All of lore.kernel.org
 help / color / mirror / Atom feed
From: Steffen Klassert <steffen.klassert@secunet.com>
To: David Miller <davem@davemloft.net>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	Steffen Klassert <steffen.klassert@secunet.com>,
	<netdev@vger.kernel.org>
Subject: pull request (net): ipsec 2020-03-27
Date: Fri, 27 Mar 2020 09:09:59 +0100	[thread overview]
Message-ID: <20200327081007.1185-1-steffen.klassert@secunet.com> (raw)

1) Handle NETDEV_UNREGISTER for xfrm device to handle asynchronous
   unregister events cleanly. From Raed Salem.

2) Fix vti6 tunnel inter address family TX through bpf_redirect().
   From Nicolas Dichtel.

3) Fix lenght check in verify_sec_ctx_len() to avoid a
   slab-out-of-bounds. From Xin Long.

4) Add a missing verify_sec_ctx_len check in xfrm_add_acquire
   to avoid a possible out-of-bounds to access. From Xin Long.

5) Use built-in RCU list checking of hlist_for_each_entry_rcu
   to silence false lockdep warning in __xfrm6_tunnel_spi_lookup
   when CONFIG_PROVE_RCU_LIST is enabled. From Madhuparna Bhowmik.

6) Fix a panic on esp offload when crypto is done asynchronously.
   From Xin Long.

7) Fix a skb memory leak in an error path of vti6_rcv.
   From Torsten Hilbrich.

8) Fix a race that can lead to a doulbe free in xfrm_policy_timer.
   From Xin Long.

Please pull or let me know if there are problems.

Thanks!

The following changes since commit a444ad1432c5a0fb3bd43fc9ac39fb88b1fb141e:

  Merge branch 'netdevsim-fix-several-bugs-in-netdevsim-module' (2020-02-03 15:38:50 -0800)

are available in the Git repository at:

  git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master

for you to fetch changes up to 4c59406ed00379c8663f8663d82b2537467ce9d7:

  xfrm: policy: Fix doulbe free in xfrm_policy_timer (2020-03-24 06:56:54 +0100)

----------------------------------------------------------------
Madhuparna Bhowmik (1):
      ipv6: xfrm6_tunnel.c: Use built-in RCU list checking

Nicolas Dichtel (1):
      vti[6]: fix packet tx through bpf_redirect() in XinY cases

Raed Salem (1):
      xfrm: handle NETDEV_UNREGISTER for xfrm device

Torsten Hilbrich (1):
      vti6: Fix memory leak of skb if input policy check fails

Xin Long (3):
      xfrm: fix uctx len check in verify_sec_ctx_len
      xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire
      esp: remove the skb from the chain when it's enqueued in cryptd_wq

YueHaibing (1):
      xfrm: policy: Fix doulbe free in xfrm_policy_timer

 net/ipv4/Kconfig        |  1 +
 net/ipv4/ip_vti.c       | 38 ++++++++++++++++++++++++++++++--------
 net/ipv6/ip6_vti.c      | 34 ++++++++++++++++++++++++++--------
 net/ipv6/xfrm6_tunnel.c |  2 +-
 net/xfrm/xfrm_device.c  |  9 +++++----
 net/xfrm/xfrm_policy.c  |  2 ++
 net/xfrm/xfrm_user.c    |  6 +++++-
 7 files changed, 70 insertions(+), 22 deletions(-)

             reply	other threads:[~2020-03-27  8:10 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-27  8:09 Steffen Klassert [this message]
2020-03-27  8:10 ` [PATCH 1/8] xfrm: handle NETDEV_UNREGISTER for xfrm device Steffen Klassert
2020-03-27  8:10 ` [PATCH 2/8] vti[6]: fix packet tx through bpf_redirect() in XinY cases Steffen Klassert
2020-03-27  8:10 ` [PATCH 3/8] xfrm: fix uctx len check in verify_sec_ctx_len Steffen Klassert
2020-03-27  8:10 ` [PATCH 4/8] xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire Steffen Klassert
2020-03-27  8:10 ` [PATCH 5/8] ipv6: xfrm6_tunnel.c: Use built-in RCU list checking Steffen Klassert
2020-03-27  8:10 ` [PATCH 6/8] esp: remove the skb from the chain when it's enqueued in cryptd_wq Steffen Klassert
2020-03-27  8:10 ` [PATCH 7/8] vti6: Fix memory leak of skb if input policy check fails Steffen Klassert
2020-03-27  8:10 ` [PATCH 8/8] xfrm: policy: Fix doulbe free in xfrm_policy_timer Steffen Klassert
2020-03-27 21:57 ` pull request (net): ipsec 2020-03-27 David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200327081007.1185-1-steffen.klassert@secunet.com \
    --to=steffen.klassert@secunet.com \
    --cc=davem@davemloft.net \
    --cc=herbert@gondor.apana.org.au \
    --cc=netdev@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.