diff mbox series

[OpenWrt-Devel,v2] generic: drop 616-net_optimize_xfrm_calls.patch

Message ID 20200331102049.193157-1-jo@mein.io
State New
Headers show
Series [OpenWrt-Devel,v2] generic: drop 616-net_optimize_xfrm_calls.patch | expand

Commit Message

Jo-Philipp Wich March 31, 2020, 10:20 a.m. UTC
The conditional check introduced by this patch may trigger a NULL pointer
dereference in case the result of dev_net() is NULL.

Since the purpose of this patch is neither sufficiently explained and since
this patch apparently has never been submitted upstream despite it being in
the pending-* patch directory, I propose to drop it without replacement.

If the performance implications of dropping this patch are found to be
significiant, it should be reintroduced with proper description and
benchmark results.

Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
---
 .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
 .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
 .../616-net_optimize_xfrm_calls.patch         | 20 -------------------
 3 files changed, 60 deletions(-)
 delete mode 100644 target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
 delete mode 100644 target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
 delete mode 100644 target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
diff mbox series

Patch

diff --git a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
deleted file mode 100644
index c64694ea3c..0000000000
--- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
+++ /dev/null
@@ -1,20 +0,0 @@ 
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct dst_entry *dst;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;
diff --git a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
deleted file mode 100644
index 6a5801027c..0000000000
--- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
+++ /dev/null
@@ -1,20 +0,0 @@ 
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct sock *sk = skb->sk;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;
diff --git a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
deleted file mode 100644
index 952bf690d8..0000000000
--- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
+++ /dev/null
@@ -1,20 +0,0 @@ 
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
----
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
---- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct sock *sk = skb->sk;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;