xfrm: extract dst lookup parameters into a struct

[ Upstream commit e509996b16728e37d5a909a5c63c1bd64f23b306 ] Preparation for adding more fields to dst lookup functions without changing their signatures. Signed-off-by: Eyal Birger <eyal.birger@gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> Stable-dep-of: b84697210343 ("xfrm: respect ip protocols rules criteria when performing dst lookups") Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-04-24 14:07:52 -04:00 · 2024-09-02 17:07:09 -07:00 · 2024-09-02 17:07:09 -07:00 · ac1d820eaa
commit ac1d820eaa
parent a14a075a14
5 changed files with 72 additions and 64 deletions
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@ -342,20 +342,23 @@ struct xfrm_if_cb {
 void xfrm_if_register_cb(const struct xfrm_if_cb *ifcb);
 void xfrm_if_unregister_cb(void);
 struct xfrm_dst_lookup_params {
 	struct net *net;
 	int tos;
 	int oif;
 	xfrm_address_t *saddr;
 	xfrm_address_t *daddr;
 	u32 mark;
 };
 struct net_device;
 struct xfrm_type;
 struct xfrm_dst;
 struct xfrm_policy_afinfo {
 	struct dst_ops		*dst_ops;
-	struct dst_entry	*(*dst_lookup)(struct net *net,
+	struct dst_entry	*(*dst_lookup)(const struct xfrm_dst_lookup_params *params);
-					       int tos, int oif,
+	int			(*get_saddr)(xfrm_address_t *saddr,
-					       const xfrm_address_t *saddr,
+					     const struct xfrm_dst_lookup_params *params);
 					       const xfrm_address_t *daddr,
 					       u32 mark);
 	int			(*get_saddr)(struct net *net, int oif,
 					     xfrm_address_t *saddr,
 					     xfrm_address_t *daddr,
 					     u32 mark);
 	int			(*fill_dst)(struct xfrm_dst *xdst,
 					    struct net_device *dev,
 					    const struct flowi *fl);
@ -1728,10 +1731,7 @@ static inline int xfrm_user_policy(struct sock *sk, int optname,
 }
 #endif
-struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
+struct dst_entry *__xfrm_dst_lookup(int family, const struct xfrm_dst_lookup_params *params);
 				    const xfrm_address_t *saddr,
 				    const xfrm_address_t *daddr,
 				    int family, u32 mark);
 struct xfrm_policy *xfrm_policy_alloc(struct net *net, gfp_t gfp);
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@ -17,47 +17,41 @@
 #include <net/ip.h>
 #include <net/l3mdev.h>
-static struct dst_entry *__xfrm4_dst_lookup(struct net *net, struct flowi4 *fl4,
+static struct dst_entry *__xfrm4_dst_lookup(struct flowi4 *fl4,
-					    int tos, int oif,
+					    const struct xfrm_dst_lookup_params *params)
 					    const xfrm_address_t *saddr,
 					    const xfrm_address_t *daddr,
 					    u32 mark)
 {
 	struct rtable *rt;
 	memset(fl4, 0, sizeof(*fl4));
-	fl4->daddr = daddr->a4;
+	fl4->daddr = params->daddr->a4;
-	fl4->flowi4_tos = tos;
+	fl4->flowi4_tos = params->tos;
-	fl4->flowi4_l3mdev = l3mdev_master_ifindex_by_index(net, oif);
+	fl4->flowi4_l3mdev = l3mdev_master_ifindex_by_index(params->net,
-	fl4->flowi4_mark = mark;
+							    params->oif);
-	if (saddr)
+	fl4->flowi4_mark = params->mark;
-		fl4->saddr = saddr->a4;
+	if (params->saddr)
 		fl4->saddr = params->saddr->a4;
-	rt = __ip_route_output_key(net, fl4);
+	rt = __ip_route_output_key(params->net, fl4);
 	if (!IS_ERR(rt))
 		return &rt->dst;
