xfrm: change secpath_set to return secpath struct, not error value

It can only return 0 (success) or -ENOMEM. Change return value to a pointer to secpath struct. This avoids direct access to skb->sp: err = secpath_set(skb); if (!err) .. skb->sp-> ... Becomes: sp = secpath_set(skb) if (!sp) .. sp-> .. This reduces noise in followup patch which is going to remove skb->sp. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: David S. Miller <davem@davemloft.net>
2018-12-18 17:15:18 +01:00 · 2018-12-18 17:15:18 +01:00 · 0ca64da128
parent de8bda1d22
commit 0ca64da128
5 changed files with 26 additions and 20 deletions
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@ -1131,7 +1131,7 @@ secpath_put(struct sec_path *sp)
 }
 struct sec_path *secpath_dup(struct sec_path *src);
-int secpath_set(struct sk_buff *skb);
+struct sec_path *secpath_set(struct sk_buff *skb);
 static inline void
 secpath_reset(struct sk_buff *skb)
--- a/net/ipv4/esp4_offload.c
+++ b/net/ipv4/esp4_offload.c
@ -46,11 +46,12 @@ static struct sk_buff *esp4_gro_receive(struct list_head *head,
 	xo = xfrm_offload(skb);
 	if (!xo || !(xo->flags & CRYPTO_DONE)) {
-		err = secpath_set(skb);
+		struct sec_path *sp = secpath_set(skb);
-		if (err)
+
 		if (!sp)
 			goto out;
-		if (skb->sp->len == XFRM_MAX_DEPTH)
+		if (sp->len == XFRM_MAX_DEPTH)
 			goto out;
 		x = xfrm_state_lookup(dev_net(skb->dev), skb->mark,
@ -59,8 +60,8 @@ static struct sk_buff *esp4_gro_receive(struct list_head *head,
 		if (!x)
 			goto out;
-		skb->sp->xvec[skb->sp->len++] = x;
+		sp->xvec[sp->len++] = x;
-		skb->sp->olen++;
+		sp->olen++;
 		xo = xfrm_offload(skb);
 		if (!xo) {
--- a/net/ipv6/esp6_offload.c
+++ b/net/ipv6/esp6_offload.c
@ -68,11 +68,12 @@ static struct sk_buff *esp6_gro_receive(struct list_head *head,
 	xo = xfrm_offload(skb);
 	if (!xo || !(xo->flags & CRYPTO_DONE)) {
-		err = secpath_set(skb);
+		struct sec_path *sp = secpath_set(skb);
-		if (err)
+
 		if (!sp)
 			goto out;
-		if (skb->sp->len == XFRM_MAX_DEPTH)
+		if (sp->len == XFRM_MAX_DEPTH)
 			goto out;
 		x = xfrm_state_lookup(dev_net(skb->dev), skb->mark,
@ -81,8 +82,8 @@ static struct sk_buff *esp6_gro_receive(struct list_head *head,
 		if (!x)
 			goto out;
-		skb->sp->xvec[skb->sp->len++] = x;
+		sp->xvec[sp->len++] = x;
-		skb->sp->olen++;
+		sp->olen++;
 		xo = xfrm_offload(skb);
 		if (!xo) {
--- a/net/ipv6/xfrm6_input.c
+++ b/net/ipv6/xfrm6_input.c
@ -86,14 +86,16 @@ int xfrm6_input_addr(struct sk_buff *skb, xfrm_address_t *daddr,
 {
 	struct net *net = dev_net(skb->dev);
 	struct xfrm_state *x = NULL;
 	struct sec_path *sp;
 	int i = 0;
-	if (secpath_set(skb)) {
+	sp = secpath_set(skb);
 	if (!sp) {
 		XFRM_INC_STATS(net, LINUX_MIB_XFRMINERROR);
 		goto drop;
 	}
-	if (1 + skb->sp->len == XFRM_MAX_DEPTH) {
+	if (1 + sp->len == XFRM_MAX_DEPTH) {
 		XFRM_INC_STATS(net, LINUX_MIB_XFRMINBUFFERERROR);
 		goto drop;
 	}
--- a/net/xfrm/xfrm_input.c
+++ b/net/xfrm/xfrm_input.c
@ -145,21 +145,22 @@ struct sec_path *secpath_dup(struct sec_path *src)
 }
 EXPORT_SYMBOL(secpath_dup);
-int secpath_set(struct sk_buff *skb)
+struct sec_path *secpath_set(struct sk_buff *skb)
 {
-	struct sec_path *sp;
+	struct sec_path *sp = skb->sp;
 	/* Allocate new secpath or COW existing one. */
-	if (!skb->sp || refcount_read(&skb->sp->refcnt) != 1) {
+	if (!sp || refcount_read(&sp->refcnt) != 1) {
 		sp = secpath_dup(skb->sp);
 		if (!sp)
-			return -ENOMEM;
+			return NULL;
 		if (skb->sp)
 			secpath_put(skb->sp);
 		skb->sp = sp;
 	}
-	return 0;
+
 	return sp;
 }
 EXPORT_SYMBOL(secpath_set);
@ -236,6 +237,7 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
 	bool xfrm_gro = false;
 	bool crypto_done = false;
 	struct xfrm_offload *xo = xfrm_offload(skb);
 	struct sec_path *sp;
 	if (encap_type < 0) {
 		x = xfrm_input_state(skb);
@ -312,8 +314,8 @@ int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type)
 		break;
 	}
-	err = secpath_set(skb);
+	sp = secpath_set(skb);
-	if (err) {
+	if (!sp) {
 		XFRM_INC_STATS(net, LINUX_MIB_XFRMINERROR);
 		goto drop;
 	}