Netdev Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Nicolas Dichtel <nicolas.dichtel@6wind.com>
To: steffen.klassert@secunet.com, davem@davemloft.net,
	kuba@kernel.org, antony.antony@secunet.com
Cc: netdev@vger.kernel.org, Nicolas Dichtel <nicolas.dichtel@6wind.com>
Subject: [PATCH ipsec 0/2] xfrm: fix uapi for the default policy
Date: Tue,  7 Sep 2021 21:35:07 +0200	[thread overview]
Message-ID: <20210907193510.16487-1-nicolas.dichtel@6wind.com> (raw)
In-Reply-To: <9b0ddb88-c7d3-9bb6-48f2-1967425b3fc7@6wind.com>

This feature has just been merged after the last release, thus it's still
time to fix the uapi.
As stated in the thread, the uapi is based on some magic values (from the
userland POV).
Here is a proposal to simplify this uapi and make it clear how to use it.
The other problem was the notification: changing the default policy may
radically change the packets flows.

Nicolas Dichtel (2):
  xfrm: make user policy API complete
  xfrm: notify default policy on update

 include/uapi/linux/xfrm.h |  9 ++++--
 net/xfrm/xfrm_user.c      | 58 +++++++++++++++++++++++++++++++++------
 2 files changed, 55 insertions(+), 12 deletions(-)

Comments are welcome,
Nicolas
-- 
2.33.0


  reply	other threads:[~2021-09-07 19:42 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20210331144843.GA25749@moon.secunet.de>
2021-07-16  9:15 ` [PATCH ipsec-next] xfrm: Add possibility to set the default to block if we have no policy Antony Antony
2021-07-18  3:26   ` kernel test robot
2021-07-18  7:11 ` [PATCH v2 " Antony Antony
2021-07-22  9:43   ` Steffen Klassert
2021-08-11 16:14   ` Nicolas Dichtel
2021-08-17 11:19     ` Antony Antony
2021-08-25 10:01       ` Nicolas Dichtel
2021-09-07 19:35         ` Nicolas Dichtel [this message]
2021-09-07 19:35           ` [PATCH ipsec 1/2] xfrm: make user policy API complete Nicolas Dichtel
2021-09-07 19:35           ` [PATCH ipsec 2/2] xfrm: notify default policy on update Nicolas Dichtel
2021-09-08  1:35             ` kernel test robot
2021-09-08  7:23               ` [PATCH ipsec v2 0/2] xfrm: fix uapi for the default policy Nicolas Dichtel
2021-09-08  7:23                 ` [PATCH ipsec v2 1/2] xfrm: make user policy API complete Nicolas Dichtel
2021-09-08  7:23                 ` [PATCH ipsec v2 2/2] xfrm: notify default policy on update Nicolas Dichtel
2021-09-08  7:23                 ` [RFC PATCH iproute2 v2] xfrm: enable to manage default policies Nicolas Dichtel
2021-09-14 14:46                 ` [PATCH ipsec v3 0/2] xfrm: fix uapi for the default policy Nicolas Dichtel
2021-09-14 14:46                   ` [PATCH ipsec v3 1/2] xfrm: make user policy API complete Nicolas Dichtel
2021-09-14 14:46                   ` [PATCH ipsec v3 2/2] xfrm: notify default policy on update Nicolas Dichtel
2021-09-14 14:46                   ` [RFC PATCH iproute2 v2] xfrm: enable to manage default policies Nicolas Dichtel
2021-09-15  9:19                   ` [PATCH ipsec v3 0/2] xfrm: fix uapi for the default policy Antony Antony
2021-09-15  9:55                     ` Nicolas Dichtel
2021-09-17  7:06                   ` Steffen Klassert
2021-09-17  7:54                     ` Nicolas Dichtel
2021-09-07 19:35           ` [RFC PATCH iproute2] xfrm: enable to manage default policies Nicolas Dichtel
2021-09-01 15:14   ` [PATCH v2 ipsec-next] xfrm: Add possibility to set the default to block if we have no policy Dmitry V. Levin
2021-09-02  9:05     ` Steffen Klassert
2021-09-19 22:40   ` Paul Cercueil
2021-09-21  6:33     ` Steffen Klassert

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210907193510.16487-1-nicolas.dichtel@6wind.com \
    --to=nicolas.dichtel@6wind.com \
    --cc=antony.antony@secunet.com \
    --cc=davem@davemloft.net \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=steffen.klassert@secunet.com \
    --subject='Re: [PATCH ipsec 0/2] xfrm: fix uapi for the default policy' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).