 	return ERR_CAST(rt);
 }
-static struct dst_entry *xfrm4_dst_lookup(struct net *net, int tos, int oif,
+static struct dst_entry *xfrm4_dst_lookup(const struct xfrm_dst_lookup_params *params)
 					  const xfrm_address_t *saddr,
 					  const xfrm_address_t *daddr,
 					  u32 mark)
 {
 	struct flowi4 fl4;
-	return __xfrm4_dst_lookup(net, &fl4, tos, oif, saddr, daddr, mark);
+	return __xfrm4_dst_lookup(&fl4, params);
 }
-static int xfrm4_get_saddr(struct net *net, int oif,
+static int xfrm4_get_saddr(xfrm_address_t *saddr,
-			   xfrm_address_t *saddr, xfrm_address_t *daddr,
+			   const struct xfrm_dst_lookup_params *params)
 			   u32 mark)
 {
 	struct dst_entry *dst;
 	struct flowi4 fl4;
-	dst = __xfrm4_dst_lookup(net, &fl4, 0, oif, NULL, daddr, mark);
+	dst = __xfrm4_dst_lookup(&fl4, params);
 	if (IS_ERR(dst))
 		return -EHOSTUNREACH;
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@ -23,23 +23,21 @@
 #include <net/ip6_route.h>
 #include <net/l3mdev.h>
-static struct dst_entry *xfrm6_dst_lookup(struct net *net, int tos, int oif,
+static struct dst_entry *xfrm6_dst_lookup(const struct xfrm_dst_lookup_params *params)
 					  const xfrm_address_t *saddr,
 					  const xfrm_address_t *daddr,
 					  u32 mark)
 {
 	struct flowi6 fl6;
 	struct dst_entry *dst;
 	int err;
 	memset(&fl6, 0, sizeof(fl6));
-	fl6.flowi6_l3mdev = l3mdev_master_ifindex_by_index(net, oif);
+	fl6.flowi6_l3mdev = l3mdev_master_ifindex_by_index(params->net,
-	fl6.flowi6_mark = mark;
+							   params->oif);
-	memcpy(&fl6.daddr, daddr, sizeof(fl6.daddr));
+	fl6.flowi6_mark = params->mark;
-	if (saddr)
+	memcpy(&fl6.daddr, params->daddr, sizeof(fl6.daddr));
-		memcpy(&fl6.saddr, saddr, sizeof(fl6.saddr));
+	if (params->saddr)
 		memcpy(&fl6.saddr, params->saddr, sizeof(fl6.saddr));
-	dst = ip6_route_output(net, NULL, &fl6);
+	dst = ip6_route_output(params->net, NULL, &fl6);
 	err = dst->error;
 	if (dst->error) {
@ -50,15 +48,14 @@ static struct dst_entry *xfrm6_dst_lookup(struct net *net, int tos, int oif,
 	return dst;
 }
-static int xfrm6_get_saddr(struct net *net, int oif,
+static int xfrm6_get_saddr(xfrm_address_t *saddr,
-			   xfrm_address_t *saddr, xfrm_address_t *daddr,
+			   const struct xfrm_dst_lookup_params *params)
 			   u32 mark)
 {
 	struct dst_entry *dst;
 	struct net_device *dev;
 	struct inet6_dev *idev;
-	dst = xfrm6_dst_lookup(net, 0, oif, NULL, daddr, mark);
+	dst = xfrm6_dst_lookup(params);
 	if (IS_ERR(dst))
 		return -EHOSTUNREACH;
@ -68,7 +65,8 @@ static int xfrm6_get_saddr(struct net *net, int oif,
 		return -EHOSTUNREACH;
 	}
 	dev = idev->dev;
-	ipv6_dev_get_saddr(dev_net(dev), dev, &daddr->in6, 0, &saddr->in6);
+	ipv6_dev_get_saddr(dev_net(dev), dev, &params->daddr->in6, 0,
 			   &saddr->in6);
 	dst_release(dst);
 	return 0;
 }
--- a/net/xfrm/xfrm_device.c
+++ b/net/xfrm/xfrm_device.c
@ -263,6 +263,8 @@ int xfrm_dev_state_add(struct net *net, struct xfrm_state *x,
 	dev = dev_get_by_index(net, xuo->ifindex);
 	if (!dev) {
 		struct xfrm_dst_lookup_params params;
 		if (!(xuo->flags & XFRM_OFFLOAD_INBOUND)) {
 			saddr = &x->props.saddr;
 			daddr = &x->id.daddr;
@ -271,9 +273,12 @@ int xfrm_dev_state_add(struct net *net, struct xfrm_state *x,
