diff options
author | Jakub Kicinski | 2023-10-30 14:36:56 -0700 |
---|---|---|
committer | Jakub Kicinski | 2023-10-30 14:36:57 -0700 |
commit | e0f9f0e0737f47f643a66c6db158af61818336bc (patch) | |
tree | 94194d97bfdf2a2d5f73e8cc5accda7c95816b05 /include/uapi | |
parent | 55c900477f5b3897d9038446f72a281cae0efd86 (diff) | |
parent | eefed7662ff223f70ba8b1af07f1a096a5ece588 (diff) |
Merge tag 'ipsec-next-2023-10-28' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next
Steffen Klassert says:
====================
pull request (net-next): ipsec-next 2023-10-28
1) Remove unused function declarations of xfrm4_extract_input and
xfrm6_extract_input. From Yue Haibing.
2) Annotate struct xfrm_sec_ctx with __counted_by.
From Kees Cook.
3) Support GRO decapsulation for ESP in UDP encapsulation.
From Antony Antony et all.
4) Replace the xfrm session decode with flow dissector.
From Florian Westphal.
5) Fix a use after free in __xfrm6_udp_encap_rcv.
6) Fix the layer 4 flowi decoding.
From Florian Westphal.
* tag 'ipsec-next-2023-10-28' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next:
xfrm: policy: fix layer 4 flowi decoding
xfrm Fix use after free in __xfrm6_udp_encap_rcv.
xfrm: policy: replace session decode with flow dissector
xfrm: move mark and oif flowi decode into common code
xfrm: pass struct net to xfrm_decode_session wrappers
xfrm: Support GRO for IPv6 ESP in UDP encapsulation
xfrm: Support GRO for IPv4 ESP in UDP encapsulation
xfrm: Use the XFRM_GRO to indicate a GRO call on input
xfrm: Annotate struct xfrm_sec_ctx with __counted_by
xfrm: Remove unused function declarations
====================
Link: https://lore.kernel.org/r/20231028084328.3119236-1-steffen.klassert@secunet.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Diffstat (limited to 'include/uapi')
-rw-r--r-- | include/uapi/linux/xfrm.h | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/include/uapi/linux/xfrm.h b/include/uapi/linux/xfrm.h index 23543c33fee8..6a77328be114 100644 --- a/include/uapi/linux/xfrm.h +++ b/include/uapi/linux/xfrm.h @@ -4,6 +4,7 @@ #include <linux/in6.h> #include <linux/types.h> +#include <linux/stddef.h> /* All of the structures in this file may not change size as they are * passed into the kernel from userspace via netlink sockets. @@ -33,7 +34,7 @@ struct xfrm_sec_ctx { __u8 ctx_alg; __u16 ctx_len; __u32 ctx_sid; - char ctx_str[]; + char ctx_str[] __counted_by(ctx_len); }; /* Security Context Domains of Interpretation */ |