On 03/12/2024 15:58, Paolo Abeni wrote:
On 12/2/24 16:07, Antonio Quartulli wrote:@@ -286,6 +292,31 @@ struct ovpn_peer *ovpn_peer_get_by_dst(struct ovpn_priv *ovpn, return peer; }+/**+ * ovpn_peer_check_by_src - check that skb source is routed via peer + * @ovpn: the openvpn instance to search + * @skb: the packet to extract source address from + * @peer: the peer to check against the source address + * + * Return: true if the peer is matching or false otherwise + */ +bool ovpn_peer_check_by_src(struct ovpn_priv *ovpn, struct sk_buff *skb, + struct ovpn_peer *peer) +{ + bool match = false; + + if (ovpn->mode == OVPN_MODE_P2P) { + /* in P2P mode, no matter the destination, packets are always + * sent to the single peer listening on the other side + */ + rcu_read_lock(); + match = (peer == rcu_dereference(ovpn->peer)); + rcu_read_unlock();Here you are not dereferencing ovpn->peer, so you can use rcu_access_pointer() instead and avoid the rcu_read_lock/unlock() pair.
I see - thanks for pointing this out! Will switch to rcu_access_pointer(). Regards, -- Antonio Quartulli OpenVPN Inc.
