[PATCH] xfrm: force flush upon NETDEV_UNREGISTER event
Steffen Klassert
steffen.klassert at secunet.com
Thu Jan 22 11:32:16 UTC 2026
On Thu, Jan 22, 2026 at 08:28:31PM +0900, Tetsuo Handa wrote:
> On 2026/01/22 20:15, Steffen Klassert wrote:
> > Hm, I'd say we should not try to offload to a device that does
> > not support NETIF_F_HW_ESP.
>
> I was about to post the patch below, but you are suggesting that "do not allow calling
> xfrm_dev_state_add()/xfrm_dev_policy_add() if (dev->features & NETIF_F_HW_ESP) == 0" ?
As said, I think this is the correct way to do it. But let's wait
on opinions from the hardware people.
More information about the Linux-security-module-archive
mailing list