From: Antony Antony <antony@phenome.org>
To: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Antony Antony <antony.antony@secunet.com>,
Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>,
devel@linux-ipsec.org, Jakub Kicinski <kuba@kernel.org>,
netdev@vger.kernel.org
Subject: Re: [devel-ipsec] [PATCH v2 ipsec-next 2/2] xfrm: fix source address in icmp error generation from IPsec gateway
Date: Sun, 26 Nov 2023 00:15:18 +0100 [thread overview]
Message-ID: <ZWKABgdw2lImWXrZ@Antony2201.local> (raw)
In-Reply-To: <ZVcwoX4clOp3NimG@gauss3.secunet.de>
On Fri, Nov 17, 2023 at 10:21:37AM +0100, Steffen Klassert via Devel wrote:
> On Fri, Oct 27, 2023 at 10:16:52AM +0200, Antony Antony wrote:
> >
> > diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c
> > index e63a3bf99617..bec234637122 100644
> > --- a/net/ipv4/icmp.c
> > +++ b/net/ipv4/icmp.c
> > @@ -555,7 +555,6 @@ static struct rtable *icmp_route_lookup(struct net *net,
> > XFRM_LOOKUP_ICMP);
> > if (!IS_ERR(rt2)) {
> > dst_release(&rt->dst);
> > - memcpy(fl4, &fl4_dec, sizeof(*fl4));
>
> This is not really IPsec code. The change needs either an
> Ack of one of the netdev Maintainers, or it has to go
I understand your concern. I chose to submit the change to ipsec-next as it
is directly related to the outcome of a successful xfrm_lookup().
> through the nedev tree. Also, please consider this as
> a fix.
It is a fix:) I considered including a 'Fixes:' tag initially but ultimately
decided against it. My hesitation stemmed from the concern that if this fix
were backported, it could inadvertently trigger regressions in someone’s
test suite. This might lead to requests for a revert through the ipsec tree,
which I am keen to avoid.
However, I do concur that this submission qualifies as a fix. Is there a way
to include the 'Fixes:' tag while also advising against backporting it to
reduce the risk of potential regressions?
I will add the 'Fixes:' tag to the new version. When it comes to backport I
will recomend not to backport this fix. Please keep an eye out for those
messages. This could get backported to all curently maintained releases!
The key reason for pairing this update with my other patch ("xfrm: introduce
forwarding of ICMP Error messages") is to proactively address any potential
claims of a regression. Without this new patch, it's conceivable that the
changes could be misinterpreted as causing a regression, especially
considering that the commit this patch addresses is 12 years old! By
submitting them together, it should help clarify that these changes are, in
fact, rectifying long-standing issues rather than introducing new ones.
I believe applying two patches together will provide a clearer context for
both the changes and help streamline their acceptance and integration.
thanks,
-antony
next prev parent reply other threads:[~2023-11-25 23:15 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <YTXGGiMzsda6mcm2@AntonyAntony.local>
2021-12-19 0:28 ` [RFC PATCH ipsec-next] xfrm: add forwarding ICMP error message Antony Antony
2023-10-26 14:45 ` [PATCH ipsec-next 1/2] xfrm: introduce forwarding of ICMP Error messages Antony Antony
2023-10-26 19:41 ` kernel test robot
2024-01-30 10:36 ` Dan Carpenter
2024-01-31 19:38 ` Antony Antony
2024-01-31 19:48 ` Dan Carpenter
2024-01-31 19:50 ` Dan Carpenter
2023-10-26 14:45 ` [PATCH ipsec-next 2/2] xfrm: fix source address in icmp error generation from IPsec gateway Antony Antony
2023-10-27 8:16 ` [PATCH v2 ipsec-next 1/2] xfrm: introduce forwarding of ICMP Error messages Antony Antony
2023-11-17 9:13 ` Steffen Klassert
2023-11-25 22:48 ` [devel-ipsec] " Antony Antony
2023-10-27 8:16 ` [PATCH v2 ipsec-next 2/2] xfrm: fix source address in icmp error generation from IPsec gateway Antony Antony
2023-10-27 13:30 ` [devel-ipsec] " Michael Richardson
2023-10-29 10:26 ` Antony Antony
2023-10-31 7:59 ` Michael Richardson
2023-11-17 9:21 ` Steffen Klassert
2023-11-25 23:15 ` Antony Antony [this message]
2023-12-19 20:29 ` [PATCH v3 ipsec-next 1/2] xfrm: introduce forwarding of ICMP Error messages Antony Antony
2023-12-19 20:30 ` [PATCH v3 ipsec-next 2/2] xfrm: fix source address in icmp error generation from IPsec gateway Antony Antony
2023-12-21 13:12 ` [PATCH v4 ipsec-next 1/2] xfrm: introduce forwarding of ICMP Error messages Antony Antony
2023-12-21 13:12 ` [PATCH v4 ipsec-next 2/2] xfrm: fix source address in icmp error generation from IPsec gateway Antony Antony
2023-12-22 7:23 ` Steffen Klassert
2023-12-22 12:56 ` Antony Antony
2023-12-22 12:57 ` [PATCH v5 ipsec-next] xfrm: introduce forwarding of ICMP Error messages Antony Antony
2024-01-04 9:39 ` Steffen Klassert
2024-01-19 11:27 ` [PATCH v6 " Antony Antony
2024-01-26 9:11 ` Steffen Klassert
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZWKABgdw2lImWXrZ@Antony2201.local \
--to=antony@phenome.org \
--cc=antony.antony@secunet.com \
--cc=davem@davemloft.net \
--cc=devel@linux-ipsec.org \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=steffen.klassert@secunet.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).