Skip to content

Commit

Permalink
xfrm_policy: bypass flow_cache_lookup
Browse files Browse the repository at this point in the history 
Instead of consulting flow cache, call the xfrm bundle/policy lookup
functions directly.  This pretends the flow cache had no entry.

This helps to gradually remove flow cache integration,
followup commit will remove the dead code that this change adds.

Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Florian Westphal authored and David S. Miller committed Jul 18, 2017
1 parent 3c2a89d commit 3ca2828
Showing 1 changed file with 5 additions and 9 deletions.
14 changes: 5 additions & 9 deletions net/xfrm/xfrm_policy.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2052,13 +2052,12 @@ static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net,
}

static struct flow_cache_object *
xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir,
struct flow_cache_object *oldflo, void *ctx)
xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir, struct xfrm_flo *xflo)
{
struct xfrm_flo *xflo = (struct xfrm_flo *)ctx;
struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
struct xfrm_dst *xdst, *new_xdst;
int num_pols = 0, num_xfrms = 0, i, err, pol_dead;
struct flow_cache_object *oldflo = NULL;

/* Check if the policies from old bundle are usable */
xdst = NULL;
Expand Down Expand Up @@ -2128,8 +2127,6 @@ xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir,
dst_release_immediate(&xdst->u.dst);
}

/* We do need to return one reference for original caller */
dst_hold(&new_xdst->u.dst);
return &new_xdst->flo;

make_dummy_bundle:
Expand Down Expand Up @@ -2242,8 +2239,7 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
!net->xfrm.policy_count[XFRM_POLICY_OUT])
goto nopol;

flo = flow_cache_lookup(net, fl, family, dir,
xfrm_bundle_lookup, &xflo);
flo = xfrm_bundle_lookup(net, fl, family, dir, &xflo);
if (flo == NULL)
goto nopol;
if (IS_ERR(flo)) {
Expand Down Expand Up @@ -2489,8 +2485,8 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
if (!pol) {
struct flow_cache_object *flo;

flo = flow_cache_lookup(net, &fl, family, fl_dir,
xfrm_policy_lookup, NULL);
flo = xfrm_policy_lookup(net, &fl, family, dir, NULL, NULL);

if (IS_ERR_OR_NULL(flo))
pol = ERR_CAST(flo);
else
Expand Down

0 comments on commit 3ca2828

Please sign in to comment.