Re: [PATCH ipsec-next v8 04/14] xfrm: fix NAT-related field inheritance in SA migration

Next message: Mukesh Ojha: "Re: [PATCH 0/4] firmware: qcom: scm: Add minidump SRAM destination support"
Previous message: Tommaso Merciai: "[PATCH v7 4/4] drm: renesas: rz-du: mipi_dsi: Add support for RZ/G3E"
In reply to: Steffen Klassert: "Re: [PATCH ipsec-next v8 04/14] xfrm: fix NAT-related field inheritance in SA migration"
Next in thread: Antony Antony: "[PATCH ipsec-next v8 05/14] xfrm: rename reqid in xfrm_migrate"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Sabrina Dubroca

Date: Thu May 07 2026 - 06:18:38 EST

2026-05-07, 11:56:58 +0200, Steffen Klassert wrote:
> On Thu, May 07, 2026 at 11:33:09AM +0200, Sabrina Dubroca wrote:
> > 2026-05-05, 06:32:43 +0200, Antony Antony wrote:
> > > During SA migration via xfrm_state_clone_and_setup(),
> > > nat_keepalive_interval was silently dropped and never copied to the new
> > > SA. mapping_maxage was unconditionally copied even when migrating to a
> > > non-encapsulated SA.
> >
> > mapping_maxage should be harmless (0/unused on non-encap), but I think
> > migrating nat_keepalive_interval should be considered a fix:
> >
> > Fixes: f531d13bdfe3 ("xfrm: support sending NAT keepalives in ESP in UDP states")
> >
> > (maybe even split out of this series, but that would cause a conflict
> > with the previous patch)
>
> Can this be backported without the previous patches?
> If not, we might need to split it out.

git cherry-pick managed to handle the small context change, so it's
probably fine like this.

--
Sabrina