d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
897e43124e
freebsd-skq/sys
History
John Baldwin 897e43124e Don't pass bogus keys down for NULL algorithms. 
The changes in r359374 added various sanity checks in sessions and
requests created by crypto consumers in part to permit backend drivers
to make assumptions instead of duplicating checks for various edge
cases.  One of the new checks was to reject sessions which provide a
pointer to a key while claiming the key is zero bits long.

IPsec ESP tripped over this as it passes along whatever key is
provided for NULL, including a pointer to a zero-length key when an
empty string ("") is used with setkey(8).  One option would be to
teach the IPsec key layer to not allocate keys of zero length, but I
went with a simpler fix of just not passing any keys down and always
using a key length of zero for NULL algorithms.

PR:		245832
Reported by:	CI
2020-05-02 01:00:29 +00:00
..
amd64 Remove an obsolete TODO comment from several minidump implementations. 2020-04-24 18:47:42 +00:00
arm Convert arm's physmem interface to MI code 2020-04-19 00:12:30 +00:00
arm64 Export tracing facility of GIC500 ITS block. 2020-04-29 14:31:25 +00:00
bsm bsm: add AUE_CLOSERANGE 2020-04-24 01:27:25 +00:00
cam Fix three bugs highlighted by review: 2020-04-30 21:08:59 +00:00
cddl Avoid the GEOM topology lock recursion when we automatically expand a pool. 2020-04-25 21:45:31 +00:00
compat Implement more PCI-express bandwidth functions in the LinuxKPI. 2020-05-01 10:32:42 +00:00
conf Move route-specific ddb commands to route/route_ddb.c 2020-04-28 20:00:17 +00:00
contrib MFV: r360512 2020-05-01 01:26:36 +00:00
crypto ccp: add a new hardware ID, found on AMD Ryzen 3 3200U 2020-04-24 10:20:54 +00:00
ddb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
dev Add KASSERT to ensure sane nsid. 2020-05-01 21:24:19 +00:00
dts allwinner: aw_thermal: Cope with DTS changes 2020-04-14 19:05:17 +00:00
fs Factor some code out of nfsm_dissct() into separate functions. 2020-05-01 00:36:14 +00:00
gdb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
geom Add g_topology_locked() macro that returns true if we already hold the GEOM 2020-04-25 21:41:09 +00:00
gnu dts: Import DTS from Linux 5.6 2020-04-14 18:57:00 +00:00
i386 Remove an obsolete TODO comment from several minidump implementations. 2020-04-24 18:47:42 +00:00
isa
kern correct procctl(PROC_PROTMAX_STATUS _NOFORCE return 2020-05-01 14:30:59 +00:00
kgssapi Remove support for Kernel GSS algorithms deprecated in r348875. 2020-04-10 23:08:41 +00:00
libkern Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
mips Fix a race in pmap_emulate_modified(). 2020-04-24 21:21:49 +00:00
modules None of these use opt_sched.h 2020-04-28 16:09:18 +00:00
net Increase the iflib txq callout mutex name length to 32 bytes. 2020-04-30 15:39:04 +00:00
net80211 Don't indirect user pointers directly in two 802.11s ioctls. 2020-04-24 22:10:02 +00:00
netgraph Add le_read_buffer_size command and manpage. 2020-04-28 16:00:34 +00:00
netinet Introduce a lower bound of 2 MSS to TCP Cubic. 2020-04-30 11:11:28 +00:00
netinet6 Add nhop to the ifa_rtrequest() callback. 2020-04-29 19:28:56 +00:00
netipsec Don't pass bogus keys down for NULL algorithms. 2020-05-02 01:00:29 +00:00
netpfil Move route_temporal.c and route_var.h to net/route. 2020-04-28 19:14:09 +00:00
netsmb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
nfs Remove rtable dumping code from bootp. 2020-04-28 07:23:41 +00:00
nfsclient
nfsserver
nlm Make nfslockd depend on xdr. 2020-04-23 09:37:22 +00:00
ofed Convert OFED rtable interactions to the new routing KPI. 2020-04-15 13:06:55 +00:00
opencrypto Retire the CRYPTO_F_IV_GENERATE flag. 2020-04-20 22:24:49 +00:00
powerpc Remove an obsolete TODO comment from several minidump implementations. 2020-04-24 18:47:42 +00:00
riscv Use the HSM SBI extension to halt CPUs 2020-05-01 21:59:47 +00:00
rpc Split XDR into separate kernel module. Make krpc depend on xdr. 2020-04-17 06:04:20 +00:00
security audit_canon_path_vp: don't panic if cdir == NULL 2020-04-17 02:09:31 +00:00
sys Bump __FreeBSD_version for KTLS RX support. 2020-04-28 00:06:49 +00:00
teken
tests Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
tools vfs: stop null checking routines in vop wrappers 2020-01-26 00:41:38 +00:00
ufs Retire two unused background fsck sysctls. 2020-04-21 17:42:32 +00:00
vm Re-check for wirings after busying the page in vm_page_release_locked(). 2020-04-28 13:51:41 +00:00
x86 Fix handling of NMIs from unknown sources (BMC, hypervisor) 2020-04-26 00:41:29 +00:00
xdr Split XDR into separate kernel module. Make krpc depend on xdr. 2020-04-17 06:04:20 +00:00
xen Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (16 of many) 2020-02-25 19:04:39 +00:00
Makefile Remove sparc64 kernel support 2020-02-03 17:35:11 +00:00