ops, -1); dst_entries_add(dst->ops, -1);

2
net/ipv4/xfrm4_mode_tunnel.c
View file

@ -62,7 +62,7 @@ static int xfrm4_mode_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ? top_iph->frag_off = (flags & XFRM_STATE_NOPMTUDISC) ?
0 : (XFRM_MODE_SKB_CB(skb)->frag_off & htons(IP_DF)); 0 : (XFRM_MODE_SKB_CB(skb)->frag_off & htons(IP_DF));
top_iph->ttl = ip4_dst_hoplimit(dst->child); top_iph->ttl = ip4_dst_hoplimit(xfrm_dst_child(dst));
top_iph->saddr = x->props.saddr.a4; top_iph->saddr = x->props.saddr.a4;
top_iph->daddr = x->id.daddr.a4; top_iph->daddr = x->id.daddr.a4;

2
net/ipv6/xfrm6_mode_tunnel.c
View file

@ -59,7 +59,7 @@ static int xfrm6_mode_tunnel_output(struct xfrm_state *x, struct sk_buff *skb)
if (x->props.flags & XFRM_STATE_NOECN) if (x->props.flags & XFRM_STATE_NOECN)
dsfield &= ~INET_ECN_MASK; dsfield &= ~INET_ECN_MASK;
ipv6_change_dsfield(top_iph, 0, dsfield); ipv6_change_dsfield(top_iph, 0, dsfield);
top_iph->hop_limit = ip6_dst_hoplimit(dst->child); top_iph->hop_limit = ip6_dst_hoplimit(xfrm_dst_child(dst));
top_iph->saddr = *(struct in6_addr *)&x->props.saddr; top_iph->saddr = *(struct in6_addr *)&x->props.saddr;
top_iph->daddr = *(struct in6_addr *)&x->id.daddr; top_iph->daddr = *(struct in6_addr *)&x->id.daddr;
return 0; return 0;

2
net/ipv6/xfrm6_policy.c
View file

@ -265,7 +265,7 @@ static void xfrm6_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
in6_dev_put(xdst->u.rt6.rt6i_idev); in6_dev_put(xdst->u.rt6.rt6i_idev);
xdst->u.rt6.rt6i_idev = loopback_idev; xdst->u.rt6.rt6i_idev = loopback_idev;
in6_dev_hold(loopback_idev); in6_dev_hold(loopback_idev);
xdst = (struct xfrm_dst *)xdst->u.dst.child; xdst = (struct xfrm_dst *)xfrm_dst_child(&xdst->u.dst);
} while (xdst->u.dst.xfrm); } while (xdst->u.dst.xfrm);
__in6_dev_put(loopback_idev); __in6_dev_put(loopback_idev);

2
net/xfrm/xfrm_output.c
View file

@ -44,7 +44,7 @@ static int xfrm_skb_check_space(struct sk_buff *skb)
static struct dst_entry *skb_dst_pop(struct sk_buff *skb) static struct dst_entry *skb_dst_pop(struct sk_buff *skb)
{ {
struct dst_entry *child = dst_clone(skb_dst(skb)->child); struct dst_entry *child = dst_clone(xfrm_dst_child(skb_dst(skb)));
skb_dst_drop(skb); skb_dst_drop(skb);
return child; return child;

