| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240903000710.3272505-1-eyal.birger@gmail.com>
Date: Mon, 2 Sep 2024 17:07:08 -0700
From: Eyal Birger <eyal.birger@...il.com>
To: davem@...emloft.net,
dsahern@...nel.org,
edumazet@...gle.com,
kuba@...nel.org,
pabeni@...hat.com,
steffen.klassert@...unet.com,
herbert@...dor.apana.org.au,
paul.wouters@...en.io,
antony@...nome.org,
horms@...nel.org
Cc: devel@...ux-ipsec.org,
netdev@...r.kernel.org,
Eyal Birger <eyal.birger@...il.com>
Subject: [PATCH ipsec,v3 0/2] xfrm: respect ip proto rules criteria in xfrm dst lookups
This series fixes the route lookup for the outer packet after
encapsulation, including the L4 criteria specified in IP rules
The first patch is a minor refactor to allow passing more parameters
to dst lookup functions.
The second patch actually passes L4 information to these lookup functions.
Signed-off-by: Eyal Birger <eyal.birger@...il.com>
---
v3: pass ipproto for non UDP/TCP encapsulated traffic (e.g. ESP)
v2: fix first patch based on reviews from Steffen Klassert and
Simon Horman
Eyal Birger (2):
xfrm: extract dst lookup parameters into a struct
xfrm: respect ip protocols rules criteria when performing dst lookups
include/net/xfrm.h | 28 ++++++++++++-----------
net/ipv4/xfrm4_policy.c | 40 +++++++++++++++------------------
net/ipv6/xfrm6_policy.c | 31 ++++++++++++-------------
net/xfrm/xfrm_device.c | 11 ++++++---
net/xfrm/xfrm_policy.c | 50 +++++++++++++++++++++++++++++++----------
5 files changed, 95 insertions(+), 65 deletions(-)
--
2.34.1
Powered by blists - more mailing lists