| Message ID | dc8c3fcd81a212e47547ae59ee6857ce25048ddd.1680268153.git.sd@queasysnail.net (mailing list archive) |
|---|---|
| State | Accepted |
| Commit | 009739adb92cfaab54e9e3f31ecdd7dcf4082e0c |
| Delegated to: | Stephen Hemminger |
| Headers | show |
| Series | [iproute2] ip-xfrm: accept "allow" as action in ip xfrm policy setdefault | expand |
| Context | Check | Description |
|---|---|---|
| netdev/tree_selection | success | Not a local patch |
Le 31/03/2023 à 15:18, Sabrina Dubroca a écrit : > The help text claims that setdefault takes ACTION values, ie block | > allow. In reality, xfrm_str_to_policy takes block | accept. > > We could also fix that by changing the help text/manpage, but then > it'd be frustrating to have multiple ACTION with similar values used > in different subcommands. > > I'm not changing the output in xfrm_policy_to_str because some > userspace somewhere probably depends on the "accept" value. > > Fixes: 76b30805f9f6 ("xfrm: enable to manage default policies") > Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Acked-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Hello: This patch was applied to iproute2/iproute2.git (main) by Stephen Hemminger <stephen@networkplumber.org>: On Fri, 31 Mar 2023 15:18:25 +0200 you wrote: > The help text claims that setdefault takes ACTION values, ie block | > allow. In reality, xfrm_str_to_policy takes block | accept. > > We could also fix that by changing the help text/manpage, but then > it'd be frustrating to have multiple ACTION with similar values used > in different subcommands. > > [...] Here is the summary with links: - [iproute2] ip-xfrm: accept "allow" as action in ip xfrm policy setdefault https://git.kernel.org/pub/scm/network/iproute2/iproute2.git/commit/?id=009739adb92c You are awesome, thank you!
diff --git a/ip/xfrm_policy.c b/ip/xfrm_policy.c index be2235ca949d..8687ced35a25 100644 --- a/ip/xfrm_policy.c +++ b/ip/xfrm_policy.c @@ -1141,7 +1141,8 @@ static int xfrm_str_to_policy(char *name, uint8_t *policy) if (strcmp(name, "block") == 0) { *policy = XFRM_USERPOLICY_BLOCK; return 0; - } else if (strcmp(name, "accept") == 0) { + } else if (strcmp(name, "accept") == 0 || + strcmp(name, "allow") == 0) { *policy = XFRM_USERPOLICY_ACCEPT; return 0; }
The help text claims that setdefault takes ACTION values, ie block | allow. In reality, xfrm_str_to_policy takes block | accept. We could also fix that by changing the help text/manpage, but then it'd be frustrating to have multiple ACTION with similar values used in different subcommands. I'm not changing the output in xfrm_policy_to_str because some userspace somewhere probably depends on the "accept" value. Fixes: 76b30805f9f6 ("xfrm: enable to manage default policies") Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> --- ip/xfrm_policy.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)