Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-06 05:02:31 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
304b44f0d5
linux-next/net/ipv6
History
Antony Antony 304b44f0d5 xfrm: Add dir validation to "in" data path lookup 
Introduces validation for the x->dir attribute within the XFRM input
data lookup path. If the configured direction does not match the
expected direction, input, increment the XfrmInStateDirError counter
and drop the packet to ensure data integrity and correct flow handling.

grep -vw 0 /proc/net/xfrm_stat
XfrmInStateDirError     	1

Signed-off-by: Antony Antony <antony.antony@secunet.com>
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2024-05-01 10:06:27 +02:00
..
ila ila: Remove unnecessary file net/ila.h 2023-08-02 12:28:16 -07:00
netfilter netfilter: validate user input for expected length 2024-04-04 09:39:52 -07:00
addrconf_core.c ipv6: Ensure natural alignment of const ipv6 loopback and router addresses 2024-01-30 12:43:18 +01:00
addrconf.c ip_tunnel: use a separate struct to store tunnel params in the kernel 2024-04-01 10:49:28 +01:00
addrlabel.c ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network 2022-11-07 12:26:15 +00:00
af_inet6.c net: introduce include/net/rps.h 2024-03-07 21:12:43 -08:00
ah6.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
anycast.c ipv6: anycast: complete RCU handling of struct ifacaddr6 2024-02-26 18:40:34 -08:00
calipso.c netlabel: remove impossible return value in netlbl_bitmap_walk 2024-02-28 19:37:34 -08:00
datagram.c ipv6: annotate data-races around np->ucast_oif 2023-12-11 10:59:17 +00:00
esp6_offload.c xfrm: Support GRO for IPv6 ESP in UDP encapsulation 2023-10-06 07:31:14 +02:00
esp6.c udpencap: Remove Obsolete UDP_ENCAP_ESPINUDP_NON_IKE Support 2024-04-18 11:38:23 +02:00
exthdrs_core.c ipv6: Fix out-of-bounds access in ipv6_find_tlv() 2023-05-24 08:43:39 +01:00
exthdrs_offload.c net: gso: add HBH extension header offload support 2024-01-05 08:11:49 -08:00
exthdrs.c net: ipv6: exthdrs: get rid of ipv6_skb_net() 2024-03-11 15:15:08 -07:00
fib6_notifier.c net: fib_notifier: propagate extack down to the notifier block callback 2019-10-04 11:10:56 -07:00
fib6_rules.c ipv6: fib6_rules: flush route cache when rule is changed 2024-03-08 10:10:35 +00:00
fou6.c net: Add MODULE_DESCRIPTION entries to network modules 2020-06-20 21:33:57 -07:00
icmp.c ipv6: annotate data-races around np->ucast_oif 2023-12-11 10:59:17 +00:00
inet6_connection_sock.c net: implement lockless SO_PRIORITY 2023-10-01 19:09:54 +01:00
inet6_hashtables.c ipv6: move tcp_ipv6_hash_secret and udp_ipv6_hash_secret to net_hotdata 2024-03-07 21:12:43 -08:00
ioam6_iptunnel.c netlink: make range pointers in policies const 2023-10-26 16:24:09 -07:00
ioam6.c ipv6/addrconf: annotate data-races around devconf fields (II) 2024-03-01 08:42:33 +00:00
ip6_checksum.c net: udp: fix handling of CHECKSUM_COMPLETE packets 2018-10-24 14:18:16 -07:00
ip6_fib.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-04 18:01:07 -07:00
ip6_flowlabel.c ipv6: move np->repflow to atomic flags 2023-09-15 10:33:48 +01:00
ip6_gre.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-04 18:01:07 -07:00
ip6_icmp.c net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending 2021-02-23 11:29:52 -08:00
ip6_input.c ipv6/addrconf: annotate data-races around devconf fields (II) 2024-03-01 08:42:33 +00:00
ip6_offload.c net: move ip_packet_offload and ipv6_packet_offload to net_hotdata 2024-03-07 21:12:42 -08:00
ip6_offload.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ip6_output.c Revert "net: Re-use and set mono_delivery_time bit for userspace tstamp packets" 2024-03-18 12:29:53 +00:00
ip6_tunnel.c ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
