[OpenWrt-Devel] [PATCH] target: drop 616-net_optimize_xfrm_calls.patch

Tue Mar 31 04:09:26 EDT 2020

On 31.03.20 10:07, Jo-Philipp Wich wrote:
> The conditional check introduced by this patch may trigger a NULL pointer
> dereference in case the result of dev_net() is NULL.
>
> Since the purpose of this patch is neither sufficiently explained and since
> this patch apparently has never been submitted upstream despite it being in
> the pending-* patch directory, I propose to drop it without replacement.
>
> If the performance implications of dropping this patch are found to be
> significiant, it should be reintroduced with proper description and
> benchmark results.
>
> Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943
> Signed-off-by: Jo-Philipp Wich <jo at mein.io>
Acked-by: John Crispin <john at phrozen.org>
> ---
>   .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>   .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>   .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>   3 files changed, 60 deletions(-)
>   delete mode 100644 target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
>   delete mode 100644 target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
>   delete mode 100644 target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
>
> diff --git a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index c64694ea3c..0000000000
> --- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd at nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd at nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct dst_entry *dst;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> diff --git a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index 6a5801027c..0000000000
> --- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd at nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd at nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct sock *sk = skb->sk;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> diff --git a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index 952bf690d8..0000000000
> --- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd at nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd at nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct sock *sk = skb->sk;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel