1. 19 Jun, 2005 7 commits
    • Patrick McHardy's avatar
      [IPSEC] Fix xfrm_state leaks in error path · 7d6dfe1f
      Patrick McHardy authored
      Herbert Xu wrote:
      > @@ -1254,6 +1326,7 @@ static int pfkey_add(struct sock *sk, st
      >       if (IS_ERR(x))
      >               return PTR_ERR(x);
      >
      > +     xfrm_state_hold(x);
      
      This introduces a leak when xfrm_state_add()/xfrm_state_update()
      fail. We hold two references (one from xfrm_state_alloc(), one
      from xfrm_state_hold()), but only drop one. We need to take the
      reference because the reference from xfrm_state_alloc() can
      be dropped by __xfrm_state_delete(), so the fix is to drop both
      references on error. Same problem in xfrm_user.c.
      Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      7d6dfe1f
    • Herbert Xu's avatar
      [IPSEC] Use XFRM_MSG_* instead of XFRM_SAP_* · f60f6b8f
      Herbert Xu authored
      This patch removes XFRM_SAP_* and converts them over to XFRM_MSG_*.
      The netlink interface is meant to map directly onto the underlying
      xfrm subsystem.  Therefore rather than using a new independent
      representation for the events we can simply use the existing ones
      from xfrm_user.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      f60f6b8f
    • Herbert Xu's avatar
      [IPSEC] Set byid for km_event in xfrm_get_policy · e7443892
      Herbert Xu authored
      This patch fixes policy deletion in xfrm_user so that it sets
      km_event.data.byid.  This puts xfrm_user on par with what af_key
      does in this case.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      e7443892
    • Herbert Xu's avatar
      [IPSEC] Turn km_event.data into a union · bf08867f
      Herbert Xu authored
      This patch turns km_event.data into a union.  This makes code that
      uses it clearer.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      bf08867f
    • Herbert Xu's avatar
      [IPSEC] Fix xfrm to pfkey SA state conversion · 4f09f0bb
      Herbert Xu authored
      This patch adjusts the SA state conversion in af_key such that
      XFRM_STATE_ERROR/XFRM_STATE_DEAD will be converted to SADB_STATE_DEAD
      instead of SADB_STATE_DYING.
      
      According to RFC 2367, SADB_STATE_DYING SAs can be turned into
      mature ones through updating their lifetime settings.  Since SAs
      which are in the states XFRM_STATE_ERROR/XFRM_STATE_DEAD cannot
      be resurrected, this value is unsuitable.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      4f09f0bb
    • Herbert Xu's avatar
      [IPSEC] Kill spurious hard expire messages · 4666faab
      Herbert Xu authored
      This patch ensures that the hard state/policy expire notifications are
      only sent when the state/policy is successfully removed from their
      respective tables.
      
      As it is, it's possible for a state/policy to both expire through
      reaching a hard limit, as well as being deleted by the user.
      
      Note that this behaviour isn't actually forbidden by RFC 2367.
      However, it is a quality of implementation issue.
      
      As an added bonus, the restructuring in this patch will help
      eventually in moving the expire notifications from softirq
      context into process context, thus improving their reliability.
      
      One important side-effect from this change is that SAs reaching
      their hard byte/packet limits are now deleted immediately, just
      like SAs that have reached their hard time limits.
      
      Previously they were announced immediately but only deleted after
      30 seconds.
      
      This is bad because it prevents the system from issuing an ACQUIRE
      command until the existing state was deleted by the user or expires
      after the time is up.
      
      In the scenario where the expire notification was lost this introduces
      a 30 second delay into the system for no good reason.
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      4666faab
    • Jamal Hadi Salim's avatar
      [IPSEC] Add complete xfrm event notification · 26b15dad
      Jamal Hadi Salim authored
      Heres the final patch.
      What this patch provides
      
      - netlink xfrm events
      - ability to have events generated by netlink propagated to pfkey
        and vice versa.
      - fixes the acquire lets-be-happy-with-one-success issue
      Signed-off-by: default avatarJamal Hadi Salim <hadi@cyberus.ca>
      Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
      26b15dad
  2. 18 Jun, 2005 14 commits
  3. 17 Jun, 2005 12 commits
  4. 16 Jun, 2005 7 commits