lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20210827075015.2584560-1-steffen.klassert@secunet.com>
Date:   Fri, 27 Aug 2021 09:50:12 +0200
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     David Miller <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>
CC:     Herbert Xu <herbert@...dor.apana.org.au>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        <netdev@...r.kernel.org>
Subject: pull request (net-next): ipsec-next 2021-08-27

1) Remove an unneeded extra variable in esp4 esp_ssg_unref.
   From Corey Minyard.

2) Add a configuration option to change the default behaviour
   to block traffic if there is no matching policy.
   Joint work with Christian Langrock and Antony Antony.

3) Fix a shift-out-of-bounce bug reported from syzbot.
   From Pavel Skripkin.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit c18e9405d46aa08bb4b55a35ee9bcc66ef3e89e0:

  Merge branch 's390-next' (2021-07-20 06:23:50 -0700)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git master

for you to fetch changes up to 5d8dbb7fb82b8661c16d496644b931c0e2e3a12e:

  net: xfrm: fix shift-out-of-bounce (2021-07-29 08:04:10 +0200)

----------------------------------------------------------------
Corey Minyard (1):
      ipsec: Remove unneeded extra variable in esp4 esp_ssg_unref()

Pavel Skripkin (1):
      net: xfrm: fix shift-out-of-bounce

Steffen Klassert (1):
      xfrm: Add possibility to set the default to block if we have no policy

 include/net/netns/xfrm.h  |  7 ++++++
 include/net/xfrm.h        | 36 +++++++++++++++++++++++++-----
 include/uapi/linux/xfrm.h | 11 +++++++++
 net/ipv4/esp4.c           |  4 +---
 net/xfrm/xfrm_policy.c    | 16 +++++++++++++
 net/xfrm/xfrm_user.c      | 57 +++++++++++++++++++++++++++++++++++++++++++++++
 6 files changed, 122 insertions(+), 9 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