mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 15:18:19 +00:00
Code Issues Releases Wiki Activity
linux-stable/include/net
History
sewookseo e22aa14866 net: Find dst with sk's xfrm policy not ctl_sk 
If we set XFRM security policy by calling setsockopt with option
IPV6_XFRM_POLICY, the policy will be stored in 'sock_policy' in 'sock'
struct. However tcp_v6_send_response doesn't look up dst_entry with the
actual socket but looks up with tcp control socket. This may cause a
problem that a RST packet is sent without ESP encryption & peer's TCP
socket can't receive it.
This patch will make the function look up dest_entry with actual socket,
if the socket has XFRM policy(sock_policy), so that the TCP response
packet via this function can be encrypted, & aligned on the encrypted
TCP socket.

Tested: We encountered this problem when a TCP socket which is encrypted
in ESP transport mode encryption, receives challenge ACK at SYN_SENT
state. After receiving challenge ACK, TCP needs to send RST to
establish the socket at next SYN try. But the RST was not encrypted &
peer TCP socket still remains on ESTABLISHED state.
So we verified this with test step as below.
[Test step]
1. Making a TCP state mismatch between client(IDLE) & server(ESTABLISHED).
2. Client tries a new connection on the same TCP ports(src & dst).
3. Server will return challenge ACK instead of SYN,ACK.
4. Client will send RST to server to clear the SOCKET.
5. Client will retransmit SYN to server on the same TCP ports.
[Expected result]
The TCP connection should be established.

Cc: Maciej Żenczykowski <maze@google.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Sehee Lee <seheele@google.com>
Signed-off-by: Sewook Seo <sewookseo@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-07-11 13:39:56 +01:00
..
9p net/p9: load default transports 2022-01-10 10:00:09 +09:00
bluetooth bluetooth: don't use bitmaps for random flag accesses 2022-06-05 16:28:41 -07:00
caif net: remove the caif_hsi driver 2021-07-01 13:19:48 -07:00
iucv net/af_iucv: Use struct_group() to zero struct iucv_sock region 2021-11-19 11:52:25 +00:00
netfilter netfilter: nf_tables: avoid skb access on nf_stolen 2022-06-27 19:22:54 +02:00
netns af_unix: Define a per-netns hash table. 2022-06-22 12:59:43 +01:00
nfc NFC: add NCI_UNREG flag to eliminate the race 2021-11-17 20:17:05 -08:00
phonet
sctp net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
tc_act Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
6lowpan.h 6lowpan: Replace zero-length array with flexible-array member 2020-02-28 14:51:30 +01:00
act_api.h net/sched: act_api: Add extack to offload_act_setup() callback 2022-04-08 13:45:43 +01:00
addrconf.h net: Add new protocol attribute to IP addresses 2022-02-18 21:20:06 -08:00
af_ieee802154.h
af_rxrpc.h afs: Don't truncate iter during data fetch 2021-04-23 10:17:26 +01:00
af_unix.h af_unix: Remove unix_table_locks. 2022-06-22 12:59:43 +01:00
af_vsock.h vsock: each transport cycles only on its own sockets 2022-03-11 23:14:19 -08:00
ah.h
amt.h amt: fix typo in amt 2022-05-25 21:36:16 -07:00
arp.h ipv4: Invalidate neighbour for broadcast address upon address addition 2022-02-21 11:44:30 +00:00
