lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <52AE143E.3020807@cogentembedded.com>
Date:	Sun, 15 Dec 2013 23:42:38 +0300
From:	Sergei Shtylyov <sergei.shtylyov@...entembedded.com>
To:	Fan Du <fan.du@...driver.com>, davem@...emloft.net
CC:	steffen.klassert@...unet.com, hadi@...erus.ca,
	netdev@...r.kernel.org
Subject: Re: [PATCHv3 net-next 6/7] {pktgen, xfrm} Introduce xfrm_state_lookup_byspi
 for pktgen

Hello.

On 12/15/2013 10:58 AM, Fan Du wrote:

> Introduce xfrm_state_lookup_byspi to find user specified by custom
> from "pgset spi xxx". Using this scheme, any flow regardless its
> saddr/daddr could be transform by SA specified with configurable
> spi.

> Signed-off-by: Fan Du <fan.du@...driver.com>
[...]

> diff --git a/net/core/pktgen.c b/net/core/pktgen.c
> index eb70c23..ae268ff 100644
> --- a/net/core/pktgen.c
> +++ b/net/core/pktgen.c
> @@ -2247,13 +2247,21 @@ static void get_ipsec_sa(struct pktgen_dev *pkt_dev, int flow)
>   	struct xfrm_state *x = pkt_dev->flows[flow].x;
>   	struct pktgen_net *pn = net_generic(dev_net(pkt_dev->odev), pg_net_id);
>   	if (!x) {
> -		/*slow path: we dont already have xfrm_state*/
> -		x = xfrm_stateonly_find(pn->net, DUMMY_MARK,
> -					(xfrm_address_t *)&pkt_dev->cur_daddr,
> -					(xfrm_address_t *)&pkt_dev->cur_saddr,
> -					AF_INET,
> -					pkt_dev->ipsmode,
> -					pkt_dev->ipsproto, 0);
> +
> +		if (pkt_dev->spi) {
> +			/* We need as quick as possible to find the right SA
> +		 	 * Searching with minimum criteria to archieve this.
> +		 	 */
> +			x = xfrm_state_lookup_byspi(pn->net, htonl(pkt_dev->spi), AF_INET);
> +		} else {
> +			/*slow path: we dont already have xfrm_state*/

    Could you insert spaces after /* and before */, while at it?

WBR, Sergei

--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