| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 29 May 2020 13:03:53 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: David Miller <davem@...emloft.net>
CC: Herbert Xu <herbert@...dor.apana.org.au>,
Steffen Klassert <steffen.klassert@...unet.com>,
<netdev@...r.kernel.org>
Subject: pull request (net): ipsec 2020-05-29
1) Several fixes for ESP gro/gso in transport and beet mode when
IPv6 extension headers are present. From Xin Long.
2) Fix a wrong comment on XFRMA_OFFLOAD_DEV.
From Antony Antony.
3) Fix sk_destruct callback handling on ESP in TCP encapsulation.
From Sabrina Dubroca.
4) Fix a use after free in xfrm_output_gso when used with vxlan.
From Xin Long.
5) Fix secpath handling of VTI when used wiuth IPCOMP.
From Xin Long.
6) Fix an oops when deleting a x-netns xfrm interface.
From Nicolas Dichtel.
7) Fix a possible warning on policy updates. We had a case where it was
possible to add two policies with the same lookup keys.
From Xin Long.
Please pull or let me know if there are problems.
Thanks!
The following changes since commit 91fac45cd0061854633036695cf37a11befa8062:
Merge branch 'Fix-88x3310-leaving-power-save-mode' (2020-04-14 16:48:09 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master
for you to fetch changes up to f6a23d85d078c2ffde79c66ca81d0a1dde451649:
xfrm: fix a NULL-ptr deref in xfrm_local_error (2020-05-29 12:10:22 +0200)
----------------------------------------------------------------
Antony Antony (1):
xfrm: fix error in comment
Nicolas Dichtel (1):
xfrm interface: fix oops when deleting a x-netns interface
Sabrina Dubroca (1):
xfrm: espintcp: save and call old ->sk_destruct
Xin Long (12):
xfrm: allow to accept packets with ipv6 NEXTHDR_HOP in xfrm_input
xfrm: do pskb_pull properly in __xfrm_transport_prep
esp6: get the right proto for transport mode in esp6_gso_encap
xfrm: remove the xfrm_state_put call becofe going to out_reset
esp6: support ipv6 nexthdrs process for beet gso segment
esp4: support ipv6 nexthdrs process for beet gso segment
xfrm: call xfrm_output_gso when inner_protocol is set in xfrm_output
ip_vti: receive ipip packet by calling ip_tunnel_rcv
esp6: calculate transport_header correctly when sel.family != AF_INET6
esp4: improve xfrm4_beet_gso_segment() to be more readable
xfrm: fix a warning in xfrm_policy_insert_list
xfrm: fix a NULL-ptr deref in xfrm_local_error
include/net/espintcp.h | 1 +
include/uapi/linux/xfrm.h | 2 +-
net/ipv4/esp4_offload.c | 30 ++++++++++++++++++------------
net/ipv4/ip_vti.c | 23 ++++++++++++++++++++++-
net/ipv6/esp6_offload.c | 37 +++++++++++++++++++++++++------------
net/xfrm/espintcp.c | 2 ++
net/xfrm/xfrm_device.c | 8 +++-----
net/xfrm/xfrm_input.c | 2 +-
net/xfrm/xfrm_interface.c | 21 +++++++++++++++++++++
net/xfrm/xfrm_output.c | 15 +++++++++------
net/xfrm/xfrm_policy.c | 7 +------
11 files changed, 104 insertions(+), 44 deletions(-)
Powered by blists - more mailing lists