| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221002081712.757515-1-steffen.klassert@secunet.com>
Date: Sun, 2 Oct 2022 10:16:48 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: David Miller <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>
CC: Herbert Xu <herbert@...dor.apana.org.au>,
Steffen Klassert <steffen.klassert@...unet.com>,
<netdev@...r.kernel.org>
Subject: [PATCH 0/24] pull request (net-next): ipsec-next 2022-10-02
1) Refactor selftests to use an array of structs in xfrm_fill_key().
From Gautam Menghani.
2) Drop an unused argument from xfrm_policy_match.
From Hongbin Wang.
3) Support collect metadata mode for xfrm interfaces.
From Eyal Birger.
4) Add netlink extack support to xfrm.
From Sabrina Dubroca.
Please note, there is a merge conflict in:
include/net/dst_metadata.h
between commit:
0a28bfd4971f ("net/macsec: Add MACsec skb_metadata_dst Tx Data path support")
from the net-next tree and commit:
5182a5d48c3d ("net: allow storing xfrm interface metadata in metadata_dst")
from the ipsec-next tree.
Can be solved as done in linux-next.
Please pull or let me know if there are problems.
Thanks!
The following changes since commit 7ebfc85e2cd7b08f518b526173e9a33b56b3913b:
Merge tag 'net-6.0-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net (2022-08-11 13:45:37 -0700)
are available in the Git repository at:
git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next.git master
for you to fetch changes up to c39596f6ad1bfe65fc2d926e0703cf26e3fae90a:
Merge branch 'xfrm: add netlink extack to all the ->init_stat' (2022-09-30 09:49:33 +0200)
----------------------------------------------------------------
Eyal Birger (3):
net: allow storing xfrm interface metadata in metadata_dst
xfrm: interface: support collect metadata mode
xfrm: lwtunnel: add lwtunnel support for xfrm interfaces in collect_md mode
Gautam Menghani (1):
selftests/net: Refactor xfrm_fill_key() to use array of structs
Hongbin Wang (1):
xfrm: Drop unused argument
Sabrina Dubroca (19):
xfrm: propagate extack to all netlink doit handlers
xfrm: add extack support to verify_newpolicy_info
xfrm: add extack to verify_policy_dir
xfrm: add extack to verify_policy_type
xfrm: add extack to validate_tmpl
xfrm: add extack to verify_sec_ctx_len
xfrm: add extack support to verify_newsa_info
xfrm: add extack to verify_replay
xfrm: add extack to verify_one_alg, verify_auth_trunc, verify_aead
xfrm: add extack support to xfrm_dev_state_add
xfrm: add extack to attach_*
xfrm: add extack to __xfrm_init_state
xfrm: add extack support to xfrm_init_replay
xfrm: pass extack down to xfrm_type ->init_state
xfrm: ah: add extack to ah_init_state, ah6_init_state
xfrm: esp: add extack to esp_init_state, esp6_init_state
xfrm: tunnel: add extack to ipip_init_state, xfrm6_tunnel_init_state
xfrm: ipcomp: add extack to ipcomp{4,6}_init_state
xfrm: mip6: add extack to mip6_destopt_init_state, mip6_rthdr_init_state
Steffen Klassert (3):
Merge remote-tracking branch 'xfrm: start adding netlink extack support'
Merge branch 'xfrm: add netlink extack for state creation'
Merge branch 'xfrm: add netlink extack to all the ->init_stat'
include/net/dst_metadata.h | 31 +++
include/net/ipcomp.h | 2 +-
include/net/xfrm.h | 24 ++-
include/uapi/linux/if_link.h | 1 +
include/uapi/linux/lwtunnel.h | 10 +
net/core/lwtunnel.c | 1 +
net/ipv4/ah4.c | 23 ++-
net/ipv4/esp4.c | 55 +++---
net/ipv4/ipcomp.c | 10 +-
net/ipv4/xfrm4_tunnel.c | 10 +-
net/ipv6/ah6.c | 23 ++-
net/ipv6/esp6.c | 55 +++---
net/ipv6/ipcomp6.c | 10 +-
net/ipv6/mip6.c | 14 +-
net/ipv6/xfrm6_tunnel.c | 10 +-
net/xfrm/xfrm_device.c | 20 +-
net/xfrm/xfrm_input.c | 7 +-
net/xfrm/xfrm_interface.c | 206 ++++++++++++++++++--
net/xfrm/xfrm_ipcomp.c | 10 +-
net/xfrm/xfrm_policy.c | 25 ++-
net/xfrm/xfrm_replay.c | 10 +-
net/xfrm/xfrm_state.c | 30 ++-
net/xfrm/xfrm_user.c | 370 ++++++++++++++++++++++++------------
tools/testing/selftests/net/ipsec.c | 104 +++++-----
24 files changed, 738 insertions(+), 323 deletions(-)
Powered by blists - more mailing lists