Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp929299ybt; Wed, 8 Jul 2020 15:38:41 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyQzO0JimnWu0Tkqy5sJxRAS6+BCscSpbEK6kzJXcUOEreuHgNOD8BiL/qV7Q/z8GpV0xk1 X-Received: by 2002:aa7:c54f:: with SMTP id s15mr71634724edr.175.1594247920904; Wed, 08 Jul 2020 15:38:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594247920; cv=none; d=google.com; s=arc-20160816; b=XR6SeAII66XfAEUlKoRCTKV52enREgb6n8DnA0gZubU7mgml2V9WcTixQ1ZNMgd2l0 9XNG74VgbWulB5m4aLV3bgTsD0+ODAkyHsyW5Fx8eSO3UUjwHyCOk92+t75CJVn0moYB MefbkerspuL4UgAXIDgoK8L8hMams4VEoaS/3XeTRMQxNCR2eFgkdo+TYnGJRFz0eb6H rufBq0OaYw+PLQgMkAer1poHLLX/tDzi5Nb0Jkfy60gj1/KenDuzK+D46BOybYW3Ao4B XUW4NOSoTkacxuySWJ7W14i3SHTMxDpbrirARupckGrzqk+iGDy6BYAVxCmW9ZzMvsnZ TQAw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:from:subject:cc:to:message-id:date; bh=4vVKl0+ltJuzGgSmP2okTqzJTIoznGrXtzm0ixxp/g4=; b=brd6Pn1jXVeRt8Eetk5DXt8OJs6Q/kWDdgIGrPp6QATXci/l+O8rlsVjtiL+3GT913 hSpqFpJGp+DLeOOeMx6vszQ9W80oiBOzlYcb+vsnZ9HQde2PoO0OJcVUfeNalQbQv0cy cCjZQfc72tfr4mfgSZA31H5tbNHXOkElxDYb4FhqdwFC2VB0pXhgL1pbsnjlexB+8wor LgXzOVwr289lBSzFrcu7meQ5NczlYNll6BaNtBVHLPp3HfRA9FLW4cSYAhdcTDPVpdez yiXMVGdDSifojjtUjh3WCEQyddOAUtuP1QGM0ASRWIWnk/8ks5Sf15aJyB2Z89JqWmej xN2Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id s20si845128edy.519.2020.07.08.15.38.17; Wed, 08 Jul 2020 15:38:40 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726297AbgGHWhh (ORCPT + 99 others); Wed, 8 Jul 2020 18:37:37 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41094 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726081AbgGHWhb (ORCPT ); Wed, 8 Jul 2020 18:37:31 -0400 Received: from shards.monkeyblade.net (shards.monkeyblade.net [IPv6:2620:137:e000::1:9]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 58258C061A0B; Wed, 8 Jul 2020 15:37:31 -0700 (PDT) Received: from localhost (unknown [IPv6:2601:601:9f00:477::3d5]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: davem-davemloft) by shards.monkeyblade.net (Postfix) with ESMTPSA id 65BDA1277ED54; Wed, 8 Jul 2020 15:37:30 -0700 (PDT) Date: Wed, 08 Jul 2020 15:37:29 -0700 (PDT) Message-Id: <20200708.153729.1570943134510183928.davem@davemloft.net> To: jarod@redhat.com Cc: linux-kernel@vger.kernel.org, huyn@mellanox.com, saeedm@mellanox.com, j.vosburgh@gmail.com, vfalico@gmail.com, andy@greyhouse.net, jeffrey.t.kirsher@intel.com, kuba@kernel.org, steffen.klassert@secunet.com, herbert@gondor.apana.org.au, netdev@vger.kernel.org, intel-wired-lan@lists.osuosl.org Subject: Re: [PATCH net-next] bonding: deal with xfrm state in all modes and add more error-checking From: David Miller In-Reply-To: <20200708174631.15286-1-jarod@redhat.com> References: <20200708174631.15286-1-jarod@redhat.com> X-Mailer: Mew version 6.8 on Emacs 26.3 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 08 Jul 2020 15:37:30 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jarod Wilson Date: Wed, 8 Jul 2020 13:46:31 -0400 > It's possible that device removal happens when the bond is in non-AB mode, > and addition happens in AB mode, so bond_ipsec_del_sa() never gets called, > which leaves security associations in an odd state if bond_ipsec_add_sa() > then gets called after switching the bond into AB. Just call add and > delete universally for all modes to keep things consistent. > > However, it's also possible that this code gets called when the system is > shutting down, and the xfrm subsystem has already been disconnected from > the bond device, so we need to do some error-checking and bail, lest we > hit a null ptr deref. > > Fixes: a3b658cfb664 ("bonding: allow xfrm offload setup post-module-load") > Signed-off-by: Jarod Wilson Applied, thanks Jarod.