atmclip.h
ax25.h ax25: Fix ax25 session cleanup problems 2022-06-02 10:37:57 +02:00
ax88796.h ax88796: export ax_NS8390_init() hook 2021-08-03 13:05:25 +01:00
bareudp.h bareudp: Move definition of struct bareudp_conf to bareudp.c 2021-12-13 12:34:09 +00:00
bond_3ad.h bonding: fix data-races around agg_select_timer 2022-02-15 14:35:18 +00:00
bond_alb.h bonding: make tx_rebalance_counter an atomic 2021-12-03 14:16:48 +00:00
bond_options.h Bonding: add per-port priority for failover re-selection 2022-06-24 11:27:59 +01:00
bonding.h Bonding: add per-port priority for failover re-selection 2022-06-24 11:27:59 +01:00
bpf_sk_storage.h bpf: struct sock is declared twice in bpf_sk_storage header 2021-03-26 17:43:55 +01:00
busy_poll.h tcp: fix another uninit-value (sk_rx_queue_mapping) 2021-12-03 14:15:49 +00:00
calipso.h
cfg80211-wext.h
cfg80211.h net: wrap the wireless pointers in struct net_device in an ifdef 2022-05-22 21:51:54 +01:00
cfg802154.h net: wrap the wireless pointers in struct net_device in an ifdef 2022-05-22 21:51:54 +01:00
checksum.h powerpc/net: Implement powerpc specific csum_shift() to remove branch 2022-03-11 10:57:22 +00:00
cipso_ipv4.h cipso: Remove unused inline functions 2020-07-15 07:45:24 -07:00
cls_cgroup.h bpf: Allow to retrieve cgroup v1 classid from v2 hooks 2020-03-27 19:40:38 -07:00
codel.h codel: remove unnecessary pkt_sched.h include 2021-12-22 15:03:51 -08:00
codel_impl.h codel: remove unnecessary sock.h include 2021-12-22 15:03:47 -08:00
codel_qdisc.h codel: remove unnecessary pkt_sched.h include 2021-12-22 15:03:51 -08:00
compat.h net/ipv4/ipv6: Replace one-element arraya with flexible-array members 2021-08-05 11:46:42 +01:00
datalink.h llc/snap: constify dev_addr passing 2021-10-13 09:40:46 -07:00
dcbevent.h
dcbnl.h
devlink.h Revert "Merge branch 'mlxsw-line-card-model'" 2022-05-05 15:47:23 -07:00
dn.h decnet: constify dev_addr passing 2021-10-13 09:40:46 -07:00
dn_dev.h
dn_fib.h net: convert fib_treeref from int to refcount_t 2021-07-30 15:33:24 +02:00
dn_neigh.h
dn_nsp.h
dn_route.h
dropreason.h net: dropreason: reformat the comment fo skb drop reasons 2022-06-07 12:51:41 +02:00
dsa.h net: dsa: tag_ksz: add tag handling for Microchip LAN937x 2022-07-02 16:34:05 +01:00
dsfield.h ipv6: Annotate bitwise IPv6 dsfield pointer cast 2019-12-16 16:09:44 -08:00
dst.h net: dst: add net device refcount tracking to dst_entry 2021-12-06 16:05:10 -08:00
dst_cache.h wireguard: device: reset peer src endpoint when netns exits 2021-11-29 19:50:45 -08:00
dst_metadata.h net: fix a memleak when uncloning an skb dst and its metadata 2022-02-09 11:41:47 +00:00
dst_ops.h net/dst: use a smaller percpu_counter batch for dst entries accounting 2020-05-08 21:33:33 -07:00
erspan.h erspan: Add type I version 0 support. 2020-05-05 13:23:29 -07:00
esp.h esp: limit skb_page_frag_refill use to a single page 2022-04-13 10:16:11 +02:00
espintcp.h xfrm: espintcp: save and call old ->sk_destruct 2020-04-20 07:34:16 +02:00
ethoc.h
failover.h net: failover: add net device refcount tracker 2021-12-06 16:06:02 -08:00
fib_notifier.h ipv6: Remove old route notifications and convert listeners 2019-12-24 22:37:30 -08:00
fib_rules.h fib: expand fib_rule_policy 2021-12-16 07:18:35 -08:00
