[net-next,3/6] xfrm: Convert xfrm_dst_lookup() to dscp_t.

Message ID	4c397061eb9f054cdcc3f5e60716b77c6b7912ad.1728982714.git.gnault@redhat.com (mailing list archive)
State	Awaiting Upstream
Delegated to:	Netdev Maintainers
Headers	show Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 016C41E3789 for <netdev@vger.kernel.org>; Tue, 15 Oct 2024 09:11:38 +0000 (UTC) Date: Tue, 15 Oct 2024 11:11:31 +0200 From: Guillaume Nault <gnault@redhat.com> To: David Miller <davem@davemloft.net>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>, Eric Dumazet <edumazet@google.com> Cc: netdev@vger.kernel.org, Steffen Klassert <steffen.klassert@secunet.com>, Herbert Xu <herbert@gondor.apana.org.au>, David Ahern <dsahern@kernel.org>, Ido Schimmel <idosch@nvidia.com> Subject: [PATCH net-next 3/6] xfrm: Convert xfrm_dst_lookup() to dscp_t. Message-ID: <4c397061eb9f054cdcc3f5e60716b77c6b7912ad.1728982714.git.gnault@redhat.com> References: <cover.1728982714.git.gnault@redhat.com> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <cover.1728982714.git.gnault@redhat.com>
Series	xfrm: Convert __xfrm4_dst_lookup() and its callers to dscp_t. \| expand [net-next,0/6] xfrm: Convert __xfrm4_dst_lookup() and its callers to dscp_t. [net-next,1/6] xfrm: Convert xfrm_get_tos() to dscp_t. [net-next,2/6] xfrm: Convert xfrm_bundle_create() to dscp_t. [net-next,3/6] xfrm: Convert xfrm_dst_lookup() to dscp_t. [net-next,4/6] xfrm: Convert __xfrm_dst_lookup() to dscp_t. [net-next,5/6] xfrm: Convert the ->dst_lookup() callback to dscp_t. [net-next,6/6] xfrm: Convert __xfrm4_dst_lookup() to dscp_t.

Message ID

4c397061eb9f054cdcc3f5e60716b77c6b7912ad.1728982714.git.gnault@redhat.com (mailing list archive)

State

Awaiting Upstream

Delegated to:

Netdev Maintainers

Headers

Date: Tue, 15 Oct 2024 11:11:31 +0200
From: Guillaume Nault <gnault@redhat.com>
To: David Miller <davem@davemloft.net>, Jakub Kicinski <kuba@kernel.org>,
	Paolo Abeni <pabeni@redhat.com>, Eric Dumazet <edumazet@google.com>
Cc: netdev@vger.kernel.org, Steffen Klassert <steffen.klassert@secunet.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	David Ahern <dsahern@kernel.org>, Ido Schimmel <idosch@nvidia.com>
Subject: [PATCH net-next 3/6] xfrm: Convert xfrm_dst_lookup() to dscp_t.
Message-ID: 
 <4c397061eb9f054cdcc3f5e60716b77c6b7912ad.1728982714.git.gnault@redhat.com>
References: <cover.1728982714.git.gnault@redhat.com>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <cover.1728982714.git.gnault@redhat.com>

Series

xfrm: Convert __xfrm4_dst_lookup() and its callers to dscp_t. | expand

Context	Check	Description
netdev/series_format	success	Posting correctly formatted
netdev/tree_selection	success	Clearly marked for net-next, async
netdev/ynl	success	Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 5 this patch: 5
netdev/build_tools	success	No tools touched, skip
netdev/cc_maintainers	success	CCed 6 of 6 maintainers
netdev/build_clang	success	Errors and warnings before: 3 this patch: 3
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 13 this patch: 13
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 28 lines checked
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0
netdev/contest	success	net-next-2024-10-15--15-00 (tests: 776)

Context

Check

Description

netdev/series_format

success

Posting correctly formatted

netdev/tree_selection

success

Clearly marked for net-next, async

netdev/ynl

success

Generated files up to date; no warnings/errors; no diff in generated;

netdev/fixes_present

success

Fixes tag not required for -next series

netdev/header_inline

success

No static functions without inline keyword in header files

netdev/build_32bit

success

Errors and warnings before: 5 this patch: 5

netdev/build_tools

success

No tools touched, skip

netdev/cc_maintainers

success

CCed 6 of 6 maintainers

netdev/build_clang

success

Errors and warnings before: 3 this patch: 3

netdev/verify_signedoff

success

Signed-off-by tag matches author and committer

netdev/deprecated_api

success

None detected

netdev/check_selftest

success

No net selftest shell script

netdev/verify_fixes

success

No Fixes tag

netdev/build_allmodconfig_warn

success

Errors and warnings before: 13 this patch: 13

netdev/checkpatch

success

total: 0 errors, 0 warnings, 0 checks, 28 lines checked

netdev/build_clang_rust

success

No Rust files in patch. Skipping build

netdev/kdoc

success

Errors and warnings before: 0 this patch: 0

netdev/source_inline

success

Was 0 now: 0

netdev/contest

success

net-next-2024-10-15--15-00 (tests: 776)

Commit Message

Guillaume Nault Oct. 15, 2024, 9:11 a.m. UTC

Pass a dscp_t variable to xfrm_dst_lookup(), instead of an int, to
prevent accidental setting of ECN bits in ->flowi4_tos.

