* [Patch] net: af_key: check encryption module availability consistency
@ 2022-05-16 12:57 Thomas Bartschies
0 siblings, 0 replies; 5+ messages in thread
From: Thomas Bartschies @ 2022-05-16 12:57 UTC (permalink / raw)
Cc: Thomas Bartschies
Since the recent introduction supporting the SM3 and SM4 hash algos for IPsec, the kernel
produces invalid pfkey acquire messages, when these encryption modules are disabled. This
happens because the availability of the algos wasn't checked in all necessary functions.
This patch adds these checks.
Signed-off-by: Thomas Bartschies <thomas.bartschies@cvk.de>
diff -uprN a/net/key/af_key.c b/net/key/af_key.c
--- a/net/key/af_key.c 2022-05-09 09:16:33.000000000 +0200
+++ b/net/key/af_key.c 2022-05-13 13:51:58.286250337 +0200
@@ -2898,7 +2898,7 @@ static int count_ah_combs(const struct x
break;
if (!aalg->pfkey_supported)
continue;
- if (aalg_tmpl_set(t, aalg))
+ if (aalg_tmpl_set(t, aalg) && aalg->available)
sz += sizeof(struct sadb_comb);
}
return sz + sizeof(struct sadb_prop);
@@ -2916,7 +2916,7 @@ static int count_esp_combs(const struct
if (!ealg->pfkey_supported)
continue;
- if (!(ealg_tmpl_set(t, ealg)))
+ if (!(ealg_tmpl_set(t, ealg) && ealg->available))
continue;
for (k = 1; ; k++) {
@@ -2927,7 +2927,7 @@ static int count_esp_combs(const struct
if (!aalg->pfkey_supported)
continue;
- if (aalg_tmpl_set(t, aalg))
+ if (aalg_tmpl_set(t, aalg) && aalg->available)
sz += sizeof(struct sadb_comb);
}
}
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Patch] net: af_key: check encryption module availability consistency
2022-05-18 6:32 Thomas Bartschies
2022-05-18 8:13 ` Steffen Klassert
@ 2022-05-18 12:00 ` patchwork-bot+netdevbpf
1 sibling, 0 replies; 5+ messages in thread
From: patchwork-bot+netdevbpf @ 2022-05-18 12:00 UTC (permalink / raw)
To: Thomas Bartschies
Cc: davem, steffen.klassert, herbert, kuba, pabeni, netdev, linux-kernel
Hello:
This patch was applied to netdev/net.git (master)
by Steffen Klassert <steffen.klassert@secunet.com>:
On Wed, 18 May 2022 08:32:18 +0200 (CEST) you wrote:
> Since the recent introduction supporting the SM3 and SM4 hash algos for IPsec, the kernel
> produces invalid pfkey acquire messages, when these encryption modules are disabled. This
> happens because the availability of the algos wasn't checked in all necessary functions.
> This patch adds these checks.
>
> Signed-off-by: Thomas Bartschies <thomas.bartschies@cvk.de>
Here is the summary with links:
- net: af_key: check encryption module availability consistency
https://git.kernel.org/netdev/net/c/015c44d7bff3
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [Patch] net: af_key: check encryption module availability consistency
2022-05-18 6:32 Thomas Bartschies
@ 2022-05-18 8:13 ` Steffen Klassert
2022-05-18 12:00 ` patchwork-bot+netdevbpf
1 sibling, 0 replies; 5+ messages in thread
From: Steffen Klassert @ 2022-05-18 8:13 UTC (permalink / raw)
To: Thomas Bartschies; +Cc: davem, herbert, kuba, pabeni, netdev, linux-kernel
On Wed, May 18, 2022 at 08:32:18AM +0200, Thomas Bartschies wrote:
> Since the recent introduction supporting the SM3 and SM4 hash algos for IPsec, the kernel
> produces invalid pfkey acquire messages, when these encryption modules are disabled. This
> happens because the availability of the algos wasn't checked in all necessary functions.
> This patch adds these checks.
>
> Signed-off-by: Thomas Bartschies <thomas.bartschies@cvk.de>
Applied, thanks!
