lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 25 Feb 2022 08:47:27 +0100
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     David Miller <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>
CC:     Herbert Xu <herbert@...dor.apana.org.au>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        <netdev@...r.kernel.org>
Subject: pull request (net): ipsec 2022-02-25

1) Fix PMTU for IPv6 if the reported MTU minus the ESP overhead is
   smaller than 1280. From Jiri Bohac.

2) Fix xfrm interface ID and inter address family tunneling when
   migrating xfrm states. From Yan Yan.

3) Add missing xfrm intrerface ID initialization on xfrmi_changelink.
   From Antony Antony.

4) Enforce validity of xfrm offload input flags so that userspace can't
   send undefined flags to the offload driver.
   From Leon Romanovsky.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit de8a820df2acd02eac1d98a99dd447634226d653:

  net: stmmac: remove unused members in struct stmmac_priv (2022-01-24 13:31:45 +0000)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master

for you to fetch changes up to 7c76ecd9c99b6e9a771d813ab1aa7fa428b3ade1:

  xfrm: enforce validity of offload input flags (2022-02-09 09:00:40 +0100)

----------------------------------------------------------------
Antony Antony (1):
      xfrm: fix the if_id check in changelink

Jiri Bohac (2):
      xfrm: fix MTU regression
      Revert "xfrm: xfrm_state_mtu should return at least 1280 for ipv6"

Leon Romanovsky (1):
      xfrm: enforce validity of offload input flags

Yan Yan (2):
      xfrm: Check if_id in xfrm_migrate
      xfrm: Fix xfrm migrate issues when address family changes

 include/net/xfrm.h        |  6 +++---
 include/uapi/linux/xfrm.h |  6 ++++++
 net/ipv4/esp4.c           |  2 +-
 net/ipv6/esp6.c           |  2 +-
 net/ipv6/ip6_output.c     | 11 +++++++----
 net/key/af_key.c          |  2 +-
 net/xfrm/xfrm_device.c    |  6 +++++-
 net/xfrm/xfrm_interface.c |  2 +-
 net/xfrm/xfrm_policy.c    | 14 ++++++++------
 net/xfrm/xfrm_state.c     | 29 +++++++++++++----------------
 net/xfrm/xfrm_user.c      |  6 +++++-
 11 files changed, 51 insertions(+), 35 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