Re: [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine

[PATCH ipsec-next 0/5] Support PTMU in tunnel mode for packet offload · Leon Romanovsky <leon@kernel.org> · 2025-02-05
[PATCH ipsec-next 1/5] xfrm: delay initialization of offload path till its actually requested · Leon Romanovsky <leon@kernel.org> · 2025-02-05
Re: [PATCH ipsec-next 1/5] xfrm: delay initialization of offload path till its actually requested · Bharat Bhushan <hidden> · 2025-02-06
Re: [PATCH ipsec-next 1/5] xfrm: delay initialization of offload path till its actually requested · Leon Romanovsky <leon@kernel.org> · 2025-02-06
Re: [PATCH ipsec-next 1/5] xfrm: delay initialization of offload path till its actually requested · Bharat Bhushan <hidden> · 2025-02-06
Re: [PATCH ipsec-next 1/5] xfrm: delay initialization of offload path till its actually requested · Leon Romanovsky <leon@kernel.org> · 2025-02-06
[PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine · Leon Romanovsky <leon@kernel.org> · 2025-02-05
Re: [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine · Steffen Klassert <steffen.klassert@secunet.com> · 2025-02-12
Re: [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine · Leon Romanovsky <leon@kernel.org> · 2025-02-12
Re: [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine · Steffen Klassert <steffen.klassert@secunet.com> · 2025-02-14
Re: [PATCH ipsec-next 2/5] xfrm: simplify SA initialization routine · "Leon Romanovsky" <leon@kernel.org> · 2025-02-14
[PATCH ipsec-next 4/5] xfrm: provide common xdo_dev_offload_ok callback implementation · Leon Romanovsky <leon@kernel.org> · 2025-02-05
Re: [PATCH ipsec-next 4/5] xfrm: provide common xdo_dev_offload_ok callback implementation · Zhu Yanjun <hidden> · 2025-02-16
Re: [PATCH ipsec-next 4/5] xfrm: provide common xdo_dev_offload_ok callback implementation · Leon Romanovsky <leon@kernel.org> · 2025-02-16
Re: [PATCH ipsec-next 4/5] xfrm: provide common xdo_dev_offload_ok callback implementation · Zhu Yanjun <hidden> · 2025-02-16
[PATCH ipsec-next 5/5] xfrm: check for PMTU in tunnel mode for packet offload · Leon Romanovsky <leon@kernel.org> · 2025-02-05
[PATCH ipsec-next 3/5] xfrm: rely on XFRM offload · Leon Romanovsky <leon@kernel.org> · 2025-02-05
Re: [PATCH ipsec-next 3/5] xfrm: rely on XFRM offload · Zhu Yanjun <hidden> · 2025-02-18

From: Steffen Klassert <steffen.klassert@secunet.com>
Date: 2025-02-12 12:05:59
Also in: intel-wired-lan, linux-doc, linux-rdma

On Wed, Feb 05, 2025 at 08:20:21PM +0200, Leon Romanovsky wrote:

quoted hunk ↗ jump to hunk

From: Leon Romanovsky <leonro@nvidia.com>

SA replay mode is initialized differently for user-space and
kernel-space users, but the call to xfrm_init_replay() existed in
common path with boolean protection. That caused to situation where
we have two different function orders.

So let's rewrite the SA initialization flow to have same order for
both in-kernel and user-space callers.

Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
---
 include/net/xfrm.h    |  3 +--
 net/xfrm/xfrm_state.c | 22 ++++++++++------------
 net/xfrm/xfrm_user.c  |  2 +-
 3 files changed, 12 insertions(+), 15 deletions(-)

diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 28355a5be5b9..58f8f7661ec4 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h

@@ -1770,8 +1770,7 @@ void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si);
 u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq);
 int xfrm_init_replay(struct xfrm_state *x, struct netlink_ext_ack *extack);
 u32 xfrm_state_mtu(struct xfrm_state *x, int mtu);
-int __xfrm_init_state(struct xfrm_state *x, bool init_replay,
-		      struct netlink_ext_ack *extack);
+int __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack);
 int xfrm_init_state(struct xfrm_state *x);
 int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type);
 int xfrm_input_resume(struct sk_buff *skb, int nexthdr);

diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 568fe8df7741..42799b0946a3 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c

@@ -3120,8 +3120,7 @@ u32 xfrm_state_mtu(struct xfrm_state *x, int mtu)
 }
 EXPORT_SYMBOL_GPL(xfrm_state_mtu);
 
-int __xfrm_init_state(struct xfrm_state *x, bool init_replay,
-		      struct netlink_ext_ack *extack)
+int __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack)

The whole point of having __xfrm_init_state was to
sepatate codepaths that need init_replay and those
who don't need it. That was a bandaid for something,
unfortunately I don't remenber for what.

If we don't need that anymore, maybe we can merge
__xfrm_init_state into xfrm_init_state, as it was
before.

The rest of the patchset looks OK to me.

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help