From: Steffen Klassert <steffen.klassert@secunet.com>
To: Deepanshu Kartikey <kartikey406@gmail.com>
Cc: <herbert@gondor.apana.org.au>, <davem@davemloft.net>,
<edumazet@google.com>, <kuba@kernel.org>, <pabeni@redhat.com>,
<horms@kernel.org>, <sd@queasysnail.net>,
<netdev@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH ipsec-next v3] xfrm: cleanup error path in xfrm_add_policy()
Date: Wed, 29 Apr 2026 09:33:32 +0200 [thread overview]
Message-ID: <afG0TLg68svCz3G1@secunet.com> (raw)
In-Reply-To: <CADhLXY7C8SAw1SehHmko6JpCqGXCDindcsDbVi0EBsbcsHbW_A@mail.gmail.com>
On Wed, Apr 29, 2026 at 07:31:40AM +0530, Deepanshu Kartikey wrote:
> On Tue, Apr 14, 2026 at 7:39 AM Deepanshu Kartikey
> <kartikey406@gmail.com> wrote:
> >
> > Replace the open-coded manual cleanup in the error path of
> > xfrm_add_policy() with xfrm_policy_destroy(), which already
> > handles all the necessary cleanup internally. This is consistent
> > with how xfrm_policy_construct() handles its own error paths.
> >
> > The walk.dead flag must be set before calling xfrm_policy_destroy()
> > as required by BUG_ON(!policy->walk.dead).
> >
> > Signed-off-by: Deepanshu Kartikey <kartikey406@gmail.com>
> > ---
> > v3:
> > - Changed prefix to ipsec-next as this is a cleanup
> > - Dropped syzbot references as suggested by Sabrina Dubroca
> > v2:
> > - Reworded commit message to reflect cleanup rather than bugfix
> > as suggested by Sabrina Dubroca
> > - Removed incorrect Fixes: and Closes: tags
> > - Corrected subject prefix to PATCH ipsec
> > ---
> > net/xfrm/xfrm_user.c | 5 ++---
> > 1 file changed, 2 insertions(+), 3 deletions(-)
> >
> > diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
> > index d56450f61669..ae144d1e4a65 100644
> > --- a/net/xfrm/xfrm_user.c
> > +++ b/net/xfrm/xfrm_user.c
> > @@ -2267,9 +2267,8 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
> >
> > if (err) {
> > xfrm_dev_policy_delete(xp);
> > - xfrm_dev_policy_free(xp);
> > - security_xfrm_policy_free(xp->security);
> > - kfree(xp);
> > + xp->walk.dead = 1;
> > + xfrm_policy_destroy(xp);
> > return err;
> > }
> >
> > --
> > 2.43.0
> >
> Gentle ping on this patch . Please let me know the status of this patch.
> If anything is required from my side
Your patch was submitted during the merge window. The net-next
and ipsec-next trees don't accept patches during this period.
The merge window ended last Sunday with the release of 7.1-rc1.
I prepared the ipsec-next tree for the new development cycle
yesterday. I'll consider your patch now.
next prev parent reply other threads:[~2026-04-29 7:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-14 2:09 [PATCH ipsec-next v3] xfrm: cleanup error path in xfrm_add_policy() Deepanshu Kartikey
2026-04-29 2:01 ` Deepanshu Kartikey
2026-04-29 7:33 ` Steffen Klassert [this message]
2026-05-04 8:07 ` Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afG0TLg68svCz3G1@secunet.com \
--to=steffen.klassert@secunet.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=horms@kernel.org \
--cc=kartikey406@gmail.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sd@queasysnail.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.