kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/net/xfrm
History
Steffen Klassert ec650b23ec xfrm: Fix xfrm_dst_cache memleak 
We have a memleak whenever a flow matches a policy without
a matching SA. In this case we generate a dummy bundle and
take an additional refcount on the dst_entry. This was needed
as long as we had the flowcache. The flowcache removal patches
deleted all related refcounts but forgot the one for the
dummy bundle case. Fix the memleak by removing this refcount.

Fixes: 3ca28286ea ("xfrm_policy: bypass flow_cache_lookup")
Reported-by: Maxime Bizon <mbizon@freebox.fr>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2017-10-24 13:40:36 +02:00
..
Kconfig Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2017-02-16 21:25:49 -05:00
Makefile xfrm: fix xfrm_dev_event() missing when compile without CONFIG_XFRM_OFFLOAD 2017-06-07 08:16:27 +02:00
xfrm_algo.c xfrm: use IS_ENABLED() instead of checking for built-in or module 2016-09-10 21:19:11 -07:00
xfrm_device.c xfrm: Fix negative device refcount on offload failure. 2017-09-11 10:36:51 +02:00
xfrm_hash.c
xfrm_hash.h xfrm: use "unsigned int" in __xfrm6_pref_hash() 2017-03-24 07:03:12 +01:00
xfrm_input.c vti: fix NULL dereference in xfrm_input() 2017-09-13 10:15:24 +02:00
xfrm_ipcomp.c
xfrm_output.c net: xfrm: support setting an output mark. 2017-08-11 07:03:00 +02:00
xfrm_policy.c xfrm: Fix xfrm_dst_cache memleak 2017-10-24 13:40:36 +02:00
xfrm_proc.c proc: Reduce cache miss in xfrm_statistics_seq_show 2016-09-30 01:50:45 -04:00
xfrm_replay.c xfrm: Add xfrm_replay_overflow functions for offloading 2017-04-14 10:07:01 +02:00
xfrm_state.c xfrm: don't call xfrm_policy_cache_flush under xfrm_state_lock 2017-09-28 09:39:05 +02:00
xfrm_sysctl.c net: xfrm: Change u32 sysctl entries to use proc_douintvec 2016-09-07 23:17:53 -07:00
xfrm_user.c ipsec: Fix aborted xfrm policy dump crash 2017-10-23 09:35:48 +02:00