From 93294b516e5437980a3562496a5bedec1b3a424f Mon Sep 17 00:00:00 2001 From: Jo-Philipp Wich Date: Tue, 31 Mar 2020 09:54:58 +0200 Subject: [PATCH] generic: drop 616-net_optimize_xfrm_calls.patch The conditional check introduced by this patch may trigger a NULL pointer dereference in case the result of dev_net() is NULL. Since the purpose of this patch is neither sufficiently explained and since this patch apparently has never been submitted upstream despite it being in the pending-* patch directory, I propose to drop it without replacement. If the performance implications of dropping this patch are found to be significiant, it should be reintroduced with proper description and benchmark results. Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943 Signed-off-by: Jo-Philipp Wich --- .../616-net_optimize_xfrm_calls.patch | 20 ------------------- .../616-net_optimize_xfrm_calls.patch | 20 ------------------- .../616-net_optimize_xfrm_calls.patch | 20 ------------------- 3 files changed, 60 deletions(-) delete mode 100644 target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch delete mode 100644 target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch delete mode 100644 target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch diff --git a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch deleted file mode 100644 index c64694ea3c..0000000000 --- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch +++ /dev/null @@ -1,20 +0,0 @@ -From: Felix Fietkau -Subject: kernel: add a small xfrm related performance optimization - -Signed-off-by: Felix Fietkau ---- - net/netfilter/nf_nat_core.c | 3 +++ - 1 file changed, 3 insertions(+) - ---- a/net/netfilter/nf_nat_core.c -+++ b/net/netfilter/nf_nat_core.c -@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s - struct dst_entry *dst; - int err; - -+ if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT]) -+ return 0; -+ - err = xfrm_decode_session(skb, &fl, family); - if (err < 0) - return err; diff --git a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch deleted file mode 100644 index 6a5801027c..0000000000 --- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch +++ /dev/null @@ -1,20 +0,0 @@ -From: Felix Fietkau -Subject: kernel: add a small xfrm related performance optimization - -Signed-off-by: Felix Fietkau ---- - net/netfilter/nf_nat_core.c | 3 +++ - 1 file changed, 3 insertions(+) - ---- a/net/netfilter/nf_nat_core.c -+++ b/net/netfilter/nf_nat_core.c -@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s - struct sock *sk = skb->sk; - int err; - -+ if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT]) -+ return 0; -+ - err = xfrm_decode_session(skb, &fl, family); - if (err < 0) - return err; diff --git a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch b/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch deleted file mode 100644 index 952bf690d8..0000000000 --- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch +++ /dev/null @@ -1,20 +0,0 @@ -From: Felix Fietkau -Subject: kernel: add a small xfrm related performance optimization - -Signed-off-by: Felix Fietkau ---- - net/netfilter/nf_nat_core.c | 3 +++ - 1 file changed, 3 insertions(+) - ---- a/net/netfilter/nf_nat_core.c -+++ b/net/netfilter/nf_nat_core.c -@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s - struct sock *sk = skb->sk; - int err; - -+ if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT]) -+ return 0; -+ - err = xfrm_decode_session(skb, &fl, family); - if (err < 0) - return err; -- 2.25.1