On Wed, Feb 05, 2025 at 08:20:21PM +0200, Leon Romanovsky wrote: > From: Leon Romanovsky <leonro@xxxxxxxxxx> > > SA replay mode is initialized differently for user-space and > kernel-space users, but the call to xfrm_init_replay() existed in > common path with boolean protection. That caused to situation where > we have two different function orders. > > So let's rewrite the SA initialization flow to have same order for > both in-kernel and user-space callers. > > Signed-off-by: Leon Romanovsky <leonro@xxxxxxxxxx> > --- > include/net/xfrm.h | 3 +-- > net/xfrm/xfrm_state.c | 22 ++++++++++------------ > net/xfrm/xfrm_user.c | 2 +- > 3 files changed, 12 insertions(+), 15 deletions(-) > > diff --git a/include/net/xfrm.h b/include/net/xfrm.h > index 28355a5be5b9..58f8f7661ec4 100644 > --- a/include/net/xfrm.h > +++ b/include/net/xfrm.h > @@ -1770,8 +1770,7 @@ void xfrm_spd_getinfo(struct net *net, struct xfrmk_spdinfo *si); > u32 xfrm_replay_seqhi(struct xfrm_state *x, __be32 net_seq); > int xfrm_init_replay(struct xfrm_state *x, struct netlink_ext_ack *extack); > u32 xfrm_state_mtu(struct xfrm_state *x, int mtu); > -int __xfrm_init_state(struct xfrm_state *x, bool init_replay, > - struct netlink_ext_ack *extack); > +int __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack); > int xfrm_init_state(struct xfrm_state *x); > int xfrm_input(struct sk_buff *skb, int nexthdr, __be32 spi, int encap_type); > int xfrm_input_resume(struct sk_buff *skb, int nexthdr); > diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c > index 568fe8df7741..42799b0946a3 100644 > --- a/net/xfrm/xfrm_state.c > +++ b/net/xfrm/xfrm_state.c > @@ -3120,8 +3120,7 @@ u32 xfrm_state_mtu(struct xfrm_state *x, int mtu) > } > EXPORT_SYMBOL_GPL(xfrm_state_mtu); > > -int __xfrm_init_state(struct xfrm_state *x, bool init_replay, > - struct netlink_ext_ack *extack) > +int __xfrm_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack) The whole point of having __xfrm_init_state was to sepatate codepaths that need init_replay and those who don't need it. That was a bandaid for something, unfortunately I don't remenber for what. If we don't need that anymore, maybe we can merge __xfrm_init_state into xfrm_init_state, as it was before. The rest of the patchset looks OK to me.
