Re: [PATCH 00/19] tcp: Initial support for RFC5925 auth option

From: Jakub Kicinski
Date: Thu Sep 23 2021 - 09:58:09 EST


On Thu, 23 Sep 2021 10:49:53 +0300 Leonard Crestez wrote:
> Many of the patch splits were artificially created in order to ease
> review, for example "signing packets" doesn't do anything without also
> "hooking in the tcp stack". Some static functions will trigger warnings
> because they're unused until the next patch, not clear what the
> preferred solution would be here. I could remove the "static" marker
> until the next patch or reverse the order and have the initial "tcp
> integration" patches call crypto code that just returns an error and
> fills-in a signature of zeros.

Ease of review is important, so although discouraged transient warnings
are acceptable if the code is much easier to read that way. The problem
here was that the build was also broken, but looking at it again I
think you're just missing exports, please make sure to build test with
IPV6 compiled as a module:

ERROR: modpost: "tcp_authopt_hash" [net/ipv6/ipv6.ko] undefined!
ERROR: modpost: "__tcp_authopt_select_key" [net/ipv6/ipv6.ko] undefined!