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Patch] net: af_key: check encryption module availability consistency
@ 2022-05-18 6:32 Thomas Bartschies
2022-05-18 8:13 ` Steffen Klassert
2022-05-18 12:00 ` patchwork-bot+netdevbpf
0 siblings, 2 replies; 5+ messages in thread
From: Thomas Bartschies @ 2022-05-18 6:32 UTC (permalink / raw)
To: davem; +Cc: steffen.klassert, herbert, kuba, pabeni, netdev, linux-kernel
Since the recent introduction supporting the SM3 and SM4 hash algos for IPsec, the kernel
produces invalid pfkey acquire messages, when these encryption modules are disabled. This
happens because the availability of the algos wasn't checked in all necessary functions.
This patch adds these checks.
Signed-off-by: Thomas Bartschies <thomas.bartschies@cvk.de>
diff -uprN a/net/key/af_key.c b/net/key/af_key.c
--- a/net/key/af_key.c 2022-05-09 09:16:33.000000000 +0200
+++ b/net/key/af_key.c 2022-05-13 13:51:58.286250337 +0200
@@ -2898,7 +2898,7 @@ static int count_ah_combs(const struct x
break;
if (!aalg->pfkey_supported)
continue;
- if (aalg_tmpl_set(t, aalg))
+ if (aalg_tmpl_set(t, aalg) && aalg->available)
sz += sizeof(struct sadb_comb);
}
return sz + sizeof(struct sadb_prop);
@@ -2916,7 +2916,7 @@ static int count_esp_combs(const struct
if (!ealg->pfkey_supported)
continue;
- if (!(ealg_tmpl_set(t, ealg)))
+ if (!(ealg_tmpl_set(t, ealg) && ealg->available))
continue;
for (k = 1; ; k++) {
@@ -2927,7 +2927,7 @@ static int count_esp_combs(const struct
if (!aalg->pfkey_supported)
continue;
- if (aalg_tmpl_set(t, aalg))
+ if (aalg_tmpl_set(t, aalg) && aalg->available)
sz += sizeof(struct sadb_comb);
}
}
^ permalink raw reply [flat|nested] 5+ messages in thread
* [Patch] net: af_key: check encryption module availability consistency
@ 2022-05-16 12:38 Thomas Bartschies
0 siblings, 0 replies; 5+ messages in thread
From: Thomas Bartschies @ 2022-05-16 12:38 UTC (permalink / raw)
Since the recent introduction supporting the SM3 and SM4 hash algos for IPsec, the kernel
produces invalid pfkey acquire messages, when these encryption modules are disabled. This
happens because the availability of the algos wasn't checked in all necessary functions.
This patch adds these checks.
Signed-off-by: Thomas Bartschies <thomas.bartschies@cvk.de>
diff -uprN a/net/key/af_key.c b/net/key/af_key.c
--- a/net/key/af_key.c 2022-05-09 09:16:33.000000000 +0200
+++ b/net/key/af_key.c 2022-05-13 13:51:58.286250337 +0200
@@ -2898,7 +2898,7 @@ static int count_ah_combs(const struct x
break;
if (!aalg->pfkey_supported)
continue;
- if (aalg_tmpl_set(t, aalg))
+ if (aalg_tmpl_set(t, aalg) && aalg->available)
sz += sizeof(struct sadb_comb);
}
return sz + sizeof(struct sadb_prop);
@@ -2916,7 +2916,7 @@ static int count_esp_combs(const struct
if (!ealg->pfkey_supported)
continue;
- if (!(ealg_tmpl_set(t, ealg)))
+ if (!(ealg_tmpl_set(t, ealg) && ealg->available))
continue;
for (k = 1; ; k++) {
@@ -2927,7 +2927,7 @@ static int count_esp_combs(const struct
if (!aalg->pfkey_supported)
continue;
- if (aalg_tmpl_set(t, aalg))
+ if (aalg_tmpl_set(t, aalg) && aalg->available)
sz += sizeof(struct sadb_comb);
}
}
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-05-18 12:00 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-05-16 12:57 [Patch] net: af_key: check encryption module availability consistency Thomas Bartschies
-- strict thread matches above, loose matches on Subject: below --
2022-05-18 6:32 Thomas Bartschies
2022-05-18 8:13 ` Steffen Klassert
2022-05-18 12:00 ` patchwork-bot+netdevbpf
2022-05-16 12:38 Thomas Bartschies
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).