public inbox for linux-next@vger.kernel.org 
 help / color / mirror / Atom feed

* Missing signoff in the ipsec tree
@ 2026-05-26 13:51 Mark Brown
  2026-05-27  5:02 ` Steffen Klassert
  0 siblings, 1 reply; 3+ messages in thread
From: Mark Brown @ 2026-05-26 13:51 UTC (permalink / raw)
  To: Steffen Klassert; +Cc: linux-kernel, linux-next

[-- Attachment #1: Type: text/plain, Size: 130 bytes --]

Commit

  2982e599fff6f ("esp: fix page frag reference leak on skb_to_sgvec failure")

is missing a Signed-off-by from its author

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

• * Re: Missing signoff in the ipsec tree
    2026-05-26 13:51 Missing signoff in the ipsec tree Mark Brown
  @ 2026-05-27  5:02 ` Steffen Klassert
    2026-05-27 10:30   ` Mark Brown
    0 siblings, 1 reply; 3+ messages in thread
  From: Steffen Klassert @ 2026-05-27  5:02 UTC (permalink / raw)
    To: Mark Brown; +Cc: linux-kernel, linux-next
  
  On Tue, May 26, 2026 at 02:51:50PM +0100, Mark Brown wrote:
  > Commit
  > 
  >   2982e599fff6f ("esp: fix page frag reference leak on skb_to_sgvec failure")
  > 
  > is missing a Signed-off-by from its author
  
  The commit message looks like this:
  
  commit 2982e599fff6faa21c8df147d96fc7af6c1a2f24
  Author: e521588 <alessandro.schino@sbb•ch>
  Date:   Wed May 20 09:27:17 2026 +0200
  
      esp: fix page frag reference leak on skb_to_sgvec failure
      
      In esp_output_tail(), when esp->inplace is false, the old skb page frags
      are replaced with a new page from the xfrm page_frag cache. The source
      scatterlist (sg) is built from the old frags before the replacement, and
      esp_ssg_unref() is responsible for releasing the old page references
      after the crypto operation completes.
      
      However, if the second skb_to_sgvec() call (which builds the destination
      scatterlist from the new page) fails, the code jumps to error_free which
      only calls kfree(tmp). The old page frag references captured in the
      source scatterlist are never released:
      
        1. sg[] is built from old frags via skb_to_sgvec() (no extra get_page)
        2. nr_frags is set to 1 and frag[0] is replaced with the new page
        3. Second skb_to_sgvec() fails -> goto error_free
        4. kfree(tmp) frees the sg[] memory but old frags are not unref'd
        5. kfree_skb() only releases frag[0] (the new page), not the old ones
      
      Fix this by adding a bool parameter to esp_ssg_unref() that, when true,
      unconditionally unrefs the source scatterlist frags without checking
      req->src and req->dst, since those fields are not yet initialized by
      aead_request_set_crypt() at the point of the error. Existing callers
      pass false to preserve the original behavior.
      
      The same issue exists in both esp4 and esp6 as the code is identical.
      
      Fixes: cac2661c53f3 ("esp4: Avoid skb_cow_data whenever possible")
      Fixes: 03e2a30f6a27 ("esp6: Avoid skb_cow_data whenever possible")
      
      Signed-off-by: Alessandro Schino <7991aleschino@gmail•com>
      Signed-off-by: Steffen Klassert <steffen.klassert@secunet•com>
  
  
  So 'Author:' and 'Signed-off-by:' have different mail addresses,
  but the person should be the same. I did not notice that when
  I applied the patch. I hope it is not a problem.
  
  ^ permalink raw reply	[flat|nested] 3+ messages in thread

• • * Re: Missing signoff in the ipsec tree
      2026-05-27  5:02 ` Steffen Klassert
    @ 2026-05-27 10:30   ` Mark Brown
      0 siblings, 0 replies; 3+ messages in thread
    From: Mark Brown @ 2026-05-27 10:30 UTC (permalink / raw)
      To: Steffen Klassert; +Cc: linux-kernel, linux-next
    
    [-- Attachment #1: Type: text/plain, Size: 778 bytes --]
    
    On Wed, May 27, 2026 at 07:02:30AM +0200, Steffen Klassert wrote:
    > On Tue, May 26, 2026 at 02:51:50PM +0100, Mark Brown wrote:
    
    > >   2982e599fff6f ("esp: fix page frag reference leak on skb_to_sgvec failure")
    
    > The commit message looks like this:
    
    > Author: e521588 <alessandro.schino@sbb•ch>
    
    >     Signed-off-by: Alessandro Schino <7991aleschino@gmail•com>
    >     Signed-off-by: Steffen Klassert <steffen.klassert@secunet•com>
    
    > So 'Author:' and 'Signed-off-by:' have different mail addresses,
    > but the person should be the same. I did not notice that when
    > I applied the patch. I hope it is not a problem.
    
    It's probably fine if you're sure enough they're the same person, at the
    end of the day it's up to Linus and whoever your upstream maintainers
    are rather than me.
    
    [-- Attachment #2: signature.asc --]
    [-- Type: application/pgp-signature, Size: 488 bytes --]
    
    ^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2026-05-27 10:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-05-26 13:51 Missing signoff in the ipsec tree Mark Brown
2026-05-27  5:02 ` Steffen Klassert
2026-05-27 10:30   ` Mark Brown

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox