iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/net
History
Mathias Krause 38e6f8d468 xfrm_user: propagate sec ctx allocation errors 
commit 2f30ea5090cbc57ea573cdc66421264b3de3fb0a upstream.

When we fail to attach the security context in xfrm_state_construct()
we'll return 0 as error value which, in turn, will wrongly claim success
to userland when, in fact, we won't be adding / updating the XFRM state.

This is a regression introduced by commit fd21150a0fe1 ("[XFRM] netlink:
Inline attach_encap_tmpl(), attach_sec_ctx(), and attach_one_addr()").

Fix it by propagating the error returned by security_xfrm_state_alloc()
in this case.

Fixes: fd21150a0fe1 ("[XFRM] netlink: Inline attach_encap_tmpl()...")
Signed-off-by: Mathias Krause <minipli@googlemail.com>
Cc: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-05-10 10:26:04 +02:00
..
6lowpan
6lowpan: Off by one handling ->nexthdr
2020-01-29 10:21:42 +01:00
9p
9p/virtio: Add cleanup path in p9_virtio_init
2019-08-04 09:34:51 +02:00
802
8021q
vlan: fix memory leak in vlan_dev_set_egress_priority
2020-01-12 11:22:52 +01:00
appletalk
appletalk: Set error code if register_snap_client failed
2019-12-21 10:35:03 +01:00
atm
net: atm: Fix potential Spectre v1 vulnerabilities
2019-04-27 09:33:59 +02:00
ax25
ax25: enforce CAP_NET_RAW for raw sockets
2019-10-05 12:27:43 +02:00
batman-adv
batman-adv: replace WARN with rate limited output on non-existing VLAN
2020-05-10 10:26:02 +02:00
bluetooth
Bluetooth: RFCOMM: fix ODEBUG bug in rfcomm_dev_ioctl
2020-04-13 10:31:34 +02:00
bridge
netfilter: ebtables: CONFIG_COMPAT: reject trailing data after last rule
2020-01-29 10:21:43 +01:00
caif
net: caif: Add a missing rcu_read_unlock() in caif_flow_cb
2018-09-05 09:18:34 +02:00
can
can: purge socket error queue on sock destruct
2019-07-10 09:56:33 +02:00
ceph
libceph: handle an empty authorize reply
2019-03-23 08:44:18 +01:00
core
GRE: Disable segmentation offloads w/ CSUM and we are encapsulated via FOU
2020-05-10 10:25:53 +02:00
dcb
net: dcb: For wild-card lookups, use priority -1, not 0
2018-09-19 22:48:58 +02:00
dccp
dccp: limit sk_filter trim to payload
2020-05-10 10:25:51 +02:00
decnet
decnet: fix DN_IFREQ_SIZE
2019-12-05 15:27:07 +01:00
dns_resolver
KEYS: DNS: fix parsing multiple options
2018-07-22 14:25:54 +02:00
dsa
net: dsa: Fix duplicate frames flooded by learning
2020-04-02 19:02:32 +02:00
ethernet
net: add annotations on hh->hh_len lockless accesses
2020-01-12 11:22:45 +01:00
hsr
hsr: set .netnsok flag
2020-04-02 19:02:34 +02:00
ieee802154
nl802154: add missing attribute validation for dev_type
2020-03-20 09:06:19 +01:00
ipv4
tcp: do not set rtt_min to 1
2020-05-10 10:26:01 +02:00
ipv6
net/xfrm_input: fix possible NULL deref of tunnel.ip6->parms.i_key
2020-05-10 10:26:04 +02:00
ipx
ipx: call ipxitf_put() in ioctl error path
2017-05-25 14:30:13 +02:00
irda
irda: Free skb on irda_accept error path.
2020-05-10 10:25:58 +02:00
iucv
net/af_iucv: always register net_device notifier
2020-01-29 10:21:45 +01:00
key
