Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next (93bbbfbb) · Commits · e / devices / android_kernel_oneplus_sm7250

include/net/xfrm.h

+8 −4

Original line number	Original line	Diff line number	Diff line
	@@ -631,7 +631,8 @@ struct xfrm_mgr {
	u8 dir, u8 type,		u8 dir, u8 type,
	const struct xfrm_migrate *m,		const struct xfrm_migrate *m,
	int num_bundles,		int num_bundles,
	const struct xfrm_kmaddress *k);		const struct xfrm_kmaddress *k,
			const struct xfrm_encap_tmpl *encap);
	bool (is_alive)(const struct km_event c);		bool (is_alive)(const struct km_event c);
	};		};

	@@ -1675,13 +1676,16 @@ int xfrm_sk_policy_insert(struct sock sk, int dir, struct xfrm_policy pol);
	#ifdef CONFIG_XFRM_MIGRATE		#ifdef CONFIG_XFRM_MIGRATE
	int km_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,		int km_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
	const struct xfrm_migrate *m, int num_bundles,		const struct xfrm_migrate *m, int num_bundles,
	const struct xfrm_kmaddress *k);		const struct xfrm_kmaddress *k,
			const struct xfrm_encap_tmpl *encap);
	struct xfrm_state xfrm_migrate_state_find(struct xfrm_migrate m, struct net *net);		struct xfrm_state xfrm_migrate_state_find(struct xfrm_migrate m, struct net *net);
	struct xfrm_state xfrm_state_migrate(struct xfrm_state x,		struct xfrm_state xfrm_state_migrate(struct xfrm_state x,
	struct xfrm_migrate *m);		struct xfrm_migrate *m,
			struct xfrm_encap_tmpl *encap);
	int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,		int xfrm_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
	struct xfrm_migrate *m, int num_bundles,		struct xfrm_migrate *m, int num_bundles,
	struct xfrm_kmaddress k, struct net net);		struct xfrm_kmaddress k, struct net net,
			struct xfrm_encap_tmpl *encap);
	#endif		#endif

	int km_new_mapping(struct xfrm_state x, xfrm_address_t ipaddr, __be16 sport);		int km_new_mapping(struct xfrm_state x, xfrm_address_t ipaddr, __be16 sport);

net/ipv4/ah4.c

+3 −2

Original line number	Original line	Diff line number	Diff line
	#define pr_fmt(fmt) "IPsec: " fmt		#define pr_fmt(fmt) "IPsec: " fmt

			#include <crypto/algapi.h>
	#include <crypto/hash.h>		#include <crypto/hash.h>
	#include <linux/err.h>		#include <linux/err.h>
	#include <linux/module.h>		#include <linux/module.h>
	@@ -279,7 +280,7 @@ static void ah_input_done(struct crypto_async_request *base, int err)
	auth_data = ah_tmp_auth(work_iph, ihl);		auth_data = ah_tmp_auth(work_iph, ihl);
	icv = ah_tmp_icv(ahp->ahash, auth_data, ahp->icv_trunc_len);		icv = ah_tmp_icv(ahp->ahash, auth_data, ahp->icv_trunc_len);

	err = memcmp(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG: 0;		err = crypto_memneq(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG : 0;
	if (err)		if (err)
	goto out;		goto out;

	@@ -417,7 +418,7 @@ static int ah_input(struct xfrm_state x, struct sk_buff skb)
	goto out_free;		goto out_free;
	}		}

	err = memcmp(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG: 0;		err = crypto_memneq(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG : 0;
	if (err)		if (err)
	goto out_free;		goto out_free;

net/ipv6/ah6.c

+3 −2

Original line number	Original line	Diff line number	Diff line
	@@ -25,6 +25,7 @@

	#define pr_fmt(fmt) "IPv6: " fmt		#define pr_fmt(fmt) "IPv6: " fmt

			#include <crypto/algapi.h>
	#include <crypto/hash.h>		#include <crypto/hash.h>
	#include <linux/module.h>		#include <linux/module.h>
	#include <linux/slab.h>		#include <linux/slab.h>
	@@ -483,7 +484,7 @@ static void ah6_input_done(struct crypto_async_request *base, int err)
	auth_data = ah_tmp_auth(work_iph, hdr_len);		auth_data = ah_tmp_auth(work_iph, hdr_len);
	icv = ah_tmp_icv(ahp->ahash, auth_data, ahp->icv_trunc_len);		icv = ah_tmp_icv(ahp->ahash, auth_data, ahp->icv_trunc_len);

	err = memcmp(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG : 0;		err = crypto_memneq(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG : 0;
	if (err)		if (err)
	goto out;		goto out;

