android/android_kernel_samsung_sm8650
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
81509f85f3
android_kernel_samsung_sm8650/net
History
Benedict Wong 952048f512 FROMGIT: xfrm: Check if_id in inbound policy/secpath match 
This change ensures that if configured in the policy, the if_id set in
the policy and secpath states match during the inbound policy check.
Without this, there is potential for ambiguity where entries in the
secpath differing by only the if_id could be mismatched.

Notably, this is checked in the outbound direction when resolving
templates to SAs, but not on the inbound path when matching SAs and
policies.

Test: Tested against Android kernel unit tests & CTS
Signed-off-by: Benedict Wong <benedictwong@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

Bug: 279217934
(cherry picked from commit 8680407b6f8f5fba59e8f1d63c869abc280f04df
 https://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec.git master)
Change-Id: Ibb97561eaf1a99b7ad239d4d4860bfe5b0ac20ea
Signed-off-by: Carlos Llamas <cmllamas@google.com>
2023-05-12 16:23:38 +00:00
..
6lowpan
9p 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition 2023-04-20 12:35:08 +02:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2022-12-31 13:33:02 +01:00
8021q net: gro: skb_gro_header helper function 2022-08-25 10:33:21 +02:00
appletalk
atm net/atm: fix proc_mpc_write incorrect return value 2022-10-15 11:08:36 +01:00
ax25
batman-adv ANDROID: always add the struct wireless_dev * to struct net_device 2023-05-12 15:37:37 +00:00
bluetooth Bluetooth: Set ISO Data Path on broadcast sink 2023-04-20 12:35:09 +02:00
bpf Revert "bpf, test_run: fix &xdp_frame misplacement for LIVE_FRAMES" 2023-03-17 08:50:32 +01:00
bpfilter
bridge net: bridge: switchdev: don't notify FDB entries with "master dynamic" 2023-04-26 14:28:35 +02:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-17 08:50:24 +01:00
can can: isotp: isotp_recvmsg(): use sock_recv_cmsgs() to get SOCK_RXQ_OVFL infos 2023-04-13 16:55:33 +02:00
ceph use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
core ANDROID: always add the struct wireless_dev * to struct net_device 2023-05-12 15:37:37 +00:00
dcb
dccp dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. 2023-02-22 12:59:52 +01:00
dns_resolver
dsa net: dsa: tag_brcm: legacy: fix daisy-chained switches 2023-03-30 12:49:09 +02:00
ethernet net: gro: skb_gro_header helper function 2022-08-25 10:33:21 +02:00
ethtool ethtool: reset #lanes when lanes is omitted 2023-04-13 16:55:24 +02:00
hsr hsr: ratelimit only when errors are printed 2023-04-06 12:10:58 +02:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-10-07 09:29:17 +02:00
ife
ipv4 Revert "Revert "raw: Fix NULL deref in raw_get_next()."" 2023-05-11 05:22:29 +00:00
ipv6 Revert "Revert "raw: Fix NULL deref in raw_get_next()."" 2023-05-11 05:22:29 +00:00
iucv net/iucv: Fix size of interrupt data 2023-03-22 13:33:50 +01:00
kcm kcm: close race conditions on sk_receive_queue 2022-11-15 12:42:26 +01:00
key xfrm: Fix oops in __xfrm_state_delete() 2022-11-22 07:14:55 +01:00
l2tp l2tp: generate correct module alias strings 2023-04-13 16:55:20 +02:00
l3mdev
lapb
llc
mac80211 Merge 6.1.24 into android14-6.1 2023-04-22 08:52:25 +00:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-05 09:53:08 +01:00
mctp net: mctp: purge receive queues on sk destruction 2023-02-06 08:06:34 +01:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-22 12:59:53 +01:00
mptcp mptcp: stricter state check in mptcp_worker 2023-04-20 12:35:13 +02:00
ncsi genetlink: start to validate reserved header bytes 2022-08-29 12:47:15 +01:00
netfilter Merge 55fba69fbf ("rust: kernel: Mark rust_fmt_argument as extern "C"") into android14-6.1 2023-05-09 03:32:41 +00:00
netlabel genetlink: start to validate reserved header bytes 2022-08-29 12:47:15 +01:00
netlink netlink: annotate lockless accesses to nlk->max_recvmsg_len 2023-04-13 16:55:24 +02:00
netrom netrom: Fix use-after-free caused by accept on already connected socket 2023-02-09 11:28:06 +01:00
nfc nfc: change order inside nfc_se_io error path 2023-03-17 08:50:17 +01:00
nsh
openvswitch net: openvswitch: fix race on port output 2023-04-20 12:35:09 +02:00
packet packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE 2022-11-29 08:30:18 -08:00
phonet
psample genetlink: start to validate reserved header bytes 2022-08-29 12:47:15 +01:00
qrtr net: qrtr: Fix an uninit variable access bug in qrtr_tx_resume() 2023-04-20 12:35:09 +02:00
rds rds: rds_rm_zerocopy_callback() correct order for list_add_tail() 2023-03-10 09:33:02 +01:00
rfkill
rose net/rose: Fix to not accept on connected socket 2023-02-22 12:59:42 +01:00
rxrpc rxrpc: Fix missing unlock in rxrpc_do_sendmsg() 2022-12-31 13:32:55 +01:00
sched net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg 2023-04-26 14:28:32 +02:00
sctp sctp: fix a potential overflow in sctp_ifwdtsn_skip 2023-04-20 12:35:09 +02:00
smc net/smc: fix deadlock triggered by cancel_delayed_work_syn() 2023-03-22 13:33:47 +01:00
strparser
sunrpc sunrpc: only free unix grouplist after RCU settles 2023-04-13 16:55:23 +02:00
switchdev
tipc tipc: fix kernel warning when sending SYN message 2023-02-22 12:59:53 +01:00
tls net: tls: fix device-offloaded sendpage straddling records 2023-03-17 08:50:26 +01:00
unix af_unix: fix struct pid leaks in OOB support 2023-03-17 08:50:28 +01:00
vmw_vsock This is the 6.1.2 stable release 2023-01-18 18:44:34 +00:00
wireless FROMGIT: wifi: nl80211: Add support for randomizing TA of auth and deauth frames 2023-05-11 05:22:29 +00:00
x25 net/x25: Fix to not accept on connected socket 2023-02-09 11:28:13 +01:00
xdp xsk: Add missing overflow check in xdp_umem_reg 2023-03-30 12:49:02 +02:00
xfrm FROMGIT: xfrm: Check if_id in inbound policy/secpath match 2023-05-12 16:23:38 +00:00
compat.c use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
devres.c
Kconfig
Kconfig.debug net: make NET_(DEV|NS)_REFCNT_TRACKER depend on NET 2022-09-20 14:23:56 -07:00
Makefile
OWNERS
socket.c net: avoid double iput when sock_alloc_file fails 2023-03-10 09:34:34 +01:00
sysctl_net.c
TEST_MAPPING