lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 8 Feb 2023 12:43:16 +0100
From:   Steffen Klassert <steffen.klassert@...unet.com>
To:     David Miller <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>
CC:     Herbert Xu <herbert@...dor.apana.org.au>,
        Steffen Klassert <steffen.klassert@...unet.com>,
        <netdev@...r.kernel.org>
Subject: [PATCH 0/6] pull request (net): ipsec 2023-02-08

1) Fix policy checks for nested IPsec tunnels when using
   xfrm interfaces. From Benedict Wong.

2) Fix netlink message expression on 32=>64-bit
   messages translators. From Anastasia Belova.

3) Prevent potential spectre v1 gadget in xfrm_xlate32_attr.
   From Eric Dumazet.

4) Always consistently use time64_t in xfrm_timer_handler.
   From Eric Dumazet.

5) Fix KCSAN reported bug: Multiple cpus can update use_time
   at the same time. From Eric Dumazet.

6) Fix SCP copy from IPv4 to IPv6 on interfamily tunnel.
   From Christian Hopps.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit 571f3dd0d01b62ec63a4039320dbdbcd54ae8fb0:

  Merge tag 'rxrpc-fixes-20230107' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs (2023-01-07 23:10:33 +0000)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git tags/ipsec-2023-02-08

for you to fetch changes up to 6028da3f125fec34425dbd5fec18e85d372b2af6:

  xfrm: fix bug with DSCP copy to v6 from v4 tunnel (2023-01-30 11:31:58 +0100)

----------------------------------------------------------------
ipsec-2023-02-08

----------------------------------------------------------------
Anastasia Belova (1):
      xfrm: compat: change expression for switch in xfrm_xlate64

Benedict Wong (1):
      Fix XFRM-I support for nested ESP tunnels

Christian Hopps (1):
      xfrm: fix bug with DSCP copy to v6 from v4 tunnel

Eric Dumazet (3):
      xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
      xfrm: consistently use time64_t in xfrm_timer_handler()
      xfrm: annotate data-race around use_time

 net/xfrm/xfrm_compat.c         |  4 +++-
 net/xfrm/xfrm_input.c          |  3 +--
 net/xfrm/xfrm_interface_core.c | 54 ++++++++++++++++++++++++++++++++++++++----
 net/xfrm/xfrm_policy.c         | 14 +++++++----
 net/xfrm/xfrm_state.c          | 18 +++++++-------
 5 files changed, 73 insertions(+), 20 deletions(-)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