system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-11-05 18:23:50 +00:00
Code Issues Projects Releases Packages Wiki Activity
linux/net/xfrm
History
Florian Westphal e901cbc293 xfrm: policy: check reinserted policies match their node 
validate the re-inserted policies match the lookup node.
Policies that fail this test won't be returned in the candidate set.

This is enabled by default for now, it should not cause noticeable
reinsert slow down.

Such reinserts are needed when we have to merge an existing node
(e.g. for 10.0.0.0/28 because a overlapping subnet was added (e.g.
10.0.0.0/24), so whenever this happens existing policies have to
be placed on the list of the new node.

Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
2018-11-09 11:58:13 +01:00
..
Kconfig ixgbe/ixgbevf: fix XFRM_ALGO dependency 2018-10-31 10:53:15 -07:00
Makefile xfrm: Add virtual xfrm interfaces 2018-06-23 16:07:25 +02:00
xfrm_algo.c
xfrm_device.c Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec-next 2018-10-01 22:31:17 -07:00
xfrm_hash.c mm: remove include/linux/bootmem.h 2018-10-31 08:54:16 -07:00
xfrm_hash.h xfrm: use complete IPv6 addresses for hash 2018-10-15 10:09:18 +02:00
xfrm_input.c xfrm: use correct size to initialise sp->ovec 2018-10-08 08:15:55 +02:00
xfrm_interface.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-10-19 11:03:06 -07:00
xfrm_ipcomp.c
xfrm_output.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2018-10-03 21:00:17 -07:00
xfrm_policy.c xfrm: policy: check reinserted policies match their node 2018-11-09 11:58:13 +01:00
xfrm_proc.c
xfrm_replay.c
xfrm_state.c compat: Cleanup in_compat_syscall() callers 2018-11-01 13:02:21 +01:00
xfrm_sysctl.c
xfrm_user.c compat: Cleanup in_compat_syscall() callers 2018-11-01 13:02:21 +01:00