 			daddr = &x->props.saddr;
 		}
-		dst = __xfrm_dst_lookup(net, 0, 0, saddr, daddr,
+		memset(&params, 0, sizeof(params));
-					x->props.family,
+		params.net = net;
-					xfrm_smark_get(0, x));
+		params.saddr = saddr;
 		params.daddr = daddr;
 		params.mark = xfrm_smark_get(0, x);
 		dst = __xfrm_dst_lookup(x->props.family, &params);
 		if (IS_ERR(dst))
 			return (is_packet_offload) ? -EINVAL : 0;
--- a/net/xfrm/xfrm_policy.c
+++ b/net/xfrm/xfrm_policy.c
@ -251,10 +251,8 @@ static const struct xfrm_if_cb *xfrm_if_get_cb(void)
 	return rcu_dereference(xfrm_if_cb);
 }
-struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
+struct dst_entry *__xfrm_dst_lookup(int family,
-				    const xfrm_address_t *saddr,
+				    const struct xfrm_dst_lookup_params *params)
 				    const xfrm_address_t *daddr,
 				    int family, u32 mark)
 {
 	const struct xfrm_policy_afinfo *afinfo;
 	struct dst_entry *dst;
@ -263,7 +261,7 @@ struct dst_entry *__xfrm_dst_lookup(struct net *net, int tos, int oif,
 	if (unlikely(afinfo == NULL))
 		return ERR_PTR(-EAFNOSUPPORT);
-	dst = afinfo->dst_lookup(net, tos, oif, saddr, daddr, mark);
+	dst = afinfo->dst_lookup(params);
 	rcu_read_unlock();
@ -277,6 +275,7 @@ static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
 						xfrm_address_t *prev_daddr,
 						int family, u32 mark)
 {
 	struct xfrm_dst_lookup_params params;
 	struct net *net = xs_net(x);
 	xfrm_address_t *saddr = &x->props.saddr;
 	xfrm_address_t *daddr = &x->id.daddr;
@ -291,7 +290,14 @@ static inline struct dst_entry *xfrm_dst_lookup(struct xfrm_state *x,
 		daddr = x->coaddr;
 	}
-	dst = __xfrm_dst_lookup(net, tos, oif, saddr, daddr, family, mark);
+	params.net = net;
 	params.saddr = saddr;
 	params.daddr = daddr;
 	params.tos = tos;
 	params.oif = oif;
 	params.mark = mark;
 	dst = __xfrm_dst_lookup(family, &params);
 	if (!IS_ERR(dst)) {
 		if (prev_saddr != saddr)
@ -2424,15 +2430,15 @@ int __xfrm_sk_clone_policy(struct sock *sk, const struct sock *osk)
 }
 static int
-xfrm_get_saddr(struct net *net, int oif, xfrm_address_t *local,
+xfrm_get_saddr(unsigned short family, xfrm_address_t *saddr,
-	       xfrm_address_t *remote, unsigned short family, u32 mark)
+	       const struct xfrm_dst_lookup_params *params)
 {
 	int err;
 	const struct xfrm_policy_afinfo *afinfo = xfrm_policy_get_afinfo(family);
 	if (unlikely(afinfo == NULL))
 		return -EINVAL;
-	err = afinfo->get_saddr(net, oif, local, remote, mark);
+	err = afinfo->get_saddr(saddr, params);
 	rcu_read_unlock();
 	return err;
 }
@ -2461,9 +2467,14 @@ xfrm_tmpl_resolve_one(struct xfrm_policy *policy, const struct flowi *fl,
 			remote = &tmpl->id.daddr;
 			local = &tmpl->saddr;
 			if (xfrm_addr_any(local, tmpl->encap_family)) {
-				error = xfrm_get_saddr(net, fl->flowi_oif,
+				struct xfrm_dst_lookup_params params;
-						       &tmp, remote,
+
-						       tmpl->encap_family, 0);
+				memset(&params, 0, sizeof(params));
 				params.net = net;
 				params.oif = fl->flowi_oif;
 				params.daddr = remote;
 				error = xfrm_get_saddr(tmpl->encap_family, &tmp,
 						       &params);
 				if (error)
 					goto fail;
 				local = &tmp;