iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7c76ecd9c9
linux/include/uapi
History
Leon Romanovsky 7c76ecd9c9 xfrm: enforce validity of offload input flags 
struct xfrm_user_offload has flags variable that received user input,
but kernel didn't check if valid bits were provided. It caused a situation
where not sanitized input was forwarded directly to the drivers.

For example, XFRM_OFFLOAD_IPV6 define that was exposed, was used by
strongswan, but not implemented in the kernel at all.

As a solution, check and sanitize input flags to forward
XFRM_OFFLOAD_INBOUND to the drivers.

Fixes: d77e38e612 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2022-02-09 09:00:40 +01:00
..
asm-generic mm/mempolicy: wire up syscall set_mempolicy_home_node 2022-01-15 16:30:30 +02:00
drm Merge tag 'amd-drm-next-5.17-2021-12-16' of https://gitlab.freedesktop.org/agd5f/linux into drm-next 2021-12-23 11:55:28 +10:00
linux xfrm: enforce validity of offload input flags 2022-02-09 09:00:40 +01:00
misc habanalabs: change wait_for_interrupt implementation 2021-12-26 08:59:09 +02:00
mtd mtd: add OTP (one-time-programmable) erase ioctl 2021-03-28 19:24:54 +02:00
rdma RDMA v5.17 merge window pull request 2022-01-13 11:09:11 -08:00
scsi scsi: fc: Add EDC ELS definition 2021-08-24 22:56:33 -04:00
sound ASoC: Updates for v5.17 2022-01-05 15:39:24 +01:00
video
xen
Kbuild