d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18b105c27b
freebsd-skq/sys
History
Andrey V. Elsukov 18b105c27b Add direction argument to ipsec_setspidx_inpcb() function. 
This function is used only by ipsec_getpolicybysock() to fill security
policy index selector for locally generated packets (that have INPCB).
The function incorrectly assumes that spidx is the same for both directions.
Fix this by using new direction argument to specify correct INPCB security
policy - sp_in or sp_out. There is no need to fill both policy indeces,
because they are overwritten for each packet.
This fixes security policy matching for outbound packets when user has
specified TCP/UDP ports in the security policy upperspec.

PR:		213869
MFC after:	1 week
2017-01-08 12:40:07 +00:00
..
amd64 amd64: add atomic_fcmpset 2017-01-03 21:00:24 +00:00
arm Include e6000sw driver in ARMADA38X configuration 2017-01-05 17:10:52 +00:00
arm64 Add virtio_pci to GENERIC arm64 conf 2016-12-18 11:15:31 +00:00
boot Use compiler driver to link BERI boot loaders 2017-01-05 19:17:14 +00:00
bsm
cam Make 'camcontrol modepage' support subpages. 2017-01-07 09:56:12 +00:00
cddl Revert r309619 "ifndef atomic_cas_* in cddl code" 2017-01-03 21:02:30 +00:00
compat Use getsock_cap() instead of fgetsock(). 2017-01-06 04:38:38 +00:00
conf [net80211] include the prototype VHT code into the build. 2017-01-08 04:27:08 +00:00
contrib Add some additional ACPI methods for DRM 2017-01-08 06:26:33 +00:00
crypto libmd: add noexec stack annotation in skein_block_asm.s 2017-01-07 19:26:25 +00:00
ddb Use casts to force an unsigned comparison in db_search_symbol(). 2016-12-14 00:18:12 +00:00
dev mmc: Accept even lower voltage for Cherryview 2017-01-08 06:20:21 +00:00
fs iso_rrip.h: Hide kernel definitions from makefs(8) 2017-01-08 09:16:07 +00:00
gdb
geom build: Unbreak LINT 2016-12-21 01:39:11 +00:00
gnu Add Ingenic X1000 DTS files (unofficial). 2016-11-19 15:03:49 +00:00
i386 Do not allocate struct statfs on kernel stack. 2017-01-05 17:19:26 +00:00
isa
kern Set MORETOCOME for AIO write requests on a socket. 2017-01-06 23:41:45 +00:00
kgssapi
libkern Update r309143 to prevent false sharing. 2016-11-25 17:20:23 +00:00
mips Enable /usr/lib32 for o32 binaries on mips64. 2017-01-06 23:30:54 +00:00
modules [net80211] include the prototype VHT code into the build. 2017-01-08 04:27:08 +00:00
net if: Defer the if_up until the ifnet.if_ioctl is called. 2017-01-06 05:10:49 +00:00
net80211 [net80211] add roaming parameters for 11ac. 2017-01-08 10:13:05 +00:00
netgraph Changes to allow the patching of packets with an offset (and other changes.. see man page) 2016-12-02 10:47:10 +00:00
netinet sysctl net.inet.tcp.hostcache.list in a jail can see connections from other 2017-01-05 17:22:09 +00:00
netinet6 Whitespace changes. 2016-12-26 11:06:41 +00:00
netipsec Add direction argument to ipsec_setspidx_inpcb() function. 2017-01-08 12:40:07 +00:00
netnatm
netpfil Improve upon r309394 2016-12-10 03:31:38 +00:00
netsmb
nfs
nfsclient
nfsserver
nlm
ofed
opencrypto Add support for the fpu_kern(9) KPI on arm64. It hooks into the existing 2016-10-20 09:22:10 +00:00
pc98 Add a COMPAT_FREEBSD11 kernel option. 2016-12-09 18:54:12 +00:00
powerpc Always null-terminate ccb_pathinq.(sim_vid|hba_vid|dev_name) 2017-01-04 20:26:42 +00:00
riscv Disable superpages reservations as we don't have implemented them yet. 2016-11-21 12:00:31 +00:00
rpc
security Audit 'fd' and 'cmd' arguments to fcntl(2), and when generating BSM, 2016-11-22 00:41:24 +00:00
sparc64 Add support for encrypted kernel crash dumps. 2016-12-10 16:20:39 +00:00
sys Define _POSIX_PRIORITY_SCHEDULING as 0. 2017-01-07 12:24:45 +00:00
teken
tests
tools
ufs Use type-independent formats for printing nlink_t and ino_t. 2017-01-06 16:59:33 +00:00
vm Remove a redundant use of min(). 2017-01-05 03:13:45 +00:00
x86 xen: fix IPI setup with EARLY_AP_STARTUP 2016-12-22 16:09:44 +00:00
xdr
xen xen: fix IPI setup with EARLY_AP_STARTUP 2016-12-22 16:09:44 +00:00
Makefile