Commit 186abea8 authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec 

Steffen Klassert says:

====================
pull request (net): ipsec 2022-03-16

1) Fix a kernel-info-leak in pfkey.
   From Haimin Zhang.

2) Fix an incorrect check of the return value of ipv6_skip_exthdr.
   From Sabrina Dubroca.

* 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec:
  esp6: fix check on ipv6_skip_exthdr's return value
  af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register
====================

Link: https://lore.kernel.org/r/20220316121142.3142336-1-steffen.klassert@secunet.com


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents 1bbdcbae 4db4075f

net/ipv6/esp6.c

+1 −2
Original line number Diff line number Diff line
@@ -812,8 +812,7 @@ int esp6_input_done2(struct sk_buff *skb, int err) 
		struct tcphdr *th;



		offset = ipv6_skip_exthdr(skb, offset, &nexthdr, &frag_off);



		if (offset < 0) {

		if (offset == -1) {

			err = -EINVAL;

			goto out;

		}

net/key/af_key.c

+1 −1
Original line number Diff line number Diff line
@@ -1699,7 +1699,7 @@ static int pfkey_register(struct sock *sk, struct sk_buff *skb, const struct sad 


	xfrm_probe_algs();



	supp_skb = compose_sadb_supported(hdr, GFP_KERNEL);

	supp_skb = compose_sadb_supported(hdr, GFP_KERNEL | __GFP_ZERO);

	if (!supp_skb) {

		if (hdr->sadb_msg_satype != SADB_SATYPE_UNSPEC)

			pfk->registered &= ~(1<<hdr->sadb_msg_satype);