mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-10 10:39:26 +00:00
Code Issues Releases Wiki Activity
linux-stable/net/xfrm
History
Herbert Xu 6610b9cb80 xfrm: Copy policy family in clone_policy 
[ Upstream commit 0e74aa1d79 ]

The syzbot found an ancient bug in the IPsec code.  When we cloned
a socket policy (for example, for a child TCP socket derived from a
listening socket), we did not copy the family field.  This results
in a live policy with a zero family field.  This triggers a BUG_ON
check in the af_key code when the cloned policy is retrieved.

This patch fixes it by copying the family field over.

Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-12-14 09:53:13 +01:00
..
Kconfig Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2017-02-16 21:25:49 -05:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_algo.c xfrm: use IS_ENABLED() instead of checking for built-in or module 2016-09-10 21:19:11 -07:00
xfrm_device.c xfrm: Fix negative device refcount on offload failure. 2017-09-11 10:36:51 +02:00
xfrm_hash.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_hash.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_input.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2017-11-09 10:58:35 +09:00
xfrm_ipcomp.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2013-11-04 13:48:30 -05:00
xfrm_output.c xfrm: Fix GSO for IPsec with GRE tunnel. 2017-10-31 09:20:35 +01:00
xfrm_policy.c xfrm: Copy policy family in clone_policy 2017-12-14 09:53:13 +01:00
xfrm_proc.c proc: Reduce cache miss in xfrm_statistics_seq_show 2016-09-30 01:50:45 -04:00
xfrm_replay.c xfrm: Add xfrm_replay_overflow functions for offloading 2017-04-14 10:07:01 +02:00
xfrm_state.c xfrm: Clear sk_dst_cache when applying per-socket policy. 2017-10-26 08:19:03 +02:00
xfrm_sysctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_user.c ipsec: Fix aborted xfrm policy dump crash 2017-10-23 09:35:48 +02:00