mirror of
git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
synced 2025-08-05 16:54:27 +00:00
9f8550e4bd
The disable_xfrm flag signals that xfrm should not be performed during
routing towards a device before reaching device xmit.
For xfrm interfaces this is usually desired as they perform the outbound
policy lookup as part of their xmit using their if_id.
Before this change enabling this flag on xfrm interfaces prevented them
from xmitting as xfrm_lookup_with_ifid() would not perform a policy lookup
in case the original dst had the DST_NOXFRM flag.
This optimization is incorrect when the lookup is done by the xfrm
interface xmit logic.
Fix by performing policy lookup when invoked by xfrmi as if_id != 0.
Similarly it's unlikely for the 'no policy exists on net' check to yield
any performance benefits when invoked from xfrmi.
Fixes:
|
||
|---|---|---|
| .. | ||
| espintcp.c | ||
| Kconfig | ||
| Makefile | ||
| xfrm_algo.c | ||
| xfrm_compat.c | ||
| xfrm_device.c | ||
| xfrm_hash.c | ||
| xfrm_hash.h | ||
| xfrm_inout.h | ||
| xfrm_input.c | ||
| xfrm_interface.c | ||
| xfrm_ipcomp.c | ||
| xfrm_output.c | ||
| xfrm_policy.c | ||
| xfrm_proc.c | ||
| xfrm_replay.c | ||
| xfrm_state.c | ||
| xfrm_sysctl.c | ||
| xfrm_user.c | ||