From: patchwork-bot+netdevbpf@kernel.org
To: Steffen Klassert <steffen.klassert@secunet.com>
Cc: davem@davemloft.net, kuba@kernel.org,
herbert@gondor.apana.org.au, netdev@vger.kernel.org
Subject: Re: [PATCH 1/6] xfrm: fix policy lookup for ipv6 gre packets
Date: Thu, 06 Jan 2022 12:20:10 +0000 [thread overview]
Message-ID: <164147161095.27983.2505174339598036867.git-patchwork-notify@kernel.org> (raw)
In-Reply-To: <20220106093606.3046771-2-steffen.klassert@secunet.com>
Hello:
This series was applied to netdev/net.git (master)
by Steffen Klassert <steffen.klassert@secunet.com>:
On Thu, 6 Jan 2022 10:36:01 +0100 you wrote:
> From: Ghalem Boudour <ghalem.boudour@6wind.com>
>
> On egress side, xfrm lookup is called from __gre6_xmit() with the
> fl6_gre_key field not initialized leading to policies selectors check
> failure. Consequently, gre packets are sent without encryption.
>
> On ingress side, INET6_PROTO_NOPOLICY was set, thus packets were not
> checked against xfrm policies. Like for egress side, fl6_gre_key should be
> correctly set, this is now done in decode_session6().
>
> [...]
Here is the summary with links:
- [1/6] xfrm: fix policy lookup for ipv6 gre packets
https://git.kernel.org/netdev/net/c/bcf141b2eb55
- [2/6] xfrm: fix dflt policy check when there is no policy configured
https://git.kernel.org/netdev/net/c/ec3bb890817e
- [3/6] xfrm: fix a small bug in xfrm_sa_len()
https://git.kernel.org/netdev/net/c/7770a39d7c63
- [4/6] xfrm: interface with if_id 0 should return error
https://git.kernel.org/netdev/net/c/8dce43919566
- [5/6] xfrm: state and policy should fail if XFRMA_IF_ID 0
https://git.kernel.org/netdev/net/c/68ac0f3810e7
- [6/6] net/xfrm: IPsec tunnel mode fix inner_ipproto setting in sec_path
https://git.kernel.org/netdev/net/c/45a98ef4922d
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
next prev parent reply other threads:[~2022-01-06 12:20 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-06 9:36 pull request (net): ipsec 2022-01-06 Steffen Klassert
2022-01-06 9:36 ` [PATCH 1/6] xfrm: fix policy lookup for ipv6 gre packets Steffen Klassert
2022-01-06 12:20 ` patchwork-bot+netdevbpf [this message]
2022-01-06 9:36 ` [PATCH 2/6] xfrm: fix dflt policy check when there is no policy configured Steffen Klassert
2022-01-06 9:36 ` [PATCH 3/6] xfrm: fix a small bug in xfrm_sa_len() Steffen Klassert
2022-01-06 9:36 ` [PATCH 4/6] xfrm: interface with if_id 0 should return error Steffen Klassert
2022-01-06 9:36 ` [PATCH 5/6] xfrm: state and policy should fail if XFRMA_IF_ID 0 Steffen Klassert
2022-01-06 9:36 ` [PATCH 6/6] net/xfrm: IPsec tunnel mode fix inner_ipproto setting in sec_path Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=164147161095.27983.2505174339598036867.git-patchwork-notify@kernel.org \
--to=patchwork-bot+netdevbpf@kernel.org \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).