Re: [PATCH ipsec-next v3] xfrm: cleanup error path in xfrm_add_policy()

Next message: auth: "[PATCH] staging: media: atomisp: ov2722: clean up ov2722_startup()"
Previous message: Eric Dumazet: "Re: [PATCH net 2/2] ip6_gre: Use cached t-&gt;net in ip6erspan_changelink()."
Next in thread: Steffen Klassert: "Re: [PATCH ipsec-next v3] xfrm: cleanup error path in xfrm_add_policy()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Deepanshu Kartikey

Date: Tue Apr 28 2026 - 22:02:03 EST

On Tue, Apr 14, 2026 at 7:39 AM Deepanshu Kartikey
<kartikey406@xxxxxxxxx> wrote:
>
> Replace the open-coded manual cleanup in the error path of
> xfrm_add_policy() with xfrm_policy_destroy(), which already
> handles all the necessary cleanup internally. This is consistent
> with how xfrm_policy_construct() handles its own error paths.
>
> The walk.dead flag must be set before calling xfrm_policy_destroy()
> as required by BUG_ON(!policy->walk.dead).
>
> Signed-off-by: Deepanshu Kartikey <kartikey406@xxxxxxxxx>
> ---
> v3:
> - Changed prefix to ipsec-next as this is a cleanup
> - Dropped syzbot references as suggested by Sabrina Dubroca
> v2:
> - Reworded commit message to reflect cleanup rather than bugfix
> as suggested by Sabrina Dubroca
> - Removed incorrect Fixes: and Closes: tags
> - Corrected subject prefix to PATCH ipsec
> ---
> net/xfrm/xfrm_user.c | 5 ++---
> 1 file changed, 2 insertions(+), 3 deletions(-)
>
> diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
> index d56450f61669..ae144d1e4a65 100644
> --- a/net/xfrm/xfrm_user.c
> +++ b/net/xfrm/xfrm_user.c
> @@ -2267,9 +2267,8 @@ static int xfrm_add_policy(struct sk_buff *skb, struct nlmsghdr *nlh,
>
> if (err) {
> xfrm_dev_policy_delete(xp);
> - xfrm_dev_policy_free(xp);
> - security_xfrm_policy_free(xp->security);
> - kfree(xp);
> + xp->walk.dead = 1;
> + xfrm_policy_destroy(xp);
> return err;
> }
>
> --
> 2.43.0
>
Gentle ping on this patch . Please let me know the status of this patch.
If anything is required from my side

Thanks