On Mon, 25 Jun 2018 16:41:35 -0700, Shannon Nelson wrote:
> Implement the IPsec/XFRM offload API for testing.
>
> Signed-off-by: Shannon Nelson <shannon.nel...@oracle.com>
> ---
> V2 - addressed formatting comments from Jakub Kicinski
Thanks! One more comment below, otherwise:
Reviewed-by: Jakub Kicinski <jakub.kicin...@netronome.com>
> +static void nsim_ipsec_del_sa(struct xfrm_state *xs)
> +{
> + struct net_device *dev = xs->xso.dev;
> + struct netdevsim *ns = netdev_priv(dev);
> + struct nsim_ipsec *ipsec = &ns->ipsec;
> + u16 sa_idx;
I didn't point this out, but above also breaks the reverse xmas tree
rule. Sorry for not mentioning it, the "please fix everywhere" was
implicit :(
> + sa_idx = xs->xso.offload_handle & ~NSIM_IPSEC_VALID;
> + if (!ipsec->sa[sa_idx].used) {
> + netdev_err(dev, "Invalid SA for delete sa_idx=%d\n", sa_idx);
> + return;
> + }
> +
> + memset(&ipsec->sa[sa_idx], 0, sizeof(struct nsim_sa));
> + ipsec->count--;
> +}
> +
> +static bool nsim_ipsec_offload_ok(struct sk_buff *skb, struct xfrm_state *xs)
> +{
> + struct net_device *dev = xs->xso.dev;
> + struct netdevsim *ns = netdev_priv(dev);
And here, but you don't use the dev here, so you can just inline the
xs->xso.dev into netdev_priv().
> + struct nsim_ipsec *ipsec = &ns->ipsec;
> +
> + ipsec->ok++;
> +
> + return true;
> +}
