5.10-stable review patch. If anyone has any objections, please let me know.
------------------
From: Leon Romanovsky leonro@nvidia.com
[ Upstream commit 482db2f1dd211f73ad9d71e33ae15c1df6379982 ]
XFRM state doesn't need anything from flags except to understand direction, so store it separately. For future patches, such change will allow us to reuse xfrm_dev_offload for policy offload too, which has three possible directions instead of two.
Reviewed-by: Raed Salem raeds@nvidia.com Signed-off-by: Leon Romanovsky leonro@nvidia.com Signed-off-by: Steffen Klassert steffen.klassert@secunet.com Stable-dep-of: 2cf567f421db ("netdevsim: copy addresses for both in and out paths") Signed-off-by: Sasha Levin sashal@kernel.org --- include/net/xfrm.h | 6 ++++++ net/xfrm/xfrm_device.c | 8 +++++++- net/xfrm/xfrm_user.c | 3 ++- 3 files changed, 15 insertions(+), 2 deletions(-)
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index 987c603806aee..2c1feca282036 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -126,12 +126,18 @@ struct xfrm_state_walk { struct xfrm_address_filter *filter; };
+enum { + XFRM_DEV_OFFLOAD_IN = 1, + XFRM_DEV_OFFLOAD_OUT, +}; + struct xfrm_dev_offload { struct net_device *dev; struct net_device *real_dev; unsigned long offload_handle; unsigned int num_exthdrs; u8 flags; + u8 dir : 2; };
struct xfrm_mode { diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c index 61aa0fd9d2a0c..7690d23bcf8bb 100644 --- a/net/xfrm/xfrm_device.c +++ b/net/xfrm/xfrm_device.c @@ -129,7 +129,7 @@ struct sk_buff *validate_xmit_xfrm(struct sk_buff *skb, netdev_features_t featur
sp = skb_sec_path(skb); x = sp->xvec[sp->len - 1]; - if (xo->flags & XFRM_GRO || x->xso.flags & XFRM_OFFLOAD_INBOUND) + if (xo->flags & XFRM_GRO || x->xso.dir == XFRM_DEV_OFFLOAD_IN) return skb;
/* This skb was already validated on the upper/virtual dev */ @@ -285,11 +285,17 @@ int xfrm_dev_state_add(struct net *net, struct xfrm_state *x, /* Don't forward bit that is not implemented */ xso->flags = xuo->flags & ~XFRM_OFFLOAD_IPV6;
+ if (xuo->flags & XFRM_OFFLOAD_INBOUND) + xso->dir = XFRM_DEV_OFFLOAD_IN; + else + xso->dir = XFRM_DEV_OFFLOAD_OUT; + err = dev->xfrmdev_ops->xdo_dev_state_add(x); if (err) { xso->num_exthdrs = 0; xso->flags = 0; xso->dev = NULL; + xso->dir = 0; xso->real_dev = NULL; dev_put(dev);
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index b12a305a2d7a4..aa509857b6660 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -855,7 +855,8 @@ static int copy_user_offload(struct xfrm_dev_offload *xso, struct sk_buff *skb) xuo = nla_data(attr); memset(xuo, 0, sizeof(*xuo)); xuo->ifindex = xso->dev->ifindex; - xuo->flags = xso->flags; + if (xso->dir == XFRM_DEV_OFFLOAD_IN) + xuo->flags = XFRM_OFFLOAD_INBOUND;
return 0; }