From: Leon Romanovsky <leon@kernel.org>
To: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Andrew Lunn <andrew+netdev@lunn.ch>,
Ayush Sawal <ayush.sawal@chelsio.com>,
Bharat Bhushan <bbhushan2@marvell.com>,
Eric Dumazet <edumazet@google.com>,
Geetha sowjanya <gakula@marvell.com>,
hariprasad <hkelam@marvell.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
intel-wired-lan@lists.osuosl.org,
Jakub Kicinski <kuba@kernel.org>, Jay Vosburgh <jv@jvosburgh.net>,
Jonathan Corbet <corbet@lwn.net>,
linux-doc@vger.kernel.org, linux-rdma@vger.kernel.org,
Louis Peens <louis.peens@corigine.com>,
netdev@vger.kernel.org, oss-drivers@corigine.com,
Paolo Abeni <pabeni@redhat.com>,
Potnuri Bharat Teja <bharat@chelsio.com>,
Przemek Kitszel <przemyslaw.kitszel@intel.com>,
Saeed Mahameed <saeedm@nvidia.com>,
Subbaraya Sundeep <sbhatta@marvell.com>,
Sunil Goutham <sgoutham@marvell.com>,
Tariq Toukan <tariqt@nvidia.com>,
Tony Nguyen <anthony.l.nguyen@intel.com>,
Ilia Lin <ilia.lin@kernel.org>
Subject: Re: [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine
Date: Wed, 12 Feb 2025 20:30:20 +0200 [thread overview]
Message-ID: <20250212183020.GJ17863@unreal> (raw)
In-Reply-To: <Z6yMgPSfPzgGHTkD@gauss3.secunet.de>
On Wed, Feb 12, 2025 at 12:56:48PM +0100, Steffen Klassert wrote:
> On Wed, Feb 05, 2025 at 08:20:21PM +0200, Leon Romanovsky wrote:
> > From: Leon Romanovsky <leonro@nvidia.com>
> >
> > SA replay mode is initialized differently for user-space and
> > kernel-space users, but the call to xfrm_init_replay() existed in
> > common path with boolean protection. That caused to situation where
> > we have two different function orders.
> >
> > So let's rewrite the SA initialization flow to have same order for
> > both in-kernel and user-space callers.
> >
> > Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
> > ---
> > include/net/xfrm.h | 3 +--
> > net/xfrm/xfrm_state.c | 22 ++++++++++------------
> > net/xfrm/xfrm_user.c | 2 +-
> > 3 files changed, 12 insertions(+), 15 deletions(-)
> >
> > diff --git a/include/net/xfrm.h b/include/net/xfrm.h
> > index 28355a5be5b9..58f8f7661ec4 100644
> > --- a/include/net/xfrm.h
> > +++ b/include/net/xfrm.h
> > @@ -1770,8 +1770,7 @@ void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si);
> > u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq);
> > int xfrm_init_replay(struct xfrm_state *x, struct netlink_ext_ack *extack);
> > u32 xfrm_state_mtu(struct xfrm_state *x, int mtu);
> > -int __xfrm_init_state(struct xfrm_state *x, bool init_replay,
> > - struct netlink_ext_ack *extack);
> > +int __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack);
> > int xfrm_init_state(struct xfrm_state *x);
> > int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type);
> > int xfrm_input_resume(struct sk_buff *skb, int nexthdr);
> > diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
> > index 568fe8df7741..42799b0946a3 100644
> > --- a/net/xfrm/xfrm_state.c
> > +++ b/net/xfrm/xfrm_state.c
> > @@ -3120,8 +3120,7 @@ u32 xfrm_state_mtu(struct xfrm_state *x, int mtu)
> > }
> > EXPORT_SYMBOL_GPL(xfrm_state_mtu);
> >
> > -int __xfrm_init_state(struct xfrm_state *x, bool init_replay,
> > - struct netlink_ext_ack *extack)
> > +int __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack)
>
> The whole point of having __xfrm_init_state was to
> sepatate codepaths that need init_replay and those
> who don't need it. That was a bandaid for something,
> unfortunately I don't remenber for what.
>
> If we don't need that anymore, maybe we can merge
> __xfrm_init_state into xfrm_init_state, as it was
> before.
Main difference between __xfrm_init_state and xfrm_init_state is that
latter is called without extack, which doesn't exist in kernel path.
E.g xfrm_init_state(struct xfrm_state *x) vs. __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack).
So if we merge them, we will need to change all xfrm_init_state()
callers to provide extack == NULL.
IMHO, such churn of changing xfrm_init_state() callers is not worth it for now.
Thanks
>
> The rest of the patchset looks OK to me.
next prev parent reply other threads:[~2025-02-12 18:30 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-05 18:20 [PATCH ipsec-next 0/5] Support PTMU in tunnel mode for packet offload Leon Romanovsky
2025-02-05 18:20 ` [PATCH ipsec-next 1/5] xfrm: delay initialization of offload path till its actually requested Leon Romanovsky
2025-02-06 8:46 ` Bharat Bhushan
2025-02-06 8:54 ` Leon Romanovsky
2025-02-06 13:59 ` Bharat Bhushan
2025-02-06 14:26 ` Leon Romanovsky
2025-02-05 18:20 ` [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine Leon Romanovsky
2025-02-12 11:56 ` Steffen Klassert
2025-02-12 18:30 ` Leon Romanovsky [this message]
2025-02-14 9:29 ` Steffen Klassert
2025-02-14 11:14 ` Leon Romanovsky
2025-02-05 18:20 ` [PATCH ipsec-next 3/5] xfrm: rely on XFRM offload Leon Romanovsky
2025-02-18 20:39 ` Zhu Yanjun
2025-02-05 18:20 ` [PATCH ipsec-next 4/5] xfrm: provide common xdo_dev_offload_ok callback implementation Leon Romanovsky
2025-02-16 9:33 ` Zhu Yanjun
2025-02-16 11:07 ` Leon Romanovsky
2025-02-16 12:36 ` Zhu Yanjun
2025-02-05 18:20 ` [PATCH ipsec-next 5/5] xfrm: check for PMTU in tunnel mode for packet offload Leon Romanovsky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250212183020.GJ17863@unreal \
--to=leon@kernel.org \
--cc=andrew+netdev@lunn.ch \
--cc=anthony.l.nguyen@intel.com \
--cc=ayush.sawal@chelsio.com \
--cc=bbhushan2@marvell.com \
--cc=bharat@chelsio.com \
--cc=corbet@lwn.net \
--cc=edumazet@google.com \
--cc=gakula@marvell.com \
--cc=herbert@gondor.apana.org.au \
--cc=hkelam@marvell.com \
--cc=ilia.lin@kernel.org \
--cc=intel-wired-lan@lists.osuosl.org \
--cc=jv@jvosburgh.net \
--cc=kuba@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-rdma@vger.kernel.org \
--cc=louis.peens@corigine.com \
--cc=netdev@vger.kernel.org \
--cc=oss-drivers@corigine.com \
--cc=pabeni@redhat.com \
--cc=przemyslaw.kitszel@intel.com \
--cc=saeedm@nvidia.com \
--cc=sbhatta@marvell.com \
--cc=sgoutham@marvell.com \
--cc=steffen.klassert@secunet.com \
--cc=tariqt@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).