public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-05 16:54:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/ipv6
History
Sabrina Dubroca 17175d1a27 xfrm: esp6: fix encapsulation header offset computation 
In commit 0146dca70b, I incorrectly adapted the code that computes
the location of the UDP or TCP encapsulation header from IPv4 to
IPv6. In esp6_input_done2, skb->transport_header points to the ESP
header, so by adding skb_network_header_len, uh and th will point to
the ESP header, not the encapsulation header that's in front of it.

Since the TCP header's size can change with options, we have to start
from the IPv6 header and walk past possible extensions.

Fixes: 0146dca70b ("xfrm: add support for UDPv6 encapsulation of ESP")
Fixes: 26333c37fc ("xfrm: add IPv6 support for espintcp")
Reported-by: Tobias Brunner <tobias@strongswan.org>
Tested-by: Tobias Brunner <tobias@strongswan.org>
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2020-07-07 08:19:46 +02:00
..
ila net: Add MODULE_DESCRIPTION entries to network modules 2020-06-20 21:33:57 -07:00
netfilter treewide: replace '---help---' in Kconfig files with 'help' 2020-06-14 01:57:21 +09:00
addrconf.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-06-03 16:27:18 -07:00
addrconf_core.c net: ipv6: new arg skip_notify to ip6_rt_del 2020-04-28 12:50:37 -07:00
addrlabel.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
af_inet6.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2020-05-29 13:02:33 -07:00
ah6.c xfrm: add support for UDPv6 encapsulation of ESP 2020-04-28 11:28:36 +02:00
anycast.c net: ipv6: new arg skip_notify to ip6_rt_del 2020-04-28 12:50:37 -07:00
calipso.c netlabel: cope with NULL catmap 2020-05-12 18:12:40 -07:00
datagram.c net: ipv6: add net argument to ip6_dst_lookup_flow 2019-12-04 12:27:12 -08:00
esp6.c xfrm: esp6: fix encapsulation header offset computation 2020-07-07 08:19:46 +02:00
esp6_offload.c net: Add MODULE_DESCRIPTION entries to network modules 2020-06-20 21:33:57 -07:00
exthdrs.c net: ipv6: add support for rpl sr exthdr 2020-03-29 22:30:57 -07:00
exthdrs_core.c ipv6: remove printk 2019-07-27 14:23:48 -07:00
exthdrs_offload.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
fib6_notifier.c net: fib_notifier: propagate extack down to the notifier block callback 2019-10-04 11:10:56 -07:00
fib6_rules.c net: fib_notifier: propagate extack down to the notifier block callback 2019-10-04 11:10:56 -07:00
fou6.c net: Add MODULE_DESCRIPTION entries to network modules 2020-06-20 21:33:57 -07:00
icmp.c net: icmp6: do not select saddr from iif when route has prefsrc set 2020-04-07 18:25:10 -07:00
inet6_connection_sock.c net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2019-12-24 22:28:54 -08:00
inet6_hashtables.c net: annotate accesses to sk->sk_incoming_cpu 2019-10-30 13:24:25 -07:00
ip6_checksum.c
ip6_fib.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-05-24 13:47:27 -07:00
ip6_flowlabel.c proc: proc_pid_ns takes super_block as an argument 2020-05-19 07:07:50 -05:00
ip6_gre.c ip6_gre: fix use-after-free in ip6gre_tunnel_lookup() 2020-06-18 20:12:33 -07:00
ip6_icmp.c icmp: introduce helper for nat'd source address in network device context 2020-02-13 14:19:00 -08:00
ip6_input.c bpf: Add socket assign support 2020-03-30 13:45:04 -07:00
ip6_offload.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ip6_offload.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ip6_output.c net: UDP tunnel encapsulation module for tunnelling different protocols like MPLS, IP, NSH etc. 2020-02-24 13:31:42 -08:00
