Xin Long 171d449a02 xfrm: fix uctx len check in verify_sec_ctx_len ...

It's not sufficient to do 'uctx->len != (sizeof(struct xfrm_user_sec_ctx) +
uctx->ctx_len)' check only, as uctx->len may be greater than nla_len(rt),
in which case it will cause slab-out-of-bounds when accessing uctx->ctx_str
later.

This patch is to fix it by return -EINVAL when uctx->len > nla_len(rt).

Fixes: df71837d50 ("[LSM-IPSec]: Security association restriction.")
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

2020-02-12 11:06:32 +01:00

..

6lowpan

6lowpan: no need to check return value of debugfs_create functions

2019-07-06 12:50:01 +02:00

9p

Merge tag '9p-for-5.4' of git://github.com/martinetd/linux

2019-09-27 15:10:34 -07:00

802

treewide: Use sizeof_field() macro

2019-12-09 10:36:44 -08:00

8021q

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-01-09 12:13:43 -08:00

appletalk

appletalk: enforce CAP_NET_RAW for raw sockets

2019-09-24 16:37:18 +02:00

atm

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-01-26 10:40:21 +01:00

ax25

net: Make sock protocol value checks more specific

2020-01-09 18:41:40 -08:00

batman-adv

Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net

2020-01-19 22:10:04 +01:00

bluetooth

Bluetooth: Fix race condition in hci_release_sock()

2020-01-26 10:34:17 +02:00

bpf

bpf: Allow to change skb mark in test_run

2019-12-18 17:05:58 -08:00

bpfilter

Merge tag 'kbuild-v5.3' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild

2019-07-12 16:03:16 -07:00

bridge

net: bridge: vlan: add per-vlan state

2020-01-24 12:58:14 +01:00

caif

caif_usb: fix spelling mistake "to" -> "too"

2020-01-24 08:12:06 +01:00

can

can: j1939: j1939_sk_bind(): take priv after lock is held

2019-12-08 11:52:02 +01:00

ceph

libceph, rbd, ceph: convert to use the new mount API

2019-11-27 22:28:37 +01:00

core

net/core: Do not clear VF index for node/port GUIDs query

2020-01-30 15:20:26 +01:00

dcb

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201

2019-05-30 11:29:52 -07:00

dccp

treewide: Use sizeof_field() macro

2019-12-09 10:36:44 -08:00

decnet

net: Make sock protocol value checks more specific

2020-01-09 18:41:40 -08:00

dns_resolver

Revert "Merge tag 'keys-acl-20190703' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs"

2019-07-10 18:43:43 -07:00

dsa

net: dsa: Fix use-after-free in probing of DSA switch tree

2020-01-27 11:12:46 +01:00

ethernet

net: remove eth_change_mtu

2020-01-27 11:09:31 +01:00

ethtool

net/core: Replace driver version to be kernel version

2020-01-27 13:47:22 +01:00

hsr

net/hsr: remove seq_nr_after_or_eq

2020-01-21 12:03:21 +01:00

ieee802154

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2019-11-02 13:54:56 -07:00

ife

net: Fix Kconfig indentation

2019-09-26 08:56:17 +02:00

ipv4

vti[6]: fix packet tx through bpf_redirect() in XinY cases

2020-02-06 13:27:30 +01:00

ipv6

vti[6]: fix packet tx through bpf_redirect() in XinY cases

2020-02-06 13:27:30 +01:00

iucv

treewide: Use sizeof_field() macro

2019-12-09 10:36:44 -08:00

kcm

kcm: disable preemption in kcm_parse_func_strparser()

2019-09-27 10:27:14 +02:00

key

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-07-08 19:48:57 -07:00

l2tp

l2tp: Remove redundant BUG_ON() check in l2tp_pernet

2020-01-03 12:26:07 -08:00

l3mdev

ipv6: convert major tx path to use RT6_LOOKUP_F_DST_NOREF

2019-06-23 13:24:17 -07:00

lapb

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-17 20:20:36 -07:00

llc

llc2: Fix return statement of llc_stat_ev_rx_null_dsap_xid_c (and _test_c)

