lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 29 Mar 2019 21:16:21 +0100
From:   Florian Westphal <fw@...len.de>
To:     <netdev@...r.kernel.org>
Subject: [PATCH v2 ipsec-next 00/11] xfrm: remove xfrm_mode indirections

This series removes all function pointers from the xfrm_mode struct.
They are either replaced by direct calls or a static helper.

This reduces code size: even merging all xfrm{4,6}_,mode* modules
into the core reduces total size, as the infrastructure to maintain
dynamic (un)register can be removed.

There are more opportunities for indirection avoidance, e.g. in
xfrm_type.  I plan to follow up once/if this series is accepted.

Tested with xfrm tunnel mode via netns with esp/aead.

I'd like thank Benedict Wong for running Android unit tests
and taking the time to bisect a tunnel mode breakage added by
v1 of this patch set.

I've addressed the comments/feedback from Sabrina and Eyal.
The kbuild robot reported build breakage in patch #8 is fixed
as well.

I've not addressed the sparse warning reported by the
kbuild robot -- those warnings are in code not touched
by this patch set.

Florian Westphal (11):
      xfrm: place af number into xfrm_mode struct
      xfrm: prefer family stored in xfrm_mode struct
      xfrm: remove input indirection from xfrm_mode
      xfrm: remove output indirection from xfrm_mode
      xfrm: remove xmit indirection from xfrm_mode
      xfrm: remove gso_segment indirection from xfrm_mode
      xfrm: remove input2 indirection from xfrm_mode
      xfrm: remove output2 indirection from xfrm_mode
      xfrm: remove afinfo pointer from xfrm_mode
      xfrm: make xfrm modes builtin
      xfrm: store xfrm_mode directly, not its address

 include/net/xfrm.h                 |  106 ++-------
 net/core/pktgen.c                  |    2 
 net/ipv4/Kconfig                   |   29 --
 net/ipv4/Makefile                  |    3 
 net/ipv4/esp4_offload.c            |   40 +++
 net/ipv4/ip_vti.c                  |    6 
 net/ipv4/xfrm4_output.c            |   27 +-
 net/ipv6/Kconfig                   |   35 ---
 net/ipv6/Makefile                  |    4 
 net/ipv6/esp6_offload.c            |   40 +++
 net/ipv6/ip6_vti.c                 |    6 
 net/ipv6/xfrm6_output.c            |   36 +--
 net/xfrm/xfrm_device.c             |   58 +++++
 net/xfrm/xfrm_inout.h              |   38 +++
 net/xfrm/xfrm_input.c              |  299 ++++++++++++++++++++++++++-
 net/xfrm/xfrm_interface.c          |    6 
 net/xfrm/xfrm_output.c             |  377 ++++++++++++++++++++++++++++++++++-
 net/xfrm/xfrm_policy.c             |   14 +
 net/xfrm/xfrm_state.c              |  181 ++++++----------
 tools/testing/selftests/net/config |    2 
 net/ipv4/xfrm4_mode_beet.c         |  155 --------------
 net/ipv4/xfrm4_mode_transport.c    |  114 ----------
 net/ipv4/xfrm4_mode_tunnel.c       |  152 --------------
 net/ipv6/xfrm6_mode_beet.c         |  131 ------------
 net/ipv6/xfrm6_mode_ro.c           |   85 -------
 net/ipv6/xfrm6_mode_transport.c    |  121 -----------
 net/ipv6/xfrm6_mode_tunnel.c       |  151 --------------
 27 files changed, 976 insertions(+), 1247 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