firewire.h
flow.h net: Add l3mdev index to flow struct and avoid oif reset for port devices 2022-03-15 20:20:02 -07:00
flow_dissector.h flow_dissector: Add number of vlan tags dissector 2022-04-20 11:09:13 +01:00
flow_offload.h net/sched: act_police: allow 'continue' action offload 2022-07-06 12:44:39 +01:00
fou.h
fq.h net/fq_impl: do not maintain a backlog-sorted list of flows 2021-01-21 13:33:45 +01:00
fq_impl.h net/fq_impl: do not maintain a backlog-sorted list of flows 2021-01-21 13:33:45 +01:00
garp.h treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
gen_stats.h net: sched: Remove Qdisc::running sequence counter 2021-10-18 12:54:41 +01:00
genetlink.h mptcp: avoid lock_fast usage in accept path 2021-02-12 16:31:46 -08:00
geneve.h
gre.h ip_gre: add csum offload support for gre header 2021-01-29 20:39:14 -08:00
gro.h net: gro: Fix a 'directive in macro's argument list' sparse warning 2022-02-18 11:00:25 +00:00
gro_cells.h
gtp.h gtp: Add support for checking GTP device type 2022-03-11 08:28:27 -08:00
gue.h GUE: Fix a typo 2020-06-22 21:12:44 -07:00
hwbm.h
icmp.h ipv6: ICMPV6: add response to ICMPV6 RFC 8335 PROBE messages 2021-06-28 14:29:45 -07:00
ieee80211_radiotap.h ieee80211: radiotap: fix -Wcast-qual warnings 2022-02-04 16:25:21 +01:00
ieee802154_netdev.h
if_inet6.h ipv6: fix locking issues with loops over idev->addr_list 2022-04-06 22:09:39 -07:00
ife.h
ila.h
inet6_connection_sock.h
inet6_hashtables.h ipv6: add READ_ONCE(sk->sk_bound_dev_if) in INET6_MATCH() 2022-05-16 10:31:06 +01:00
inet_common.h bpf: Allow rewriting to ports under ip_unprivileged_port_start 2021-01-27 18:18:15 -08:00
inet_connection_sock.h Revert "net: Add a second bind table hashed by port and address" 2022-06-16 11:07:59 -07:00
inet_dscp.h ipv6: Define dscp_t and stop taking ECN bits into account in fib6-rules 2022-02-07 20:12:45 -08:00
inet_ecn.h net: add skb_get_dsfield() helper 2021-10-15 11:33:08 +01:00
inet_frag.h net: ip: Handle delivery_time in ip defrag 2022-03-03 14:38:48 +00:00
inet_hashtables.h Revert "net: Add a second bind table hashed by port and address" 2022-06-16 11:07:59 -07:00
inet_sock.h sock: redo the psock vs ULP protection check 2022-06-23 10:08:30 +02:00
inet_timewait_sock.h Revert "tcp/dccp: get rid of inet_twsk_purge()" 2022-05-13 12:24:12 +01:00
inetpeer.h
ioam6.h treewide: Replace zero-length arrays with flexible-array members 2022-02-17 07:00:39 -06:00
ip.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-19 11:23:59 -07:00
ip6_checksum.h net: move gro definitions to include/net/gro.h 2021-11-16 13:16:54 +00:00
ip6_fib.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-02-17 11:44:20 -08:00
ip6_route.h ipv6: ip6_skb_dst_mtu() cleanups 2021-11-19 20:09:55 -08:00
ip6_tunnel.h ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode 2022-04-25 11:40:45 +01:00
ip_fib.h ipv4: Use dscp_t in struct fib_entry_notifier_info 2022-04-11 17:37:50 -07:00
ip_tunnels.h net: adopt u64_stats_t in struct pcpu_sw_netstats 2022-06-09 21:53:11 -07:00
ip_vs.h ipvs: add sysctl_run_estimation to support disable estimation 2021-10-07 19:52:58 +02:00
ipcomp.h
ipconfig.h