	@@ -631,7 +632,7 @@ static int ah6_input(struct xfrm_state x, struct sk_buff skb)
	goto out_free;		goto out_free;
	}		}

	err = memcmp(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG : 0;		err = crypto_memneq(icv, auth_data, ahp->icv_trunc_len) ? -EBADMSG : 0;
	if (err)		if (err)
	goto out_free;		goto out_free;

net/ipv6/esp6.c

+0 −5

Original line number	Original line	Diff line number	Diff line
	@@ -118,7 +118,6 @@ static inline struct scatterlist esp_req_sg(struct crypto_aead aead,

	static void esp_ssg_unref(struct xfrm_state x, void tmp)		static void esp_ssg_unref(struct xfrm_state x, void tmp)
	{		{
	__be32 *seqhi;
	struct crypto_aead *aead = x->data;		struct crypto_aead *aead = x->data;
	int seqhilen = 0;		int seqhilen = 0;
	u8 *iv;		u8 *iv;
	@@ -128,7 +127,6 @@ static void esp_ssg_unref(struct xfrm_state x, void tmp)
	if (x->props.flags & XFRM_STATE_ESN)		if (x->props.flags & XFRM_STATE_ESN)
	seqhilen += sizeof(__be32);		seqhilen += sizeof(__be32);

	seqhi = esp_tmp_seqhi(tmp);
	iv = esp_tmp_iv(aead, tmp, seqhilen);		iv = esp_tmp_iv(aead, tmp, seqhilen);
	req = esp_tmp_req(aead, iv);		req = esp_tmp_req(aead, iv);

	@@ -224,12 +222,9 @@ int esp6_output_head(struct xfrm_state x, struct sk_buff skb, struct esp_info
	u8 *vaddr;		u8 *vaddr;
	int nfrags;		int nfrags;
	struct page *page;		struct page *page;
	struct ip_esp_hdr *esph;
	struct sk_buff *trailer;		struct sk_buff *trailer;
	int tailen = esp->tailen;		int tailen = esp->tailen;

	esph = ip_esp_hdr(skb);

	if (!skb_cloned(skb)) {		if (!skb_cloned(skb)) {
	if (tailen <= skb_availroom(skb)) {		if (tailen <= skb_availroom(skb)) {
	nfrags = 1;		nfrags = 1;

net/key/af_key.c

+5 −3

Original line number	Original line	Diff line number	Diff line
	@@ -2589,7 +2589,7 @@ static int pfkey_migrate(struct sock sk, struct sk_buff skb,
	}		}

	return xfrm_migrate(&sel, dir, XFRM_POLICY_TYPE_MAIN, m, i,		return xfrm_migrate(&sel, dir, XFRM_POLICY_TYPE_MAIN, m, i,
	kma ? &k : NULL, net);		kma ? &k : NULL, net, NULL);

	out:		out:
	return err;		return err;
	@@ -3488,7 +3488,8 @@ static int set_ipsecrequest(struct sk_buff *skb,
	#ifdef CONFIG_NET_KEY_MIGRATE		#ifdef CONFIG_NET_KEY_MIGRATE
	static int pfkey_send_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,		static int pfkey_send_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
	const struct xfrm_migrate *m, int num_bundles,		const struct xfrm_migrate *m, int num_bundles,
	const struct xfrm_kmaddress *k)		const struct xfrm_kmaddress *k,
			const struct xfrm_encap_tmpl *encap)
	{		{
	int i;		int i;
	int sasize_sel;		int sasize_sel;
	@@ -3598,7 +3599,8 @@ static int pfkey_send_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
	#else		#else
	static int pfkey_send_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,		static int pfkey_send_migrate(const struct xfrm_selector *sel, u8 dir, u8 type,
	const struct xfrm_migrate *m, int num_bundles,		const struct xfrm_migrate *m, int num_bundles,
	const struct xfrm_kmaddress *k)		const struct xfrm_kmaddress *k,
			const struct xfrm_encap_tmpl *encap)
	{		{
	return -ENOPROTOOPT;		return -ENOPROTOOPT;
	}		}