From: arno@natisbad.org (Arnaud Ebalard)
To: Herbert Xu <herbert@gondor.apana.org.au>
Cc: David Miller <davem@davemloft.net>,
netdev@vger.kernel.org,
Andreas Steffen <andreas.steffen@strongswan.org>,
Martin Willi <martin@strongswan.org>,
Kazunori MIYAZAWA <kazunori@miyazawa.org>
Subject: Re: [PATCH] Have af-specific init_tempsel() initialize family field of temporary selector
Date: Tue, 04 Nov 2008 12:46:44 +0100 [thread overview]
Message-ID: <87ljvziuhn.fsf@natisbad.org> (raw)
In-Reply-To: <20081104112424.GB11049@gondor.apana.org.au> (Herbert Xu's message of "Tue, 4 Nov 2008 19:24:24 +0800")
Hi,
Herbert Xu <herbert@gondor.apana.org.au> writes:
> On Tue, Nov 04, 2008 at 11:24:51AM +0100, Arnaud Ebalard wrote:
>> Hi,
>>
>> While adding MIGRATE support to strongSwan, Andreas Steffen noticed that
>> the selectors provided in XFRM_MSG_ACQUIRE have their family field
>> uninitialized (those in MIGRATE do have their family set).
>>
>> Looking at the code, this is because the af-specific init_tempsel()
>> (called via afinfo->init_tempsel() in xfrm_init_tempsel()) do not set
>> the value.
>>
>> Even if current apps probably do not rely on it, is there any argument
>> for not doing it or is it just an omission?
>>
>> The patch below is more for discussion than anything else.
>
> We should ask the MIP6 folks since this may affect them.
Sorry Herbert, my initial comment was misleading: the family is not set
in the selectors provided in the *XFRM_MSG_ACQUIRE*, which is not MIPv6
related. I could check again, but I think the patch below will impact
all native key managers. Or did I miss something and there is a specific
reason why MIPv6 folks may be impacted?
>> Reported-by: Andreas Steffen <andreas.steffen@strongswan.org>
>> Signed-off-by: Arnaud Ebalard <arno@natisbad.org>
>> ---
>> net/ipv4/xfrm4_state.c | 1 +
>> net/ipv6/xfrm6_state.c | 1 +
>> 2 files changed, 2 insertions(+), 0 deletions(-)
>>
>> diff --git a/net/ipv4/xfrm4_state.c b/net/ipv4/xfrm4_state.c
>> index 07735ed..55dc6be 100644
>> --- a/net/ipv4/xfrm4_state.c
>> +++ b/net/ipv4/xfrm4_state.c
>> @@ -33,6 +33,7 @@ __xfrm4_init_tempsel(struct xfrm_state *x, struct flowi *fl,
>> x->sel.dport_mask = htons(0xffff);
>> x->sel.sport = xfrm_flowi_sport(fl);
>> x->sel.sport_mask = htons(0xffff);
>> + x->sel.family = AF_INET;
>> x->sel.prefixlen_d = 32;
>> x->sel.prefixlen_s = 32;
>> x->sel.proto = fl->proto;
>> diff --git a/net/ipv6/xfrm6_state.c b/net/ipv6/xfrm6_state.c
>> index 89884a4..60c78cf 100644
>> --- a/net/ipv6/xfrm6_state.c
>> +++ b/net/ipv6/xfrm6_state.c
>> @@ -34,6 +34,7 @@ __xfrm6_init_tempsel(struct xfrm_state *x, struct flowi *fl,
>> x->sel.dport_mask = htons(0xffff);
>> x->sel.sport = xfrm_flowi_sport(fl);
>> x->sel.sport_mask = htons(0xffff);
>> + x->sel.family = AF_INET6;
>> x->sel.prefixlen_d = 128;
>> x->sel.prefixlen_s = 128;
>> x->sel.proto = fl->proto;
>
> Cheers,
next prev parent reply other threads:[~2008-11-04 11:48 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-04 10:24 [PATCH] Have af-specific init_tempsel() initialize family field of temporary selector Arnaud Ebalard
2008-11-04 11:24 ` Herbert Xu
2008-11-04 11:46 ` Arnaud Ebalard [this message]
2008-11-04 11:52 ` Herbert Xu
2008-11-04 22:49 ` David Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87ljvziuhn.fsf@natisbad.org \
--to=arno@natisbad.org \
--cc=andreas.steffen@strongswan.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=kazunori@miyazawa.org \
--cc=martin@strongswan.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.