From: Florian Westphal <fw@strlen.de>
To: Christian Hopps <chopps@chopps.org>
Cc: devel@linux-ipsec.org,
Steffen Klassert <steffen.klassert@secunet.com>,
netdev@vger.kernel.org, Christian Hopps <chopps@labn.net>
Subject: Re: [devel-ipsec] [PATCH ipsec-next v5 06/17] xfrm: add mode_cbs module functionality
Date: Fri, 19 Jul 2024 08:14:13 +0200 [thread overview]
Message-ID: <20240719061413.GA29401@breakpoint.cc> (raw)
In-Reply-To: <20240714202246.1573817-7-chopps@chopps.org>
Christian Hopps via Devel <devel@linux-ipsec.org> wrote:
> +static struct xfrm_mode_cbs xfrm_mode_cbs_map[XFRM_MODE_MAX];
Why not
static struct xfrm_mode_cbs *xfrm_mode_cbs_map[XFRM_MODE_MAX];
i.e., why does
> +int xfrm_register_mode_cbs(u8 mode, const struct xfrm_mode_cbs *mode_cbs)
> +{
> + if (mode >= XFRM_MODE_MAX)
> + return -EINVAL;
> +
> + xfrm_mode_cbs_map[mode] = *mode_cbs;
do a deep copy here rather than
xfrm_mode_cbs_map[mode] = mode_cbs;
?
> + if (mode == XFRM_MODE_IPTFS && !xfrm_mode_cbs_map[mode].create_state)
> + request_module("xfrm-iptfs");
> + return &xfrm_mode_cbs_map[mode];
Sabrina noticed that this looks weird, and I agree.
This can, afaics, return a partially initialised structure or an
all-zero structure.
request_module() might load the module, it can fail to load the
module, and, most importantly, there is no guarantee that the
module is removed right after.
Is there any locking scheme in place that prevents this from
happening? If so, a comment should be added that explains this.
next prev parent reply other threads:[~2024-07-19 6:14 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-14 20:22 [PATCH ipsec-next v5 00/17] Add IP-TFS mode to xfrm Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 01/17] xfrm: config: add CONFIG_XFRM_IPTFS Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 02/17] include: uapi: add ip_tfs_*_hdr packet formats Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 03/17] include: uapi: add IPPROTO_AGGFRAG for AGGFRAG in ESP Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 04/17] xfrm: sysctl: allow configuration of global default values Christian Hopps
2024-07-18 13:13 ` Sabrina Dubroca
2024-07-18 13:15 ` Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 05/17] xfrm: netlink: add config (netlink) options Christian Hopps
2024-07-18 13:45 ` Sabrina Dubroca
2024-07-18 14:08 ` [devel-ipsec] " Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 06/17] xfrm: add mode_cbs module functionality Christian Hopps
2024-07-19 6:14 ` Florian Westphal [this message]
2024-07-20 0:06 ` [devel-ipsec] " Christian Hopps
2024-07-25 13:32 ` Sabrina Dubroca
2024-07-30 21:29 ` Christian Hopps
2024-07-31 17:10 ` Sabrina Dubroca
2024-07-31 18:32 ` Christian Hopps
2024-07-31 18:41 ` Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 07/17] xfrm: add generic iptfs defines and functionality Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 08/17] xfrm: iptfs: add new iptfs xfrm mode impl Christian Hopps
2024-07-15 12:39 ` Simon Horman
2024-07-18 5:56 ` [devel-ipsec] " Christian Hopps
2024-07-19 6:16 ` Florian Westphal
2024-07-20 0:30 ` Christian Hopps
2024-07-25 13:33 ` Sabrina Dubroca
2024-07-25 14:56 ` Christian Hopps
2024-07-31 16:29 ` Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 09/17] xfrm: iptfs: add user packet (tunnel ingress) handling Christian Hopps
2024-07-15 12:55 ` Simon Horman
2024-07-18 5:35 ` [devel-ipsec] " Christian Hopps
2024-07-18 6:32 ` Christian Hopps
2024-07-16 14:00 ` kernel test robot
2024-07-14 20:22 ` [PATCH ipsec-next v5 10/17] xfrm: iptfs: share page fragments of inner packets Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 11/17] xfrm: iptfs: add fragmenting of larger than MTU user packets Christian Hopps
2024-07-15 13:12 ` Simon Horman
2024-07-18 5:57 ` [devel-ipsec] " Christian Hopps
2024-07-18 6:56 ` Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 12/17] xfrm: iptfs: add basic receive packet (tunnel egress) handling Christian Hopps
2024-07-15 13:16 ` Simon Horman
2024-07-18 6:14 ` [devel-ipsec] " Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 13/17] xfrm: iptfs: handle received fragmented inner packets Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 14/17] xfrm: iptfs: add reusing received skb for the tunnel egress packet Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 15/17] xfrm: iptfs: add skb-fragment sharing code Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 16/17] xfrm: iptfs: handle reordering of received packets Christian Hopps
2024-07-14 20:22 ` [PATCH ipsec-next v5 17/17] xfrm: iptfs: add tracepoint functionality Christian Hopps
2024-07-15 11:53 ` kernel test robot
2024-07-17 5:21 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240719061413.GA29401@breakpoint.cc \
--to=fw@strlen.de \
--cc=chopps@chopps.org \
--cc=chopps@labn.net \
--cc=devel@linux-ipsec.org \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).