net/mlx5: Avoid using xso.real_dev unnecessarily

xso.real_dev is the active device of an offloaded xfrm state and is
managed by bonding. As such, it's subject to change when states are
migrated to a new device. Using it in places other than
offloading/unoffloading the states is risky.

This commit saves the device into the driver-specific struct
mlx5e_ipsec_sa_entry and switches mlx5e_ipsec_init_macs() and
mlx5e_ipsec_netevent_event() to make use of it.

Additionally, mlx5e_xfrm_update_stats() used xso.real_dev to validate
that correct net locks are held. But in a bonding config, the net of the
master device is the same as the underlying devices, and the net is
already a local var, so use that instead.

The only remaining references to xso.real_dev are now in the
.xdo_dev_state_add() / .xdo_dev_state_delete() path.

Signed-off-by: Cosmin Ratiu <cratiu@nvidia.com>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Reviewed-by: Nikolay Aleksandrov <razor@blackwall.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
index 2dd842aac6fc479c6c33538f3157d1cca69b1bfe..626e525c0f0d7ecace6fac7b97a049d501106962 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.c
@@ -259,8 +259,7 @@ static void mlx5e_ipsec_init_macs(struct mlx5e_ipsec_sa_entry *sa_entry,
                                  struct mlx5_accel_esp_xfrm_attrs *attrs)
 {
        struct mlx5_core_dev *mdev = mlx5e_ipsec_sa2dev(sa_entry);
-       struct xfrm_state *x = sa_entry->x;
-       struct net_device *netdev;
+       struct net_device *netdev = sa_entry->dev;
        struct neighbour *n;
        u8 addr[ETH_ALEN];
        const void *pkey;
@@ -270,8 +269,6 @@ static void mlx5e_ipsec_init_macs(struct mlx5e_ipsec_sa_entry *sa_entry,
            attrs->type != XFRM_DEV_OFFLOAD_PACKET)
                return;
 
-       netdev = x->xso.real_dev;
-
        mlx5_query_mac_address(mdev, addr);
        switch (attrs->dir) {
        case XFRM_DEV_OFFLOAD_IN:
@@ -713,6 +710,7 @@ static int mlx5e_xfrm_add_state(struct xfrm_state *x,
                return -ENOMEM;
 
        sa_entry->x = x;
+       sa_entry->dev = netdev;
        sa_entry->ipsec = ipsec;
        /* Check if this SA is originated from acquire flow temporary SA */
        if (x->xso.flags & XFRM_DEV_OFFLOAD_FLAG_ACQ)
@@ -855,8 +853,6 @@ static int mlx5e_ipsec_netevent_event(struct notifier_block *nb,
        struct mlx5e_ipsec_sa_entry *sa_entry;
        struct mlx5e_ipsec *ipsec;
        struct neighbour *n = ptr;
-       struct net_device *netdev;
-       struct xfrm_state *x;
        unsigned long idx;
 
        if (event != NETEVENT_NEIGH_UPDATE || !(n->nud_state & NUD_VALID))
@@ -876,11 +872,9 @@ static int mlx5e_ipsec_netevent_event(struct notifier_block *nb,
                                continue;
                }
 
-               x = sa_entry->x;
-               netdev = x->xso.real_dev;
                data = sa_entry->work->data;
 
-               neigh_ha_snapshot(data->addr, n, netdev);
+               neigh_ha_snapshot(data->addr, n, sa_entry->dev);
                queue_work(ipsec->wq, &sa_entry->work->work);
        }
 
@@ -996,8 +990,8 @@ static void mlx5e_xfrm_update_stats(struct xfrm_state *x)
        size_t headers;
 
        lockdep_assert(lockdep_is_held(&x->lock) ||
-                      lockdep_is_held(&dev_net(x->xso.real_dev)->xfrm.xfrm_cfg_mutex) ||
-                      lockdep_is_held(&dev_net(x->xso.real_dev)->xfrm.xfrm_state_lock));
+                      lockdep_is_held(&net->xfrm.xfrm_cfg_mutex) ||
+                      lockdep_is_held(&net->xfrm.xfrm_state_lock));
 
        if (x->xso.flags & XFRM_DEV_OFFLOAD_FLAG_ACQ)
                return;

diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h
index a63c2289f8af929256686171755f09e9f0147690..ffcd0cdeb775441eebb65952ffaeef5bb4e1db8b 100644 (file)
--- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h
+++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ipsec.h
@@ -274,6 +274,7 @@ struct mlx5e_ipsec_limits {
 struct mlx5e_ipsec_sa_entry {
        struct mlx5e_ipsec_esn_state esn_state;
        struct xfrm_state *x;
+       struct net_device *dev;
        struct mlx5e_ipsec *ipsec;
        struct mlx5_accel_esp_xfrm_attrs attrs;
        void (*set_iv_op)(struct sk_buff *skb, struct xfrm_state *x,