On Mon, Oct 28, 2024 at 08:42:15 -0400, Sasha Levin wrote:
> On Mon, Oct 28, 2024 at 12:08:23PM +0100, Antony Antony wrote:
> > On Mon, Oct 28, 2024 at 07:25:13 +0100, Greg Kroah-Hartman wrote:
> > > 6.6-stable review patch. If anyone has any objections, please let me know.
> >
> > Hi Greg,
> >
> > This patch is a part of a new feature SA direction and it appears the auto
> > patch selector picked one patch out of patch set?
> > I think this patch alone should not be applied to older stable kernel.
>
> It was picked up as a dependency:
I understand how it got selected, however, please drop
a4a87fa4e96c ("xfrm: Add Direction to the SA in or out") from backports.
>
> > > Stable-dep-of: 3f0ab59e6537 ("xfrm: validate new SA's prefixlen using SA family when sel.family is unset")
this is good fix to have in stable kernels
>
> We can drop it, and the netfilter folks can provide us a backport of the
> fix above?
It is an ipsec sub system patch.
Here is a backport. I compile tested it on 6.6. It will also apply to linx-6.1.y
To apply to older ones kernels, use -3.
regards,
-antony
