lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 29 May 2020 13:03:53 +0200
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     David Miller <davem@...emloft.net>
CC:     Herbert Xu <herbert@...dor.apana.org.au>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        <netdev@...r.kernel.org>
Subject: pull request (net): ipsec 2020-05-29

1) Several fixes for ESP gro/gso in transport and beet mode when
   IPv6 extension headers are present. From Xin Long.

2) Fix a wrong comment on XFRMA_OFFLOAD_DEV.
   From Antony Antony.

3) Fix sk_destruct callback handling on ESP in TCP encapsulation.
   From Sabrina Dubroca.

4) Fix a use after free in xfrm_output_gso when used with vxlan.
   From Xin Long.

5) Fix secpath handling of VTI when used wiuth IPCOMP.
   From Xin Long.

6) Fix an oops when deleting a x-netns xfrm interface.
   From Nicolas Dichtel.

7) Fix a possible warning on policy updates. We had a case where it was
   possible to add two policies with the same lookup keys.
   From Xin Long.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit 91fac45cd0061854633036695cf37a11befa8062:

  Merge branch 'Fix-88x3310-leaving-power-save-mode' (2020-04-14 16:48:09 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master

for you to fetch changes up to f6a23d85d078c2ffde79c66ca81d0a1dde451649:

  xfrm: fix a NULL-ptr deref in xfrm_local_error (2020-05-29 12:10:22 +0200)

----------------------------------------------------------------
Antony Antony (1):
      xfrm: fix error in comment

Nicolas Dichtel (1):
      xfrm interface: fix oops when deleting a x-netns interface

Sabrina Dubroca (1):
      xfrm: espintcp: save and call old ->sk_destruct

Xin Long (12):
      xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
      xfrm: do pskb_pull properly in __xfrm_transport_prep
      esp6: get the right proto for transport mode in esp6_gso_encap
      xfrm: remove the xfrm_state_put call becofe going to out_reset
      esp6: support ipv6 nexthdrs process for beet gso segment
      esp4: support ipv6 nexthdrs process for beet gso segment
      xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
      ip_vti: receive ipip packet by calling ip_tunnel_rcv
      esp6: calculate transport_header correctly when sel.family != AF_INET6
      esp4: improve xfrm4_beet_gso_segment() to be more readable
      xfrm: fix a warning in xfrm_policy_insert_list
      xfrm: fix a NULL-ptr deref in xfrm_local_error

 include/net/espintcp.h    |  1 +
 include/uapi/linux/xfrm.h |  2 +-
 net/ipv4/esp4_offload.c   | 30 ++++++++++++++++++------------
 net/ipv4/ip_vti.c         | 23 ++++++++++++++++++++++-
 net/ipv6/esp6_offload.c   | 37 +++++++++++++++++++++++++------------
 net/xfrm/espintcp.c       |  2 ++
 net/xfrm/xfrm_device.c    |  8 +++-----
 net/xfrm/xfrm_input.c     |  2 +-
 net/xfrm/xfrm_interface.c | 21 +++++++++++++++++++++
 net/xfrm/xfrm_output.c    | 15 +++++++++------
 net/xfrm/xfrm_policy.c    |  7 +------
 11 files changed, 104 insertions(+), 44 deletions(-)

Powered by blists - more mailing lists