From patchwork Fri Jul 20 02:07:47 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nathan Harold X-Patchwork-Id: 946687 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming-netdev@ozlabs.org Delivered-To: patchwork-incoming-netdev@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=google.com header.i=@google.com header.b="iUB6RPU2"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 41WvRx53MQz9s3Z for ; Fri, 20 Jul 2018 12:08:13 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730776AbeGTCyF (ORCPT ); Thu, 19 Jul 2018 22:54:05 -0400 Received: from mail-io0-f202.google.com ([209.85.223.202]:48313 "EHLO mail-io0-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730505AbeGTCyE (ORCPT ); Thu, 19 Jul 2018 22:54:04 -0400 Received: by mail-io0-f202.google.com with SMTP id t11-v6so7294764iog.15 for ; Thu, 19 Jul 2018 19:08:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:date:message-id:subject:from:to:cc; bh=GUfQSWeu+E1gSFVLNbv0ElY9c8elTyqccGz6TLsKE0k=; b=iUB6RPU2HZvIJt/1xIsZYy5BmSkmACfMdBxwOcWrRKXjLKXUC95yyO3QdtBnCuTe0i 4m3dD2rGZ+A0NroqXV7GnwsmZWSyskK2nAOLziEc9cue0bALg/f/Eda8hsClDnaJSreS thA/y+d2cYz+UZIyTFsmFr9tlfjQfZQrSZO7FWhQyFvf0BsJUEx5Tan9AI3HuF3wSNmD zklLU5ea7tTTP6TUErrEZ0JC/rnVYVipywqCDdhakSZ6mIUAfV8h4GjpKr4YP9C4oVGa laVuj9SJBg9RKE/YEq3vrZ21EPbCm+eZD+3gY0YXHyqgKQjBYEtWQCZLru7NUqiiorCt AXKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:message-id:subject:from:to:cc; bh=GUfQSWeu+E1gSFVLNbv0ElY9c8elTyqccGz6TLsKE0k=; b=OeM4p4iIrFec8sZY7BX2gXya1Y5QQdmKqm76fy9dN3IaLRNKvV83ege7rK87Sm9GI6 YqIml7I7ZZFWLZLMppEYS+jzrFiohr6gRWQ+E3wkFYbO6ls8oHtE5wlGzDRmp8L0XrQR cAu93A1eYNBW7kIKTCf+Yop51vm2231k8BjK+vFPiRr51qRMyfgu39rxSrL+c9m1HVHY 1PS0+lWdPNpo+49N3ByhMjegRQIusWey/eslVownhGcC5vGkdaS2DvOrP7SlQZ1V317j vPZ3ezWHspW5TEmWE+w1qwziJI2lM14Ro4VLDbajaxjkTB7KraoS/H+Y7+Rh8ye/Y45z 4KmA== X-Gm-Message-State: AOUpUlHv9bzvsfAUB5szawamNAhKLQkavCpPe77/enpSfS6tOdns87xf SiKotz2anufK0NU2U2RJ4ehRLEXMxERBmpsNCNtu/YkgW38LP6HCRso7rM11+F9qyTSNtwBJSgQ +GwnUlxgIbsy1uoUo5/WIVQkH3xSQwxhqHOpWhUTcU5pjG1rrkjjUNl271J20ERfL X-Google-Smtp-Source: AAOMgpemvOxL8ETsFdHiWHT1qU0QttiJSExGoQXX5bQ0UDLKl6ijqLsVqUfl6i8vaPDqjvZ4082BTnzTHZHI MIME-Version: 1.0 X-Received: by 2002:a24:4a:: with SMTP id 71-v6mr206582ita.8.1532052490391; Thu, 19 Jul 2018 19:08:10 -0700 (PDT) Date: Thu, 19 Jul 2018 19:07:47 -0700 Message-Id: <20180720020747.243630-1-nharold@google.com> X-Mailer: git-send-email 2.18.0.233.g985f88cf7e-goog Subject: [PATCH ipsec-next] xfrm: Allow xfrmi if_id to be updated by UPDSA From: Nathan Harold To: netdev@vger.kernel.org Cc: lorenzo@google.com, benedictwong@google.com, nharold@google.com Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Allow attaching an SA to an xfrm interface id after the creation of the SA, so that tasks such as keying which must be done as the SA is created, can remain separate from the decision on how to route traffic from an SA. This permits SA creation to be decomposed in to three separate steps: 1) allocation of a SPI 2) algorithm and key negotiation 3) insertion into the data path Signed-off-by: Nathan Harold --- net/xfrm/xfrm_state.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index 27c84e63c7ff..c4c563d9be47 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -1562,10 +1562,14 @@ int xfrm_state_update(struct xfrm_state *x) if (x1->curlft.use_time) xfrm_state_check_expire(x1); - if (x->props.smark.m || x->props.smark.v) { + if (x->props.smark.m || x->props.smark.v || x->if_id) { spin_lock_bh(&net->xfrm.xfrm_state_lock); - x1->props.smark = x->props.smark; + if (x->props.smark.m || x->props.smark.v) + x1->props.smark = x->props.smark; + + if (x->if_id) + x1->if_id = x->if_id; __xfrm_state_bump_genids(x1); spin_unlock_bh(&net->xfrm.xfrm_state_lock);