summaryrefslogtreecommitdiff
path: root/include/net
diff options
context:
space:
mode:
authorFlorian Westphal <fw@strlen.de>2021-06-18 16:51:56 +0300
committerSteffen Klassert <steffen.klassert@secunet.com>2021-06-21 10:55:06 +0300
commitcfc61c598e43772cc4f76b8fc40c5ec70675716b (patch)
tree2262ae0b45a3759bb064eb83d0e1fa601bfafae4 /include/net
parent30ad6a84f60bdaa32ef5091125299d0d96a330fe (diff)
downloadlinux-cfc61c598e43772cc4f76b8fc40c5ec70675716b.tar.xz
xfrm: replay: avoid xfrm replay notify indirection
replay protection is implemented using a callback structure and then called via x->repl->notify(), x->repl->recheck(), and so on. all the differect functions are always built-in, so this could be direct calls instead. This first patch prepares for removal of the x->repl structure. Add an enum with the three available replay modes to the xfrm_state structure and then replace all x->repl->notify() calls by the new xfrm_replay_notify() helper. The helper checks the enum internally to adapt behaviour as needed. Signed-off-by: Florian Westphal <fw@strlen.de> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'include/net')
-rw-r--r--include/net/xfrm.h11
1 files changed, 10 insertions, 1 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index 3a01570410ab..9a79e41defa7 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -145,6 +145,12 @@ enum {
XFRM_MODE_FLAG_TUNNEL = 1,
};
+enum xfrm_replay_mode {
+ XFRM_REPLAY_MODE_LEGACY,
+ XFRM_REPLAY_MODE_BMP,
+ XFRM_REPLAY_MODE_ESN,
+};
+
/* Full description of state of transformer. */
struct xfrm_state {
possible_net_t xs_net;
@@ -218,6 +224,8 @@ struct xfrm_state {
/* The functions for replay detection. */
const struct xfrm_replay *repl;
+ /* replay detection mode */
+ enum xfrm_replay_mode repl_mode;
/* internal flag that only holds state for delayed aevent at the
* moment
*/
@@ -305,7 +313,6 @@ struct xfrm_replay {
int (*recheck)(struct xfrm_state *x,
struct sk_buff *skb,
__be32 net_seq);
- void (*notify)(struct xfrm_state *x, int event);
int (*overflow)(struct xfrm_state *x, struct sk_buff *skb);
};
@@ -1715,6 +1722,8 @@ static inline int xfrm_policy_id2dir(u32 index)
}
#ifdef CONFIG_XFRM
+void xfrm_replay_notify(struct xfrm_state *x, int event);
+
static inline int xfrm_aevent_is_on(struct net *net)
{
struct sock *nlsk;