Is there a bug about xfrm_lookup in xfrm_policy.c?
int xfrm_lookup(struct dst_entry **dst_p, struct flowi *fl,
        struct sock *sk, int flags)
 struct dst_entry *dst, *dst_orig = *dst_p; /* note */
 /* if policy is "spdadd[any][any] any -P out none", should it reach here? I think so*/
 switch (policy->action) {
  /* Prohibit the flow */
  err = -EPERM;
  goto error;
 /* note: if policy is none , the packet should be sent out. but, now in this case dst = ? */
 *dst_p = dst;
  xfrm_pols_put(pols, npols);
 return 0;
I think there is a bug about none policy, isn't there?