OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
876fbba1db
linux/net
History
Steffen Klassert bcf66bf54a xfrm: Perform a replay check after return from async codepaths 
When asyncronous crypto algorithms are used, there might be many
packets that passed the xfrm replay check, but the replay advance
function is not called yet for these packets. So the replay check
function would accept a replay of all of these packets. Also the
system might crash if there are more packets in async processing
than the size of the anti replay window, because the replay advance
function would try to update the replay window beyond the bounds.

This pach adds a second replay check after resuming from the async
processing to fix these issues.

Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemloft.net>
2011-09-21 15:20:57 -04:00
..
9p net/9p: Fix kernel crash with msize 512K 2011-09-06 08:17:15 -05:00
802
8021q vlan: reset headers on accel emulation path 2011-08-18 21:29:27 -07:00
appletalk
atm atm: br2684: Fix oops due to skb->dev being NULL 2011-08-20 14:13:05 -07:00
ax25
batman-adv
bluetooth Bluetooth: Fix timeout on scanning for the second time 2011-09-15 11:54:05 -03:00
bridge Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6 2011-08-30 17:43:56 -04:00
caif caif: fix a potential NULL dereference 2011-09-16 17:40:34 -04:00
can net/can/af_can.c: Change del_timer to del_timer_sync 2011-09-15 14:49:43 -04:00
ceph Merge branch 'for-linus' of git://ceph.newdream.net/git/ceph-client 2011-09-09 15:48:34 -07:00
core fib:fix BUG_ON in fib_nl_newrule when add new fib rule 2011-09-21 15:16:40 -04:00
dcb
dccp net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
decnet
dns_resolver
dsa
econet
ethernet net: don't clear IFF_XMIT_DST_RELEASE in ether_setup 2011-09-15 14:49:44 -04:00
ieee802154
ipv4 tcp: fix validation of D-SACK 2011-09-18 22:37:34 -04:00
ipv6 ipv6: fix a possible double free 2011-09-20 15:10:16 -04:00
ipx
irda IRDA: Fix global type conflicts in net/irda/irsysctl.c v2 2011-09-16 19:17:09 -04:00
iucv
key
l2tp
lapb
llc
mac80211 mac80211: fix missing sta_lock in __sta_info_destroy 2011-09-13 14:18:38 -04:00
netfilter Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6 2011-08-30 17:43:56 -04:00
netlabel net/netlabel/netlabel_kapi.c: add missing cleanup code 2011-08-11 05:52:57 -07:00
netlink
netrom
nfc
packet
phonet
rds
rfkill
rose
rxrpc
sched pkt_sched: cls_rsvp.h was outdated 2011-09-15 14:49:43 -04:00
sctp sctp: deal with multiple COOKIE_ECHO chunks 2011-09-16 17:17:22 -04:00
sunrpc
tipc
unix
wanrouter
wimax
wireless wireless: Fix rate mask for scan request 2011-09-16 15:32:11 -04:00
x25
xfrm xfrm: Perform a replay check after return from async codepaths 2011-09-21 15:20:57 -04:00
compat.c
Kconfig
Makefile
nonet.c
socket.c sendmmsg/sendmsg: fix unsafe user pointer access 2011-08-24 19:45:03 -07:00
sysctl_net.c