xfrm: clean up xfrm protocol checks
2019-09-16 08:13:35 +02:00
l2tp
l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall()
2020-04-13 10:31:28 +02:00
l3mdev
net: Add netif_is_l3_slave
2015-10-07 04:27:43 -07:00
lapb
lapb: fixed leak of control-blocks.
2019-06-22 08:18:25 +02:00
llc
llc: fix sk_buff refcounting in llc_conn_state_process()
2020-01-29 10:21:49 +01:00
mac80211
mac80211: mark station unauthorized before key removal
2020-04-02 19:02:36 +02:00
mac802154
net: mac802154: tx: expand tailroom if necessary
2018-09-09 20:04:32 +02:00
mpls
mpls, nospec: Sanitize array index in mpls_label_ok()
2018-03-11 16:19:47 +01:00
netfilter
netfilter: nfnetlink: use original skbuff when acking batches
2020-05-10 10:25:50 +02:00
netlabel
netlabel: check for IPV4MASK in addrinfo_get
2018-10-20 09:52:36 +02:00
netlink
net: netlink: cap max groups which will be considered in netlink_bind()
2020-03-11 07:51:14 +01:00
netrom
net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node
2020-05-02 17:20:33 +02:00
nfc
nfc: add missing attribute validation for vendor subcommand
2020-03-20 09:06:20 +01:00
openvswitch
openvswitch: remove another BUG_ON()
2019-12-05 15:27:15 +01:00
packet
packet: fix data-race in fanout_flow_is_huge()
2020-01-29 10:21:50 +01:00
phonet
phonet: fix building with clang
2019-03-23 08:44:34 +01:00
rds
RDS:TCP: Synchronize rds_tcp_accept_one with rds_send_xmit when resetting t_sock
2020-05-10 10:26:01 +02:00
rfkill
rfkill: Fix incorrect check to avoid NULL pointer dereference
2020-01-12 11:22:49 +01:00
rose
net: rose: fix a possible stack overflow
2019-04-03 06:23:25 +02:00
rxrpc
rxrpc: check return value of skb_to_sgvec always
2018-04-13 19:50:23 +02:00
sched
sch_tbf: update backlog as well
2020-05-10 10:25:58 +02:00
sctp
sctp: use right member as the param of list_for_each_entry
2020-05-02 17:20:51 +02:00
sunrpc
xprtrdma: rpcrdma_bc_receive_call() should init rq_private_buf.len
2020-05-10 10:26:00 +02:00
switchdev
switchdev: pass pointer to fib_info instead of copy
2016-06-24 10:18:16 -07:00
tipc
tipc: set sysctl_tipc_rmem and named_timeout right range
2020-01-29 10:21:42 +01:00
unix
net: fix warning in af_unix
2019-11-28 18:25:43 +01:00
vmw_vsock
VSOCK: bind to random port for VMADDR_PORT_ANY
2019-12-05 15:26:49 +01:00
wimax
net:wimax: Fix doucble word "the the" in networking.xml
2015-08-09 22:43:52 -07:00
wireless
nl80211: add missing attribute validation for channel switch
2020-03-20 09:06:23 +01:00
x25
net/x25: Fix x25_neigh refcnt leak when receiving frame
2020-05-02 17:20:33 +02:00
xfrm
xfrm_user: propagate sec ctx allocation errors
2020-05-10 10:26:04 +02:00
compat.c
sock: Make sock->sk_stamp thread-safe
2019-01-13 10:05:28 +01:00
Kconfig
Make DST_CACHE a silent config option
2018-02-25 11:03:37 +01:00
Makefile
net: Introduce L3 Master device abstraction
2015-09-29 20:40:32 -07:00
socket.c
compat_ioctl: handle SIOCOUTQNSD
2020-01-23 08:18:37 +01:00
sysctl_net.c
net: Use ns_capable_noaudit() when determining net sysctl permissions
2016-09-15 08:27:50 +02:00