generic: drop 616-net_optimize_xfrm_calls.patch

The conditional check introduced by this patch may trigger a NULL pointer dereference in case the result of dev_net() is NULL. Since the purpose of this patch is neither sufficiently explained and since this patch apparently has never been submitted upstream despite it being in the pending-* patch directory, I propose to drop it without replacement. If the performance implications of dropping this patch are found to be significiant, it should be reintroduced with proper description and benchmark results. Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2943 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
4 years ago · 93294b516e
parent 8d9e26457c
commit 93294b516e
3 changed files with 0 additions and 60 deletions
--- a/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
+++ b/target/linux/generic/pending-4.14/616-net_optimize_xfrm_calls.patch
@ -1,20 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
--- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -90,6 +90,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct dst_entry *dst;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;
--- a/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
+++ b/target/linux/generic/pending-4.19/616-net_optimize_xfrm_calls.patch
@ -1,20 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
--- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -110,6 +110,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct sock *sk = skb->sk;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;
--- a/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
+++ b/target/linux/generic/pending-5.4/616-net_optimize_xfrm_calls.patch
@ -1,20 +0,0 @@
-From: Felix Fietkau <nbd@nbd.name>
-Subject: kernel: add a small xfrm related performance optimization
-
-Signed-off-by: Felix Fietkau <nbd@nbd.name>
---
- net/netfilter/nf_nat_core.c | 3 +++
- 1 file changed, 3 insertions(+)
-
--- a/net/netfilter/nf_nat_core.c
-+++ b/net/netfilter/nf_nat_core.c
-@@ -155,6 +155,9 @@ int nf_xfrm_me_harder(struct net *net, s
- 	struct sock *sk = skb->sk;
- 	int err;
- 
-+	if (skb->dev && !dev_net(skb->dev)->xfrm.policy_count[XFRM_POLICY_OUT])
-+		return 0;
-+
- 	err = xfrm_decode_session(skb, &fl, family);
- 	if (err < 0)
- 		return err;