Only xfrm_bundle_create() actually calls xfrm_dst_lookup(). Since it
already has a dscp_t variable to pass as parameter, we only need to
remove the inet_dscp_to_dsfield() conversion.

Signed-off-by: Guillaume Nault <gnault@redhat.com>
---
 net/xfrm/xfrm_policy.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

Comments

Eyal Birger Oct. 15, 2024, 11:48 a.m. UTC | #1

On Tue, Oct 15, 2024 at 2:14 AM Guillaume Nault <gnault@redhat.com> wrote:
>
> Pass a dscp_t variable to xfrm_dst_lookup(), instead of an int, to
> prevent accidental setting of ECN bits in ->flowi4_tos.
>
> Only xfrm_bundle_create() actually calls xfrm_dst_lookup(). Since it
> already has a dscp_t variable to pass as parameter, we only need to
> remove the inet_dscp_to_dsfield() conversion.
>
> Signed-off-by: Guillaume Nault <gnault@redhat.com>
> ---
>  net/xfrm/xfrm_policy.c | 10 +++++-----
>  1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
> index c6ea3ca69e95..6e30b110accf 100644
> --- a/net/xfrm/xfrm_policy.c
> +++ b/net/xfrm/xfrm_policy.c
> @@ -291,7 +291,7 @@ struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
>  EXPORT_SYMBOL(__xfrm_dst_lookup);
>
>  static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
> -                                               int tos, int oif,
> +                                               dscp_t dscp, int oif,


FWIW this looks like it's going to conflict with a commit currently in
the ipsec tree:
https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/commit/?id=e509996b16728e37d5a909a5c63c1bd64f23b306

Eyal.

Guillaume Nault Oct. 16, 2024, 8:23 a.m. UTC | #2

On Tue, Oct 15, 2024 at 04:48:57AM -0700, Eyal Birger wrote:
> On Tue, Oct 15, 2024 at 2:14 AM Guillaume Nault <gnault@redhat.com> wrote:
> >
> > Pass a dscp_t variable to xfrm_dst_lookup(), instead of an int, to
> > prevent accidental setting of ECN bits in ->flowi4_tos.
> >
> > Only xfrm_bundle_create() actually calls xfrm_dst_lookup(). Since it
> > already has a dscp_t variable to pass as parameter, we only need to
> > remove the inet_dscp_to_dsfield() conversion.
> >
> > Signed-off-by: Guillaume Nault <gnault@redhat.com>
> > ---
> >  net/xfrm/xfrm_policy.c | 10 +++++-----
> >  1 file changed, 5 insertions(+), 5 deletions(-)
> >
> > diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
> > index c6ea3ca69e95..6e30b110accf 100644
> > --- a/net/xfrm/xfrm_policy.c
> > +++ b/net/xfrm/xfrm_policy.c
> > @@ -291,7 +291,7 @@ struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
> >  EXPORT_SYMBOL(__xfrm_dst_lookup);
> >
> >  static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
> > -                                               int tos, int oif,
> > +                                               dscp_t dscp, int oif,
> 
> 
> FWIW this looks like it's going to conflict with a commit currently in
> the ipsec tree:
> https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git/commit/?id=e509996b16728e37d5a909a5c63c1bd64f23b306

Indeed. I'll send v2 once the ipsec tree will be merged.
Thanks!

> Eyal.
>

diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
index c6ea3ca69e95..6e30b110accf 100644
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@@ -291,7 +291,7 @@  struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
 EXPORT_SYMBOL(__xfrm_dst_lookup);
 
 static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
-						int tos, int oif,
+						dscp_t dscp, int oif,
 						xfrm_address_t *prev_saddr,
 						xfrm_address_t *prev_daddr,
 						int family, u32 mark)
@@ -310,7 +310,8 @@  static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
 		daddr = x->coaddr;
 	}
 
-	dst = __xfrm_dst_lookup(net, tos, oif, saddr, daddr, family, mark);
+	dst = __xfrm_dst_lookup(net, inet_dscp_to_dsfield(dscp), oif, saddr,
+				daddr, family, mark);
 
 	if (!IS_ERR(dst)) {
 		if (prev_saddr != saddr)
@@ -2695,9 +2696,8 @@  static struct dst_entry *xfrm_bundle_create(struct xfrm_policy *policy,
 				family = xfrm[i]->props.family;
 
 			oif = fl->flowi_oif ? : fl->flowi_l3mdev;
-			dst = xfrm_dst_lookup(xfrm[i],
-					      inet_dscp_to_dsfield(dscp), oif,
-					      &saddr, &daddr, family, mark);
+			dst = xfrm_dst_lookup(xfrm[i], dscp, oif, &saddr,
+					      &daddr, family, mark);
 			err = PTR_ERR(dst);
 			if (IS_ERR(dst))
 				goto put_states;

[net-next,3/6] xfrm: Convert xfrm_dst_lookup() to dscp_t.

Checks

Commit Message

Comments

Patch