2019-12-20 21:19:36 -08:00

mac80211

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next

2020-01-28 16:02:33 -08:00

mac802154

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174

2019-05-30 11:26:41 -07:00

mpls

net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup

2019-12-04 12:27:13 -08:00

mptcp

mptcp: Fix undefined mptcp_handle_ipv6_mapped for modular IPV6

2020-01-30 10:55:54 +01:00

ncsi

net/ncsi: Support for multi host mellanox card

2020-01-09 18:36:22 -08:00

netfilter

netfilter: flowtable: Fix setting forgotten NF_FLOW_HW_DEAD flag

2020-01-31 19:31:42 +01:00

netlabel

netlabel: remove redundant assignment to pointer iter

2019-09-01 11:45:02 -07:00

netlink

treewide: Use sizeof_field() macro

2019-12-09 10:36:44 -08:00

netrom

net: core: add generic lockdep keys

2019-10-24 14:53:48 -07:00

nfc

net: nfc: nci: fix a possible sleep-in-atomic-context bug in nci_uart_tty_receive()

2019-12-18 11:57:33 -08:00

nsh

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500

2019-06-19 17:09:55 +02:00

openvswitch

net: openvswitch: use skb_list_walk_safe helper for gso segments

2020-01-14 11:48:41 -08:00

packet

Merge tag 'y2038-drivers-for-v5.6-signed' of git://git.kernel.org:/pub/scm/linux/kernel/git/arnd/playground

2020-01-29 14:55:47 -08:00

phonet

net: Remove redundant BUG_ON() check in phonet_pernet

2020-01-03 12:25:50 -08:00

psample

net: psample: fix skb_over_panic

2019-11-26 14:40:13 -08:00

qrtr

net: qrtr: Remove receive worker

2020-01-14 18:36:42 -08:00

rds

net/rds: Use prefetch for On-Demand-Paging MR

2020-01-18 11:48:19 +02:00

rfkill

rfkill: Fix incorrect check to avoid NULL pointer dereference

2019-12-16 10:15:49 +01:00

rose

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-01-26 10:40:21 +01:00

rxrpc

rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect

2020-02-03 10:25:30 +00:00

sched

cls_rsvp: fix rsvp_policy

2020-02-01 12:25:06 -08:00

sctp

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net

2020-01-09 12:13:43 -08:00

smc

net/smc: allow unprivileged users to read pnet table

2020-01-21 11:39:56 +01:00

strparser

Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net

2019-06-22 08:59:24 -04:00

sunrpc

Merge tag 'y2038-drivers-for-v5.6-signed' of git://git.kernel.org:/pub/scm/linux/kernel/git/arnd/playground

2020-01-29 14:55:47 -08:00

switchdev

treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152

2019-05-30 11:26:32 -07:00

tipc

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next

2020-01-28 16:02:33 -08:00

tls

Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net

2020-01-19 22:10:04 +01:00

unix

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next

2020-01-21 12:18:20 +01:00

vmw_vsock

Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net

2020-01-19 22:10:04 +01:00

wimax

wimax: no need to check return value of debugfs_create functions

2019-08-10 15:25:47 -07:00

wireless

Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next

2020-01-28 16:02:33 -08:00

x25

net/x25: fix nonblocking connect

2020-01-09 18:39:33 -08:00

xdp

xsk, net: Make sock_def_readable() have external linkage

2020-01-22 00:08:52 +01:00

xfrm

xfrm: fix uctx len check in verify_sec_ctx_len

2020-02-12 11:06:32 +01:00

compat.c

y2038: socket: use __kernel_old_timespec instead of timespec

2019-11-15 14:38:29 +01:00

Kconfig

mptcp: Add MPTCP socket stubs

2020-01-24 13:44:07 +01:00

Makefile

mptcp: Add MPTCP socket stubs

2020-01-24 13:44:07 +01:00

socket.c

socket: fix unused-function warning

2020-01-08 15:02:21 -08:00

sysctl_net.c

treewide: Add SPDX license identifier for missed files

2019-05-21 10:50:45 +02:00