OpenE2K/linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cc01572e2f
linux/net/xfrm
History
Yossi Kuperman cc01572e2f xfrm: Add SA to hardware at the end of xfrm_state_construct() 
Current code configures the hardware with a new SA before the state has been
fully initialized. During this time interval, an incoming ESP packet can cause
a crash due to a NULL dereference. More specifically, xfrm_input() considers
the packet as valid, and yet, anti-replay mechanism is not initialized.

Move hardware configuration to the end of xfrm_state_construct(), and mark
the state as valid once the SA is fully initialized.

Fixes: d77e38e612 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: Aviad Yehezkel <aviadye@mellnaox.com>
Signed-off-by: Aviv Heller <avivh@mellanox.com>
Signed-off-by: Yossi Kuperman <yossiku@mellanox.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2018-01-18 11:09:29 +01:00
..
Kconfig Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2017-02-16 21:25:49 -05:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_algo.c xfrm: use IS_ENABLED() instead of checking for built-in or module 2016-09-10 21:19:11 -07:00
xfrm_device.c xfrm: Fix negative device refcount on offload failure. 2017-09-11 10:36:51 +02:00
xfrm_hash.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_hash.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_input.c xfrm: Use __skb_queue_tail in xfrm_trans_queue 2018-01-05 09:33:14 +01:00
xfrm_ipcomp.c
xfrm_output.c xfrm: Fix GSO for IPsec with GRE tunnel. 2017-10-31 09:20:35 +01:00
xfrm_policy.c xfrm: Fix a race in the xdst pcpu cache. 2018-01-10 12:14:28 +01:00
xfrm_proc.c proc: Reduce cache miss in xfrm_statistics_seq_show 2016-09-30 01:50:45 -04:00
xfrm_replay.c xfrm: Add xfrm_replay_overflow functions for offloading 2017-04-14 10:07:01 +02:00
xfrm_state.c xfrm: Add SA to hardware at the end of xfrm_state_construct() 2018-01-18 11:09:29 +01:00
xfrm_sysctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_user.c xfrm: Add SA to hardware at the end of xfrm_state_construct() 2018-01-18 11:09:29 +01:00