On 1/7/23 02:05, Jakub Kicinski wrote:
> On Tue, 3 Jan 2023 18:42:55 +0000 Dmitry Safonov wrote:
>> Use crypto_pool API that was designed with tcp_md5sig_pool in mind.
>> The conversion to use crypto_pool will allow:
>> - to reuse ahash_request(s) for different users
>> - to allocate only one per-CPU scratch buffer rather than a new one for
>> each user
>> - to have a common API for net/ users that need ahash on RX/TX fast path
>
>> config TCP_MD5SIG
>> bool "TCP: MD5 Signature Option support (RFC2385)"
>> - select CRYPTO
>> + select CRYPTO_POOL
>
> Are you sure we don't need to select CRYPTO any more?
> select does not resolve dependencies.
Yeah, stumbled into it when I was rebasing TCP-AO patches on the top:
they select both and I think you're right that it still needs to select
CRYPTO here as well (noticed only after sending v2).
>
>> select CRYPTO_MD5
>> help
>> RFC2385 specifies a method of giving MD5 protection to TCP sessions.
>
>> @@ -749,29 +746,27 @@ static int tcp_v6_md5_hash_skb(char *md5_hash,
>> daddr = &ip6h->daddr;
>> }
>>
>> - hp = tcp_get_md5sig_pool();
>> - if (!hp)
>> + if (crypto_pool_get(tcp_md5_crypto_pool_id, (struct crypto_pool *)&hp))
>
> &hp.base ? To avoid the cast
Oh, that's nice, will do!
Thanks,
Dmitry
