Re: [PATCH ipsec-next v8 04/14] xfrm: fix NAT-related field inheritance in SA migration

Next message: Alice Ryhl: "Re: [PATCH v4 2/4] ynl_gen: generate Rust files from yaml files"
Previous message: Heiko Carstens: "Re: [PATCH v5 3/4] KVM: s390: Change the fi-&gt;lock to a raw_spinlock for RT case"
In reply to: Sabrina Dubroca: "Re: [PATCH ipsec-next v8 04/14] xfrm: fix NAT-related field inheritance in SA migration"
Next in thread: Sabrina Dubroca: "Re: [PATCH ipsec-next v8 04/14] xfrm: fix NAT-related field inheritance in SA migration"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steffen Klassert

Date: Thu May 07 2026 - 06:03:41 EST

On Thu, May 07, 2026 at 11:33:09AM +0200, Sabrina Dubroca wrote:
> 2026-05-05, 06:32:43 +0200, Antony Antony wrote:
> > During SA migration via xfrm_state_clone_and_setup(),
> > nat_keepalive_interval was silently dropped and never copied to the new
> > SA. mapping_maxage was unconditionally copied even when migrating to a
> > non-encapsulated SA.
>
> mapping_maxage should be harmless (0/unused on non-encap), but I think
> migrating nat_keepalive_interval should be considered a fix:
>
> Fixes: f531d13bdfe3 ("xfrm: support sending NAT keepalives in ESP in UDP states")
>
> (maybe even split out of this series, but that would cause a conflict
> with the previous patch)

Can this be backported without the previous patches?
If not, we might need to split it out.