Commit 3ca28286 authored by Florian Westphal's avatar Florian Westphal Committed by David S. Miller

xfrm_policy: bypass flow_cache_lookup

Instead of consulting flow cache, call the xfrm bundle/policy lookup
functions directly.  This pretends the flow cache had no entry.

This helps to gradually remove flow cache integration,
followup commit will remove the dead code that this change adds.
Signed-off-by: default avatarFlorian Westphal <fw@strlen.de>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 3c2a89dd
...@@ -2052,13 +2052,12 @@ static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net, ...@@ -2052,13 +2052,12 @@ static struct xfrm_dst *xfrm_create_dummy_bundle(struct net *net,
} }
static struct flow_cache_object * static struct flow_cache_object *
xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir, xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir, struct xfrm_flo *xflo)
struct flow_cache_object *oldflo, void *ctx)
{ {
struct xfrm_flo *xflo = (struct xfrm_flo *)ctx;
struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX]; struct xfrm_policy *pols[XFRM_POLICY_TYPE_MAX];
struct xfrm_dst *xdst, *new_xdst; struct xfrm_dst *xdst, *new_xdst;
int num_pols = 0, num_xfrms = 0, i, err, pol_dead; int num_pols = 0, num_xfrms = 0, i, err, pol_dead;
struct flow_cache_object *oldflo = NULL;
/* Check if the policies from old bundle are usable */ /* Check if the policies from old bundle are usable */
xdst = NULL; xdst = NULL;
...@@ -2128,8 +2127,6 @@ xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir, ...@@ -2128,8 +2127,6 @@ xfrm_bundle_lookup(struct net *net, const struct flowi *fl, u16 family, u8 dir,
dst_release_immediate(&xdst->u.dst); dst_release_immediate(&xdst->u.dst);
} }
/* We do need to return one reference for original caller */
dst_hold(&new_xdst->u.dst);
return &new_xdst->flo; return &new_xdst->flo;
make_dummy_bundle: make_dummy_bundle:
...@@ -2242,8 +2239,7 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig, ...@@ -2242,8 +2239,7 @@ struct dst_entry *xfrm_lookup(struct net *net, struct dst_entry *dst_orig,
!net->xfrm.policy_count[XFRM_POLICY_OUT]) !net->xfrm.policy_count[XFRM_POLICY_OUT])
goto nopol; goto nopol;
flo = flow_cache_lookup(net, fl, family, dir, flo = xfrm_bundle_lookup(net, fl, family, dir, &xflo);
xfrm_bundle_lookup, &xflo);
if (flo == NULL) if (flo == NULL)
goto nopol; goto nopol;
if (IS_ERR(flo)) { if (IS_ERR(flo)) {
...@@ -2489,8 +2485,8 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb, ...@@ -2489,8 +2485,8 @@ int __xfrm_policy_check(struct sock *sk, int dir, struct sk_buff *skb,
if (!pol) { if (!pol) {
struct flow_cache_object *flo; struct flow_cache_object *flo;
flo = flow_cache_lookup(net, &fl, family, fl_dir, flo = xfrm_policy_lookup(net, &fl, family, dir, NULL, NULL);
xfrm_policy_lookup, NULL);
if (IS_ERR_OR_NULL(flo)) if (IS_ERR_OR_NULL(flo))
pol = ERR_CAST(flo); pol = ERR_CAST(flo);
else else
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment