From mboxrd@z Thu Jan  1 00:00:00 1970
From: Sowmini Varadhan <sowmini.varadhan@oracle.com>
Subject: [PATCH V2 ipsec-next 0/2] xfrm: bug fixes when processing multiple transforms
Date: Mon,  3 Sep 2018 04:36:51 -0700
Message-ID: <cover.1535973419.git.sowmini.varadhan@oracle.com>
Cc: davem@davemloft.net, sowmini.varadhan@oracle.com
To: netdev@vger.kernel.org, steffen.klassert@secunet.com
Return-path: <netdev-owner@vger.kernel.org>
Received: from aserp2120.oracle.com ([141.146.126.78]:51150 "EHLO
        aserp2120.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1727159AbeICP63 (ORCPT
        <rfc822;netdev@vger.kernel.org>); Mon, 3 Sep 2018 11:58:29 -0400
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

This series contains bug fixes that were encountered when I set
up a libreswan tunnel using the config below, which will set up
an IPsec policy involving 2 tmpls.

    type=transport
    compress=yes
    esp=aes_gcm_c-128-null # offloaded to Niantic
    auto=start

The non-offload test case uses  esp=aes_gcm_c-256-null.

Each patch has a technical description of the contents of the fix.

V2: added Fixes tag so that it can be backported to the stable trees.

Sowmini Varadhan (2):
  xfrm: reset transport header back to network header after all input
    transforms ahave been applied
  xfrm: reset crypto_done when iterating over multiple input xfrms

 net/ipv4/xfrm4_input.c          |    1 +
 net/ipv4/xfrm4_mode_transport.c |    4 +---
 net/ipv6/xfrm6_input.c          |    1 +
 net/ipv6/xfrm6_mode_transport.c |    4 +---
 net/xfrm/xfrm_input.c           |    1 +
 5 files changed, 5 insertions(+), 6 deletions(-)