brain-hackers_pepepper-mirror/linux-brain
1
0
Fork 0
mirror of https://github.com/brain-hackers/linux-brain.git synced 2024-06-09 23:36:23 +09:00
Code Issues Projects Releases Wiki Activity
3173390b8d
linux-brain/net/xfrm
History
Ahmed S. Darwish a128e07b47 net: xfrm: Localize sequence counter per network namespace 
[ Upstream commit e88add19f68191448427a6e4eb059664650a837f ]

A sequence counter write section must be serialized or its internal
state can get corrupted. The "xfrm_state_hash_generation" seqcount is
global, but its write serialization lock (net->xfrm.xfrm_state_lock) is
instantiated per network namespace. The write protection is thus
insufficient.

To provide full protection, localize the sequence counter per network
namespace instead. This should be safe as both the seqcount read and
write sections access data exclusively within the network namespace. It
also lays the foundation for transforming "xfrm_state_hash_generation"
data type from seqcount_t to seqcount_LOCKNAME_t in further commits.

Fixes: b65e3d7be0 ("xfrm: state: add sequence count to detect hash resizes")
Signed-off-by: Ahmed S. Darwish <a.darwish@linutronix.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-04-14 08:24:13 +02:00
..
Kconfig Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 2019-07-05 14:58:22 -07:00
Makefile xfrm: Add virtual xfrm interfaces 2018-06-23 16:07:25 +02:00
xfrm_algo.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
xfrm_device.c xfrm: Fix double ESP trailer insertion in IPsec crypto offload. 2020-06-30 15:36:53 -04:00
xfrm_hash.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
xfrm_hash.h xfrm: use complete IPv6 addresses for hash 2018-10-15 10:09:18 +02:00
xfrm_inout.h xfrm: remove input2 indirection from xfrm_mode 2019-04-08 09:14:55 +02:00
xfrm_input.c xfrm: Fix oops in xfrm_replay_advance_bmp 2021-02-03 23:25:59 +01:00
xfrm_interface.c xfrm: interface: fix ipv4 pmtu check to honor ip header df 2021-04-14 08:24:13 +02:00
xfrm_ipcomp.c net: Use skb_frag_off accessors 2019-07-30 14:21:32 -07:00
xfrm_output.c xfrm: fix a NULL-ptr deref in xfrm_local_error 2020-06-03 08:21:33 +02:00
xfrm_policy.c xfrm: Fix wraparound in xfrm_policy_addr_delta() 2021-02-03 23:25:59 +01:00
xfrm_proc.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
xfrm_replay.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 335 2019-06-05 17:37:06 +02:00
xfrm_state.c net: xfrm: Localize sequence counter per network namespace 2021-04-14 08:24:13 +02:00
xfrm_sysctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfrm_user.c xfrm: policy: match with both mark and mask on user interfaces 2020-08-05 09:59:44 +02:00