lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 28 Sep 2020 10:24:42 +0200
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     David Miller <davem@...emloft.net>
CC:     Herbert Xu <herbert@...dor.apana.org.au>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        <netdev@...r.kernel.org>
Subject: pull request (net): ipsec 2020-09-28

1) Fix a build warning in ip_vti if CONFIG_IPV6 is not set.
   From YueHaibing.

2) Restore IPCB on espintcp before handing the packet to xfrm
   as the information there is still needed.
   From Sabrina Dubroca.

3) Fix pmtu updating for xfrm interfaces.
   From Sabrina Dubroca.

4) Some xfrm state information was not cloned with xfrm_do_migrate.
   Fixes to clone the full xfrm state, from Antony Antony.

5) Use the correct address family in xfrm_state_find. The struct
   flowi must always be interpreted along with the original
   address family. This got lost over the years.
   Fix from Herbert Xu.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit 1c3b63f155f637594268cd1add8335461691b314:

  net/tls: allow MSG_CMSG_COMPAT in sendmsg (2020-08-07 17:40:45 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master

for you to fetch changes up to e94ee171349db84c7cfdc5fefbebe414054d0924:

  xfrm: Use correct address family in xfrm_state_find (2020-09-25 09:59:51 +0200)

----------------------------------------------------------------
Antony Antony (4):
      xfrm: clone XFRMA_SET_MARK in xfrm_do_migrate
      xfrm: clone XFRMA_REPLAY_ESN_VAL in xfrm_do_migrate
      xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate
      xfrm: clone whole liftime_cur structure in xfrm_do_migrate

Herbert Xu (1):
      xfrm: Use correct address family in xfrm_state_find

Sabrina Dubroca (2):
      espintcp: restore IP CB before handing the packet to xfrm
      xfrmi: drop ignore_df check before updating pmtu

YueHaibing (1):
      ip_vti: Fix unused variable warning

 include/net/xfrm.h        | 16 ++++++----------
 net/ipv4/ip_vti.c         |  2 ++
 net/xfrm/espintcp.c       |  6 +++++-
 net/xfrm/xfrm_interface.c |  2 +-
 net/xfrm/xfrm_state.c     | 42 +++++++++++++++++++++++++++++++++++++-----
 5 files changed, 51 insertions(+), 17 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