ip6_udp_tunnel.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
ip6_vti.c net: add netdev_lockdep_set_classes() to virtual drivers 2024-02-13 18:45:06 -08:00
ip6mr.c inet: allow ip_valid_fib_dump_req() to be called with RTNL or RCU 2024-02-26 11:46:12 +00:00
ipcomp6.c xfrm: ipcomp: add extack to ipcomp{4,6}_init_state 2022-09-29 07:18:00 +02:00
ipv6_sockglue.c inet: Add getsockopt support for IP_ROUTER_ALERT and IPV6_ROUTER_ALERT 2024-03-06 12:37:06 +00:00
Kconfig ipv6: fix indentation of a config attribute 2023-08-16 10:03:08 +01:00
Makefile net/tcp: Introduce TCP_AO setsockopt()s 2023-10-27 10:35:44 +01:00
mcast_snoop.c net: bridge: mcast: fix broken length + header check for MRDv6 Adv. 2021-04-27 14:02:06 -07:00
mcast.c ipv6/addrconf: annotate data-races around devconf fields (II) 2024-03-01 08:42:33 +00:00
mip6.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
ndisc.c ipv6/addrconf: annotate data-races around devconf fields (II) 2024-03-01 08:42:33 +00:00
netfilter.c xfrm: pass struct net to xfrm_decode_session wrappers 2023-10-06 08:31:53 +02:00
output_core.c ipv6: annotate data-races around cnf.hop_limit 2024-03-01 08:42:31 +00:00
ping.c ipv6: annotate data-races around np->ucast_oif 2023-12-11 10:59:17 +00:00
proc.c net: fix IPSTATS_MIB_OUTPKGS increment in OutForwDatagrams. 2023-10-20 12:01:00 +01:00
protocol.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
raw.c Revert "net: Re-use and set mono_delivery_time bit for userspace tstamp packets" 2024-03-18 12:29:53 +00:00
reassembly.c net: adopt skb_network_offset() and similar helpers 2024-03-04 08:47:06 +00:00
route.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-03-07 10:29:36 -08:00
rpl_iptunnel.c ipv6: rpl: Remove redundant skb_dst_drop(). 2023-07-12 17:12:29 -07:00
rpl.c ipv6: rpl: Remove pskb(_may)?_pull() in ipv6_rpl_srh_rcv(). 2023-06-19 11:32:58 -07:00
seg6_hmac.c ipv6/addrconf: annotate data-races around devconf fields (II) 2024-03-01 08:42:33 +00:00
seg6_iptunnel.c seg6: Cleanup duplicates of skb_dst_drop calls 2023-05-17 09:05:47 +01:00
seg6_local.c seg6: add NEXT-C-SID support for SRv6 End.X behavior 2023-08-15 18:51:47 -07:00
seg6.c ipv6: sr: fix possible use-after-free and null-ptr-deref 2024-02-20 10:17:14 +01:00
sit.c ip_tunnel: convert __be16 tunnel flags to bitmaps 2024-04-01 10:49:28 +01:00
syncookies.c tcp: annotate data-races around tp->window_clamp 2024-04-05 22:32:37 -07:00
sysctl_net_ipv6.c networking: Update to register_net_sysctl_sz 2023-08-15 15:26:18 -07:00
tcp_ao.c net/tcp: Wire up l3index to TCP-AO 2023-10-27 10:35:46 +01:00
tcp_ipv6.c trace: tcp: fully support trace_tcp_send_reset 2024-04-03 19:26:14 -07:00
tcpv6_offload.c net: move tcpv4_offload and tcpv6_offload to net_hotdata 2024-03-07 21:12:42 -08:00
tunnel6.c net: fill in MODULE_DESCRIPTION()s for ipv6 modules 2024-02-09 14:12:01 -08:00
udp_impl.h tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). 2022-10-12 17:50:37 -07:00
udp_offload.c udp: do not transition UDP GRO fraglist partial checksums to unnecessary 2024-03-29 11:30:44 +00:00
udp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-04-04 18:01:07 -07:00
udplite.c udplite: remove UDPLITE_BIT 2023-09-14 16:16:36 +02:00
xfrm6_input.c xfrm: Add dir validation to "in" data path lookup 2024-05-01 10:06:27 +02:00
xfrm6_output.c ipv6: drop feature RTAX_FEATURE_ALLFRAG 2023-10-25 18:04:29 -07:00
xfrm6_policy.c ipsec-2023-10-17 2023-10-17 18:21:13 -07:00
xfrm6_protocol.c xfrm: add support for UDPv6 encapsulation of ESP 2020-04-28 11:28:36 +02:00
xfrm6_state.c xfrm: remove output_finish indirection from xfrm_state_afinfo 2020-05-06 09:40:08 +02:00
xfrm6_tunnel.c ipsec-next-2024-03-06 2024-03-08 10:56:05 +00:00