ip6_tunnel.c ip6_tunnel: add generic MPLS receive support 2020-05-22 15:49:31 -07:00
ip6_udp_tunnel.c net: Make locking in sock_bindtoindex optional 2020-06-01 14:57:14 -07:00
ip6_vti.c xfrm: add support for UDPv6 encapsulation of ESP 2020-04-28 11:28:36 +02:00
ip6mr.c net: don't return invalid table id error when we fall back to PF_UNSPEC 2020-05-21 17:25:50 -07:00
ipcomp6.c xfrm: add support for UDPv6 encapsulation of ESP 2020-04-28 11:28:36 +02:00
ipv6_sockglue.c seg6: fix seg6_validate_srh() to avoid slab-out-of-bounds 2020-06-04 15:39:32 -07:00
Kconfig Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2020-06-19 13:03:47 -07:00
Makefile net: ipv6: add rpl sr tunnel 2020-03-29 22:30:57 -07:00
mcast.c mld: fix memory leak in ipv6_mc_destroy_dev() 2020-06-15 13:29:39 -07:00
mcast_snoop.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 343 2019-06-05 17:37:07 +02:00
mip6.c xfrm: remove type and offload_type map from xfrm_state_afinfo 2019-06-06 08:34:50 +02:00
ndisc.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2020-05-01 17:02:27 -07:00
netfilter.c net: ensure correct skb->tstamp in various fragmenters 2019-10-18 10:02:37 -07:00
output_core.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
ping.c ipv6: Fix the link time qualifier of 'ping_v6_proc_exit_net()' 2019-09-12 11:20:33 +01:00
proc.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-07 11:00:14 -07:00
protocol.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
raw.c ipv6: move SIOCADDRT and SIOCDELRT handling into ->compat_ioctl 2020-05-18 17:35:02 -07:00
reassembly.c inet: frags: re-introduce skb coalescing for local delivery 2019-08-08 15:55:10 -07:00
route.c nexthop: support for fdb ecmp nexthops 2020-05-22 14:00:38 -07:00
rpl.c ipv6: rpl: fix full address compression 2020-04-18 15:04:27 -07:00
rpl_iptunnel.c net: ipv6: rpl_iptunnel: remove redundant assignments to variable err 2020-04-02 06:57:34 -07:00
seg6.c seg6: fix seg6_validate_srh() to avoid slab-out-of-bounds 2020-06-04 15:39:32 -07:00
seg6_hmac.c crypto: lib/sha1 - remove unnecessary includes of linux/cryptohash.h 2020-05-08 15:32:17 +10:00
seg6_iptunnel.c seg6: fix seg6_validate_srh() to avoid slab-out-of-bounds 2020-06-04 15:39:32 -07:00
seg6_local.c seg6: fix seg6_validate_srh() to avoid slab-out-of-bounds 2020-06-04 15:39:32 -07:00
sit.c sit: impement ->ndo_tunnel_ctl 2020-05-19 15:45:12 -07:00
syncookies.c mptcp: handle tcp fallback when using syn cookies 2020-01-29 17:45:20 +01:00
sysctl_net_ipv6.c sysctl: pass kernel pointers to ->proc_handler 2020-04-27 02:07:40 -04:00
tcp_ipv6.c crypto/chtls: IPv6 support for inline TLS 2020-06-01 15:51:25 -07:00
tcpv6_offload.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tunnel6.c tunnel6: support for IPPROTO_MPLS 2020-05-22 15:49:30 -07:00
udp.c net: Track socket refcounts in skb_steal_sock() 2020-03-30 13:45:04 -07:00
udp_impl.h
udp_offload.c udp: Support UDP fraglist GRO/GSO. 2020-01-27 11:00:21 +01:00
udplite.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
xfrm6_input.c xfrm: state: remove extract_input indirection from xfrm_state_afinfo 2020-05-06 09:40:08 +02:00
xfrm6_output.c xfrm: remove output_finish indirection from xfrm_state_afinfo 2020-05-06 09:40:08 +02:00
xfrm6_policy.c net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2019-12-24 22:28:54 -08:00
xfrm6_protocol.c xfrm: add support for UDPv6 encapsulation of ESP 2020-04-28 11:28:36 +02:00
xfrm6_state.c xfrm: remove output_finish indirection from xfrm_state_afinfo 2020-05-06 09:40:08 +02:00
xfrm6_tunnel.c ipv6: xfrm6_tunnel.c: Use built-in RCU list checking 2020-02-27 10:17:41 +01:00