From: Steffen Klassert <steffen.klassert@secunet.com>
To: Deepanshu Kartikey <kartikey406@gmail.com>
Cc: <herbert@gondor.apana.org.au>, <davem@davemloft.net>,
<edumazet@google.com>, <kuba@kernel.org>, <pabeni@redhat.com>,
<horms@kernel.org>, <sd@queasysnail.net>,
<netdev@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH ipsec-next v3] xfrm: cleanup error path in xfrm_add_policy()
Date: Wed, 29 Apr 2026 09:33:32 +0200 [thread overview]
Message-ID: <afG0TLg68svCz3G1@secunet.com> (raw)
In-Reply-To: <CADhLXY7C8SAw1SehHmko6JpCqGXCDindcsDbVi0EBsbcsHbW_A@mail.gmail.com>
On Wed, Apr 29, 2026 at 07:31:40AM +0530, Deepanshu Kartikey wrote:
> On Tue, Apr 14, 2026 at 7:39 AM Deepanshu Kartikey
> <kartikey406@gmail.com> wrote:
> >
> > Replace the open-coded manual cleanup in the error path of
> > xfrm_add_policy() with xfrm_policy_destroy(), which already
> > handles all the necessary cleanup internally. This is consistent
> > with how xfrm_policy_construct() handles its own error paths.
> >
> > The walk.dead flag must be set before calling xfrm_policy_destroy()
> > as required by BUG_ON(!policy->walk.dead).
> >
> > Signed-off-by: Deepanshu Kartikey <kartikey406@gmail.com>
> > ---
> > v3:
> > - Changed prefix to ipsec-next as this is a cleanup
> > - Dropped syzbot references as suggested by Sabrina Dubroca
> > v2:
> > - Reworded commit message to reflect cleanup rather than bugfix
> > as suggested by Sabrina Dubroca
> > - Removed incorrect Fixes: and Closes: tags
> > - Corrected subject prefix to PATCH ipsec
> > ---
> > net/xfrm/xfrm_user.c | 5 ++---
> > 1 file changed, 2 insertions(+), 3 deletions(-)
> >
> > diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
> > index d56450f61669..ae144d1e4a65 100644
> > --- a/net/xfrm/xfrm_user.c
> > +++ b/net/xfrm/xfrm_user.c
> > @@ -2267,9 +2267,8 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
> >
> > if (err) {
> > xfrm_dev_policy_delete(xp);
> > - xfrm_dev_policy_free(xp);
> > - security_xfrm_policy_free(xp->security);
> > - kfree(xp);
> > + xp->walk.dead = 1;
> > + xfrm_policy_destroy(xp);
> > return err;
> > }
> >
> > --
> > 2.43.0
> >
> Gentle ping on this patch . Please let me know the status of this patch.
> If anything is required from my side
Your patch was submitted during the merge window. The net-next
and ipsec-next trees don't accept patches during this period.
The merge window ended last Sunday with the release of 7.1-rc1.
I prepared the ipsec-next tree for the new development cycle
yesterday. I'll consider your patch now.
next prev parent reply other threads:[~2026-04-29 7:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-14 2:09 [PATCH ipsec-next v3] xfrm: cleanup error path in xfrm_add_policy() Deepanshu Kartikey
2026-04-29 2:01 ` Deepanshu Kartikey
2026-04-29 7:33 ` Steffen Klassert [this message]
2026-05-04 8:07 ` Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afG0TLg68svCz3G1@secunet.com \
--to=steffen.klassert@secunet.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=horms@kernel.org \
--cc=kartikey406@gmail.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sd@queasysnail.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox