microsoft
/
WSL2-Linux-Kernel
зеркало из https://github.com/microsoft/WSL2-Linux-Kernel.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
WSL2-Linux-Kernel/net/xfrm
История
Benedict Wong 133c78bc67 xfrm: Check if_id in inbound policy/secpath match 
[ Upstream commit 8680407b6f ]

This change ensures that if configured in the policy, the if_id set in
the policy and secpath states match during the inbound policy check.
Without this, there is potential for ambiguity where entries in the
secpath differing by only the if_id could be mismatched.

Notably, this is checked in the outbound direction when resolving
templates to SAs, but not on the inbound path when matching SAs and
policies.

Test: Tested against Android kernel unit tests & CTS
Signed-off-by: Benedict Wong <benedictwong@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-06-09 10:32:22 +02:00
..
Kconfig xfrm/compat: Add 32=>64-bit messages translator 2020-09-24 08:53:03 +02:00
Makefile xfrm: Provide API to register translator module 2020-09-24 08:53:03 +02:00
espintcp.c net: Fix data-races around netdev_max_backlog. 2022-08-31 17:16:42 +02:00
xfrm_algo.c crypto: skcipher - remove the "blkcipher" algorithm type 2019-11-01 13:38:32 +08:00
xfrm_compat.c xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() 2023-02-14 19:17:58 +01:00
xfrm_device.c xfrm: replay: Fix ESN wrap around for GSO 2022-12-02 17:41:02 +01:00
xfrm_hash.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
xfrm_hash.h xfrm: add state hashtable keyed by seq 2021-05-14 13:52:01 +02:00
xfrm_inout.h xfrm: move xfrm4_extract_header to common helper 2020-05-06 09:40:08 +02:00
xfrm_input.c xfrm: fix bug with DSCP copy to v6 from v4 tunnel 2023-02-14 19:17:58 +01:00
xfrm_interface.c Revert "Fix XFRM-I support for nested ESP tunnels" 2023-05-24 17:36:48 +01:00
xfrm_ipcomp.c xfrm: Update ipcomp_scratches with NULL when freed 2022-10-26 12:35:34 +02:00
xfrm_output.c net/xfrm: IPsec tunnel mode fix inner_ipproto setting in sec_path 2022-01-27 11:03:49 +01:00
xfrm_policy.c xfrm: Check if_id in inbound policy/secpath match 2023-06-09 10:32:22 +02:00
xfrm_proc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
xfrm_replay.c xfrm: replay: Fix ESN wrap around for GSO 2022-12-02 17:41:02 +01:00
xfrm_state.c xfrm: Allow transport-mode states with AF_UNSPEC selector 2023-03-22 13:31:22 +01:00
xfrm_sysctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_user.c xfrm: Zero padding when dumping algos and encap 2023-04-05 11:24:52 +02:00