lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 27 Mar 2019 18:31:29 +0100
From:   Florian Westphal <fw@...len.de>
To:     <netdev@...r.kernel.org>
Cc:     steffen.klassert@...unet.com
Subject: [PATCH ipsec-next 00/11] xfrm: remove xfrm_mode indirections

This series removes all function pointers from the xfrm_mode struct.
They are either replaced by direct calls or a static helper.

This also reduces code size: even merging all xfrm{4,6}_,mode* modules
into the core reduces total size, as the infrastructure to maintain
dynamic (un)register can be removed.

There are more opportunities for indirection avoidance, e.g. in
xfrm_type.

I plan to follow up once/if this series is accepted.
This is quite some code churn, but I think its worth doing.

Tested with xfrm tunnel mode via netns with esp/aead.

Florian Westphal (11):
      xfrm: place af number into xfrm_mode struct
      xfrm: prefer family stored in xfrm_mode struct
      xfrm: remove input indirection from xfrm_mode
      xfrm: remove output indirection from xfrm_mode
      xfrm: remove xmit indirection from xfrm_mode
      xfrm: remove gso_segment indirection from xfrm_mode
      xfrm: remove input2 indirection from xfrm_mode
      xfrm: remove output2 indirection from xfrm_mode
      xfrm: remove afinfo pointer from xfrm_mode
      xfrm: make xfrm modes builtin
      xfrm: store xfrm_mode directly, not its address

 include/net/xfrm.h                 |  105 ++--------
 net/core/pktgen.c                  |    2 
 net/ipv4/Kconfig                   |   29 --
 net/ipv4/Makefile                  |    3 
 net/ipv4/esp4_offload.c            |   40 +++
 net/ipv4/ip_vti.c                  |    6 
 net/ipv4/xfrm4_output.c            |   26 --
 net/ipv6/Kconfig                   |   35 ---
 net/ipv6/Makefile                  |    4 
 net/ipv6/esp6_offload.c            |   40 +++
 net/ipv6/ip6_vti.c                 |    6 
 net/ipv6/xfrm6_output.c            |   36 +--
 net/xfrm/xfrm_device.c             |   58 +++++
 net/xfrm/xfrm_inout.h              |   38 +++
 net/xfrm/xfrm_input.c              |  283 ++++++++++++++++++++++++++-
 net/xfrm/xfrm_interface.c          |    6 
 net/xfrm/xfrm_output.c             |  359 ++++++++++++++++++++++++++++++++++-
 net/xfrm/xfrm_policy.c             |   11 -
 net/xfrm/xfrm_state.c              |  181 ++++++-----------
 tools/testing/selftests/net/config |    2 
 net/ipv4/xfrm4_mode_beet.c         |  155 ---------------
 net/ipv4/xfrm4_mode_transport.c    |  114 -----------
 net/ipv4/xfrm4_mode_tunnel.c       |  152 --------------
 net/ipv6/xfrm6_mode_beet.c         |  131 ------------
 net/ipv6/xfrm6_mode_ro.c           |   85 --------
 net/ipv6/xfrm6_mode_transport.c    |  121 -----------
 net/ipv6/xfrm6_mode_tunnel.c       |  151 --------------
 27 files changed, 937 insertions(+), 1242 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