On Tue, Nov 28, 2017 at 07:55:41PM +0200, av...@mellanox.com wrote: > From: Aviv Heller <av...@mellanox.com> > > Adding the state to the offload device prior to replay init in > xfrm_state_construct() will result in NULL dereference if a matching > ESP packet is received in between. > > In order to inhibit driver offload logic from processing the state's > packets prior to the xfrm_state object being completely initialized and > added to the SADBs, a new activate() operation was added to inform the > driver the aforementioned conditions have been met.
We discussed this already some time ago, and I still think that we should fix this by setting XFRM_STATE_VALID only after the state is fully initialized.
