diff mbox series

[net-next,5/5] tcp: TFO - cleanup code duplication

Message ID 20181214224007.54813-6-cpaasch@apple.com
State Changes Requested, archived
Delegated to: David Miller
Headers show
Series tcp: Introduce a TFO key-pool for clean cookie-rotation | expand

Commit Message

Christoph Paasch Dec. 14, 2018, 10:40 p.m. UTC 
We can actually easily reuse __tcp_fastopen_cookie_gen_with_ctx to
generate the cookie based on a give TFO-context.

This cleans up some of the code.

Signed-off-by: Christoph Paasch <cpaasch@apple.com>
---
 net/ipv4/tcp_fastopen.c | 51 +++++++++++--------------------------------------
 1 file changed, 11 insertions(+), 40 deletions(-)

Comments

Eric Dumazet Dec. 17, 2018, 6:33 a.m. UTC | #1 
On 12/14/2018 02:40 PM, Christoph Paasch wrote:
> We can actually easily reuse __tcp_fastopen_cookie_gen_with_ctx to
> generate the cookie based on a give TFO-context.
>

s/give/given/
Christoph Paasch Dec. 18, 2018, 12:16 a.m. UTC | #2 
On 16/12/18 - 22:33:52, Eric Dumazet wrote:
> 
> 
> On 12/14/2018 02:40 PM, Christoph Paasch wrote:
> > We can actually easily reuse __tcp_fastopen_cookie_gen_with_ctx to
> > generate the cookie based on a give TFO-context.
> >
> 
> s/give/given/

Thanks! Will be fixed in the v2.


Christoph
diff mbox series

Patch

diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
index e856262ef4c2..81e8b3ae9ecd 100644
--- a/net/ipv4/tcp_fastopen.c
+++ b/net/ipv4/tcp_fastopen.c
@@ -155,27 +155,6 @@  error:		kfree(ctx);
 	return err;
 }
 
-static bool __tcp_fastopen_cookie_gen(struct sock *sk, const void *path,
-				      struct tcp_fastopen_cookie *foc)
-{
-	struct tcp_fastopen_context *ctx;
-	bool ok = false;
-
-	rcu_read_lock();
-
-	ctx = rcu_dereference(inet_csk(sk)->icsk_accept_queue.fastopenq.ctx);
-	if (!ctx)
-		ctx = rcu_dereference(sock_net(sk)->ipv4.tcp_fastopen_ctx);
-
-	if (ctx) {
-		crypto_cipher_encrypt_one(ctx->tfm, foc->val, path);
-		foc->len = TCP_FASTOPEN_COOKIE_SIZE;
-		ok = true;
-	}
-	rcu_read_unlock();
-	return ok;
-}
-
 static void __tcp_fastopen_cookie_gen_with_ctx(struct request_sock *req,
 					       struct sk_buff *syn,
 					       struct tcp_fastopen_cookie *foc,
@@ -222,29 +201,21 @@  static bool tcp_fastopen_cookie_gen(struct sock *sk,
 				    struct sk_buff *syn,
 				    struct tcp_fastopen_cookie *foc)
 {
-	if (req->rsk_ops->family == AF_INET) {
-		const struct iphdr *iph = ip_hdr(syn);
-
-		__be32 path[4] = { iph->saddr, iph->daddr, 0, 0 };
-		return __tcp_fastopen_cookie_gen(sk, path, foc);
-	}
+	struct tcp_fastopen_context *ctx;
+	bool ok = false;
 
-#if IS_ENABLED(CONFIG_IPV6)
-	if (req->rsk_ops->family == AF_INET6) {
-		const struct ipv6hdr *ip6h = ipv6_hdr(syn);
-		struct tcp_fastopen_cookie tmp;
+	rcu_read_lock();
 
-		if (__tcp_fastopen_cookie_gen(sk, &ip6h->saddr, &tmp)) {
-			struct in6_addr *buf = &tmp.addr;
-			int i;
+	ctx = rcu_dereference(inet_csk(sk)->icsk_accept_queue.fastopenq.ctx);
+	if (!ctx)
+		ctx = rcu_dereference(sock_net(sk)->ipv4.tcp_fastopen_ctx);
 
-			for (i = 0; i < 4; i++)
-				buf->s6_addr32[i] ^= ip6h->daddr.s6_addr32[i];
-			return __tcp_fastopen_cookie_gen(sk, buf, foc);
-		}
+	if (ctx) {
+		__tcp_fastopen_cookie_gen_with_ctx(req, syn, foc, ctx);
+		ok = true;
 	}
-#endif
-	return false;
+	rcu_read_unlock();
+	return ok;
 }