ipv6.h ipv6: Fix signed integer overflow in __ip6_append_data 2022-06-08 10:56:43 -07:00
ipv6_frag.h net: don't include ndisc.h from ipv6.h 2022-02-04 14:15:11 -08:00
ipv6_stubs.h net: ipv6: add fib6_nh_release_dsts stub 2021-11-22 15:44:49 +00:00
iw_handler.h
kcm.h
l3mdev.h l3mdev: add infrastructure for table to VRF mapping 2020-06-20 17:22:22 -07:00
lag.h
lapb.h net: lapb: Make "lapb_t1timer_running" able to detect an already running timer 2021-03-23 14:14:50 -07:00
lib80211.h
llc.h llc: fix out-of-bound array index in llc_sk_dev_hash() 2021-11-07 19:25:29 +00:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: add net device refcount tracker 2021-12-07 20:44:59 -08:00
llc_if.h llc/snap: constify dev_addr passing 2021-10-13 09:40:46 -07:00
llc_pdu.h net: llc: fix skb_over_panic 2021-07-27 13:05:56 +01:00
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h netfilter: add netfilter hooks to SRv6 data plane 2021-08-30 01:51:36 +02:00
mac80211.h wifi: mac80211: remove cipher scheme support 2022-06-10 15:35:53 +02:00
mac802154.h net: mac802154: Create an error helper for asynchronous offloading errors 2022-04-25 20:51:12 +02:00
macsec.h net: macsec: fix the length used to copy the key for offloading 2021-06-24 12:41:12 -07:00
mctp.h mctp: Use output netdev to allocate skb headroom 2022-04-01 12:04:15 +01:00
mctpdevice.h mctp: Pass flow data & flow release events to drivers 2021-10-29 13:23:51 +01:00
mip6.h net: mip6: Replace zero-length array with flexible-array member 2020-03-02 11:16:27 -08:00
mld.h mld: add new workqueues for process mld events 2021-03-26 15:14:56 -07:00
mpls.h net: Make mpls_entry_encode() available for generic users 2020-05-29 21:20:20 -07:00
mpls_iptunnel.h net: mpls: Replace zero-length array with flexible-array member 2020-02-28 12:08:37 -08:00
mptcp.h mptcp: move MPTCPOPT_HMAC_LEN to net/mptcp.h 2022-07-09 12:19:23 +01:00
mrp.h treewide: Use sizeof_field() macro 2019-12-09 10:36:44 -08:00
ncsi.h
ndisc.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-03-03 11:55:12 -08:00
neighbour.h net, neigh: introduce interval_probe_time_ms for periodic probe 2022-06-30 13:14:35 +02:00
net_debug.h net: add CONFIG_DEBUG_NET 2022-05-11 12:43:10 +01:00
net_failover.h
net_namespace.h af_unix: Define a per-netns hash table. 2022-06-22 12:59:43 +01:00
net_ratelimit.h
net_trackers.h net: add networking namespace refcount tracker 2021-12-10 06:38:26 -08:00
netevent.h
netlabel.h
netlink.h net: netlink: add the case when nlh is NULL 2021-07-27 11:43:50 +01:00
netprio_cgroup.h
netrom.h
nexthop.h net: ipv4: Fix rtnexthop len when RTA_FLOW is present 2021-09-24 14:07:10 +01:00
nl802154.h net: ieee802154: handle iftypes as u32 2021-11-16 18:02:46 +01:00
nsh.h
p8022.h
page_pool.h net: page_pool: introduce ethtool stats 2022-04-15 10:43:47 +01:00
pie.h pie: realign comment 2020-03-04 13:25:55 -08:00
ping.h net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
pkt_cls.h net/sched: act_api: Add extack to offload_act_setup() callback 2022-04-08 13:45:43 +01:00
pkt_sched.h net: sched: provide shim definitions for taprio_offload_{get,free} 2022-07-05 17:50:38 -07:00
pptp.h
protocol.h net: Remove the member netns_ok 2021-05-17 15:29:35 -07:00
