[PATCH ipsec-next 2/6] xfrm: allow migration from UDP encapsulated to... | netdev

[PATCH ipsec-next 0/6] xfrm: XFRM_MSG_MIGRATE_STATE new netlink message · Antony Antony <hidden> · 2026-01-09
[PATCH ipsec-next 1/6] xfrm: remove redundent assignment · Antony Antony <hidden> · 2026-01-09
Re: [PATCH ipsec-next 1/6] xfrm: remove redundent assignment · Simon Horman <horms@kernel.org> · 2026-01-13
[PATCH ipsec-next 2/6] xfrm: allow migration from UDP encapsulated to non-encapsulated ESP · Antony Antony <hidden> · 2026-01-09
[PATCH ipsec-next 3/6] xfrm: rename reqid in xfrm_migrate · Antony Antony <hidden> · 2026-01-09
[PATCH ipsec-next 4/6] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-01-09
Re: [PATCH ipsec-next 4/6] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Simon Horman <horms@kernel.org> · 2026-01-13
Re: [devel-ipsec] Re: [PATCH ipsec-next 4/6] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-01-14
Re: [devel-ipsec] Re: [PATCH ipsec-next 4/6] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Simon Horman <horms@kernel.org> · 2026-01-15
Re: [devel-ipsec] Re: [PATCH ipsec-next 4/6] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Antony Antony <hidden> · 2026-01-16
Re: [devel-ipsec] Re: [PATCH ipsec-next 4/6] xfrm: add XFRM_MSG_MIGRATE_STATE for single SA migration · Simon Horman <horms@kernel.org> · 2026-01-16
[PATCH ipsec-next 5/6] xfrm: reqid is invarient in old migration · Antony Antony <hidden> · 2026-01-09
[PATCH ipsec-next 6/6] xfrm: check that SA is in VALID state before use · Antony Antony <hidden> · 2026-01-09

STALE160d

[PATCH ipsec-next 2/6] xfrm: allow migration from UDP encapsulated to non-encapsulated ESP

From: Antony Antony <hidden>
Date: 2026-01-09 13:37:35
Subsystem: networking [general], networking [ipsec], the rest · Maintainers: "David S. Miller", Eric Dumazet, Jakub Kicinski, Paolo Abeni, Steffen Klassert, Herbert Xu, Linus Torvalds

The current code prevents migrating an SA from UDP encapsulation to
plain ESP. This is needed when moving from a NATed path to a non-NATed
one, for example when switching from IPv4+NAT to IPv6.

Only copy the existing encapsulation during migration if the encap
attribute is explicitly provided.

Signed-off-by: Antony Antony <redacted>
---
 net/xfrm/xfrm_state.c | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
index 5ebb9f53956e..e5e8342a4e0a 100644
--- a/net/xfrm/xfrm_state.c
+++ b/net/xfrm/xfrm_state.c

@@ -2009,14 +2009,8 @@ static struct xfrm_state *xfrm_state_clone_and_setup(struct xfrm_state *orig,
 	}
 	x->props.calgo = orig->props.calgo;
 
-	if (encap || orig->encap) {
-		if (encap)
-			x->encap = kmemdup(encap, sizeof(*x->encap),
-					GFP_KERNEL);
-		else
-			x->encap = kmemdup(orig->encap, sizeof(*x->encap),
-					GFP_KERNEL);
-
+	if (encap) {
+		x->encap = kmemdup(encap, sizeof(*x->encap), GFP_KERNEL);
 		if (!x->encap)
 			goto error;
 	}

-- 
2.39.5

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help