diff mbox series

[OpenWrt-Devel] target: drop 616-net_optimize_xfrm_calls.patch

Message ID 20200331080757.188294-1-jo@mein.io
State Accepted
Delegated to: Jo-Philipp Wich
Headers show
Series [OpenWrt-Devel] target: drop 616-net_optimize_xfrm_calls.patch | expand

Commit Message

Jo-Philipp Wich March 31, 2020, 8:07 a.m. UTC 
The conditional check introduced by this patch may trigger a NULL pointer
dereference in case the result of dev_net() is NULL.

Since the purpose of this patch is neither sufficiently explained and since
this patch apparently has never been submitted upstream despite it being in
the pending-* patch directory, I propose to drop it without replacement.

If the performance implications of dropping this patch are found to be
significiant, it should be reintroduced with proper description and
benchmark results.

Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
 .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
 .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
 3 files changed, 60 deletions(-)
 delete mode 100644 target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
 delete mode 100644 target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
 delete mode 100644 target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch

Comments

John Crispin March 31, 2020, 8:09 a.m. UTC | #1 
On 31.03.20 10:07, Jo-Philipp Wich wrote:
> The conditional check introduced by this patch may trigger a NULL pointer
> dereference in case the result of dev_net() is NULL.
>
> Since the purpose of this patch is neither sufficiently explained and since
> this patch apparently has never been submitted upstream despite it being in
> the pending-* patch directory, I propose to drop it without replacement.
>
> If the performance implications of dropping this patch are found to be
> significiant, it should be reintroduced with proper description and
> benchmark results.
>
> Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943
> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Acked-by: John Crispin <john@phrozen.org>
> ---
>   .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>   .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>   .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>   3 files changed, 60 deletions(-)
>   delete mode 100644 target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
>   delete mode 100644 target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
>   delete mode 100644 target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
>
> diff --git a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index c64694ea3c..0000000000
> --- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd@nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd@nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct dst_entry *dst;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> diff --git a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index 6a5801027c..0000000000
> --- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd@nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd@nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct sock *sk = skb->sk;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> diff --git a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index 952bf690d8..0000000000
> --- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd@nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd@nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct sock *sk = skb->sk;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
Adrian Schmutzler March 31, 2020, 9:40 a.m. UTC | #2 
Hi,

> -----Original Message-----
> From: openwrt-devel [mailto:openwrt-devel-bounces@lists.openwrt.org]
> On Behalf Of Jo-Philipp Wich
> Sent: Dienstag, 31. März 2020 10:08
> To: openwrt-devel@lists.openwrt.org
> Cc: Jo-Philipp Wich <jo@mein.io>
> Subject: [OpenWrt-Devel] [PATCH] target: drop 616-
> net_optimize_xfrm_calls.patch

shouldn't the commit title prefix be "generic:" or "kernel:" or do I just understand something wrong here?

Best

Adrian

> 
> The conditional check introduced by this patch may trigger a NULL pointer
> dereference in case the result of dev_net() is NULL.
> 
> Since the purpose of this patch is neither sufficiently explained and since this
> patch apparently has never been submitted upstream despite it being in the
> pending-* patch directory, I propose to drop it without replacement.
> 
> If the performance implications of dropping this patch are found to be
> significiant, it should be reintroduced with proper description and benchmark
> results.
> 
> Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943
> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
> ---
>  .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>  .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>  .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
>  3 files changed, 60 deletions(-)
>  delete mode 100644 target/linux/generic/pending-4.14/616-
> net_optimize_xfrm_calls.patch
>  delete mode 100644 target/linux/generic/pending-4.19/616-
> net_optimize_xfrm_calls.patch
>  delete mode 100644 target/linux/generic/pending-5.4/616-
> net_optimize_xfrm_calls.patch
> 
> diff --git a/target/linux/generic/pending-4.14/616-
> net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.14/616-
> net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index c64694ea3c..0000000000
> --- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd@nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd@nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct dst_entry *dst;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)-
> >xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> diff --git a/target/linux/generic/pending-4.19/616-
> net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.19/616-
> net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index 6a5801027c..0000000000
> --- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd@nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd@nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct sock *sk = skb->sk;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)-
> >xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> diff --git a/target/linux/generic/pending-5.4/616-
> net_optimize_xfrm_calls.patch b/target/linux/generic/pending-5.4/616-
> net_optimize_xfrm_calls.patch
> deleted file mode 100644
> index 952bf690d8..0000000000
> --- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
> +++ /dev/null
> @@ -1,20 +0,0 @@
> -From: Felix Fietkau <nbd@nbd.name>
> -Subject: kernel: add a small xfrm related performance optimization
> -
> -Signed-off-by: Felix Fietkau <nbd@nbd.name>
> ----
> - net/netfilter/nf_nat_core.c | 3 +++
> - 1 file changed, 3 insertions(+)
> -
> ---- a/net/netfilter/nf_nat_core.c
> -+++ b/net/netfilter/nf_nat_core.c
> -@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s
> - 	struct sock *sk = skb->sk;
> - 	int err;
> -
> -+	if (skb->dev && !dev_net(skb->dev)-
> >xfrm.policy_count[XFRM_POLICY_OUT])
> -+		return 0;
> -+
> - 	err = xfrm_decode_session(skb, &fl, family);
> - 	if (err < 0)
> - 		return err;
> --
> 2.25.1
> 
> 
> _______________________________________________
> openwrt-devel mailing list
> openwrt-devel@lists.openwrt.org
> https://lists.openwrt.org/mailman/listinfo/openwrt-devel
diff mbox series

Patch

diff --git a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
deleted file mode 100644
index c64694ea3c..0000000000
--- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
+++ /dev/null
@@ -1,20 +0,0 @@ 
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct dst_entry *dst;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;
diff --git a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
deleted file mode 100644
index 6a5801027c..0000000000
--- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
+++ /dev/null
@@ -1,20 +0,0 @@ 
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct sock *sk = skb->sk;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;
diff --git a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
deleted file mode 100644
index 952bf690d8..0000000000
--- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
+++ /dev/null
@@ -1,20 +0,0 @@ 
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct sock *sk = skb->sk;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;