psample.h psample: Add a fwd declaration for skbuff 2021-08-09 15:34:21 -07:00
psnap.h
raw.h raw: complete rcu conversion 2022-06-21 11:38:29 +02:00
rawv6.h raw: convert raw sockets to RCU 2022-06-19 10:00:02 +01:00
red.h sch_red: fix off-by-one checks in red_check_params() 2021-03-25 17:40:43 -07:00
regulatory.h net/wireless: regulatory.h: drop duplicate word in comment 2020-07-31 09:24:23 +02:00
request_sock.h tcp: Use BPF timeout setting for SYN ACK RTO 2022-02-02 14:45:18 +00:00
rose.h rose: constify dev_addr passing 2021-10-13 09:40:45 -07:00
route.h ipv4: Avoid using RTO_ONLINK with ip_route_connect(). 2022-04-22 13:06:03 +01:00
rpl.h net: ipv6: Use struct_size() helper and kcalloc() 2020-06-23 20:27:09 -07:00
rsi_91x.h
rtnetlink.h net: rtnetlink: add bulk delete support flag 2022-04-13 12:46:26 +01:00
rtnh.h
sch_generic.h net: sched: add barrier to fix packet stuck problem for lockless qdisc 2022-05-31 20:39:28 -07:00
scm.h fs: Move __scm_install_fd() to __receive_fd() 2020-07-13 11:03:44 -07:00
secure_seq.h secure_seq: use the 64 bits of the siphash for port offset calculation 2022-05-04 19:22:20 -07:00
seg6.h udp6: Use Segment Routing Header for dest address if present 2022-01-04 12:17:35 +00:00
seg6_hmac.h
seg6_local.h
selftests.h net: selftest: fix build issue if INET is disabled 2021-04-28 14:06:45 -07:00
slhc_vj.h
smc.h net/smc: introduce CHID callback for ISM devices 2020-09-28 15:19:03 -07:00
snmp.h
sock.h net: remove SK_RECLAIM_THRESHOLD and SK_RECLAIM_CHUNK 2022-07-01 13:25:00 +01:00
sock_reuseport.h tcp: Add reuseport_migrate_sock() to select a new listener. 2021-06-15 18:01:05 +02:00
Space.h wan: remove sbni/granch driver 2021-08-03 13:05:26 +01:00
stp.h
strparser.h strparser: pad sk_skb_cb to avoid straddling cachelines 2022-07-08 18:38:44 -07:00
switchdev.h net: switchdev: add reminder near struct switchdev_notifier_fdb_info 2022-06-29 20:37:36 -07:00
tcp.h net: Introduce a new proto_ops ->read_skb() 2022-06-20 14:05:52 +02:00
tcp_states.h
timewait_sock.h
tipc.h
tls.h tls: create an internal header 2022-07-08 18:38:45 -07:00
tls_toe.h
transp_v6.h tcp: move ipv4_specific to tcp include file 2020-06-23 20:10:15 -07:00
tso.h net: tso: cache transport header length 2020-06-18 20:46:23 -07:00
tun_proto.h
udp.h net: Introduce a new proto_ops ->read_skb() 2022-06-20 14:05:52 +02:00
udp_tunnel.h udp: call udp_encap_enable for v6 sockets when enabling encap 2021-02-04 18:37:14 -08:00
udplite.h udplite: remove udplite_csum_outgoing() 2022-01-27 13:53:27 +00:00
vsock_addr.h
vxlan.h drivers: vxlan: vnifilter: per vni stats 2022-03-01 08:38:02 +00:00
wext.h
x25.h net/x25: add new state X25_STATE_5 2019-12-09 10:28:43 -08:00
x25device.h
xdp.h net: veth: Account total xdp_frame len running ndo_xdp_xmit 2022-03-17 20:33:52 +01:00
xdp_priv.h xsk: Wipe out dead zero_copy_allocator declarations 2021-12-14 00:24:24 +01:00
xdp_sock.h net: Don't include filter.h from net/sock.h 2021-12-29 08:48:14 -08:00
xdp_sock_drv.h i40e: xsk: Move tmp desc array from driver to pool 2022-01-27 17:25:32 +01:00
xfrm.h net: Find dst with sk's xfrm policy not ctl_sk 2022-07-11 13:39:56 +01:00
xsk_buff_pool.h xsk: Fix possible crash when multiple sockets are created 2022-04-26 16:19:54 +02:00