14
net/xfrm/xfrm_policy.c
View file

@ -1636,7 +1636,7 @@ static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
xfrm_init_path((struct xfrm_dst *)dst0, dst, nfheader_len); xfrm_init_path((struct xfrm_dst *)dst0, dst, nfheader_len);
xfrm_init_pmtu(dst_prev); xfrm_init_pmtu(dst_prev);
for (dst_prev = dst0; dst_prev != dst; dst_prev = dst_prev->child) { for (dst_prev = dst0; dst_prev != dst; dst_prev = xfrm_dst_child(dst_prev)) {
struct xfrm_dst *xdst = (struct xfrm_dst *)dst_prev; struct xfrm_dst *xdst = (struct xfrm_dst *)dst_prev;
err = xfrm_fill_dst(xdst, dev, fl); err = xfrm_fill_dst(xdst, dev, fl);
@ -1800,7 +1800,7 @@ static bool xfrm_xdst_can_reuse(struct xfrm_dst *xdst,
for (i = 0; i < num; i++) { for (i = 0; i < num; i++) {
if (!dst || dst->xfrm != xfrm[i]) if (!dst || dst->xfrm != xfrm[i])
return false; return false;
dst = dst->child; dst = xfrm_dst_child(dst);
} }
return xfrm_bundle_ok(xdst); return xfrm_bundle_ok(xdst);
@ -2576,7 +2576,7 @@ static int stale_bundle(struct dst_entry *dst)
void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev) void xfrm_dst_ifdown(struct dst_entry *dst, struct net_device *dev)
{ {
while ((dst = dst->child) && dst->xfrm && dst->dev == dev) { while ((dst = xfrm_dst_child(dst)) && dst->xfrm && dst->dev == dev) {
dst->dev = dev_net(dev)->loopback_dev; dst->dev = dev_net(dev)->loopback_dev;
dev_hold(dst->dev); dev_hold(dst->dev);
dev_put(dev); dev_put(dev);
@ -2606,7 +2606,7 @@ static void xfrm_init_pmtu(struct dst_entry *dst)
struct xfrm_dst *xdst = (struct xfrm_dst *)dst; struct xfrm_dst *xdst = (struct xfrm_dst *)dst;
u32 pmtu, route_mtu_cached; u32 pmtu, route_mtu_cached;
pmtu = dst_mtu(dst->child); pmtu = dst_mtu(xfrm_dst_child(dst));
xdst->child_mtu_cached = pmtu; xdst->child_mtu_cached = pmtu;
pmtu = xfrm_state_mtu(dst->xfrm, pmtu); pmtu = xfrm_state_mtu(dst->xfrm, pmtu);
@ -2651,7 +2651,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
xdst->policy_genid != atomic_read(&xdst->pols[0]->genid)) xdst->policy_genid != atomic_read(&xdst->pols[0]->genid))
return 0; return 0;
mtu = dst_mtu(dst->child); mtu = dst_mtu(xfrm_dst_child(dst));
if (xdst->child_mtu_cached != mtu) { if (xdst->child_mtu_cached != mtu) {
last = xdst; last = xdst;
xdst->child_mtu_cached = mtu; xdst->child_mtu_cached = mtu;
@ -2665,7 +2665,7 @@ static int xfrm_bundle_ok(struct xfrm_dst *first)
xdst->route_mtu_cached = mtu; xdst->route_mtu_cached = mtu;
} }
dst = dst->child; dst = xfrm_dst_child(dst);
} while (dst->xfrm); } while (dst->xfrm);
if (likely(!last)) if (likely(!last))
@ -2707,7 +2707,7 @@ static const void *xfrm_get_dst_nexthop(const struct dst_entry *dst,
{ {
const struct dst_entry *path = dst->path; const struct dst_entry *path = dst->path;
for (; dst != path; dst = dst->child) { for (; dst != path; dst = xfrm_dst_child(dst)) {
const struct xfrm_state *xfrm = dst->xfrm; const struct xfrm_state *xfrm = dst->xfrm;
if (xfrm->props.mode == XFRM_MODE_TRANSPORT) if (xfrm->props.mode == XFRM_MODE_TRANSPORT)

2
security/selinux/xfrm.c
View file

@ -452,7 +452,7 @@ int selinux_xfrm_postroute_last(u32 sk_sid, struct sk_buff *skb,
if (dst) { if (dst) {
struct dst_entry *iter; struct dst_entry *iter;
for (iter = dst; iter != NULL; iter = iter->child) { for (iter = dst; iter != NULL; iter = xfrm_dst_child(iter)) {
struct xfrm_state *x = iter->xfrm; struct xfrm_state *x = iter->xfrm;
if (x && selinux_authorizable_xfrm(x)) if (x && selinux_authorizable_xfrm(x))