Herbert Xu 1137b5e252 ipsec: Fix aborted xfrm policy dump crash ... An independent security researcher, Mohamed Ghannam, has reported this vulnerability to Beyond Security's SecuriTeam Secure Disclosure program. The xfrm_dump_policy_done function expects xfrm_dump_policy to have been called at least once or it will crash. This can be triggered if a dump fails because the target socket's receive buffer is full. This patch fixes it by using the cb->start mechanism to ensure that the initialisation is always done regardless of the buffer situation. Fixes: 12a169e7d8 ("ipsec: Put dumpers on the dump list") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>		2017-10-23 09:35:48 +02:00
..
Kconfig
Makefile	xfrm: fix xfrm_dev_event() missing when compile without CONFIG_XFRM_OFFLOAD	2017-06-07 08:16:27 +02:00
xfrm_algo.c
xfrm_device.c	xfrm: Fix negative device refcount on offload failure.	2017-09-11 10:36:51 +02:00
xfrm_hash.c
xfrm_hash.h	xfrm: use "unsigned int" in __xfrm6_pref_hash()	2017-03-24 07:03:12 +01:00
xfrm_input.c	vti: fix NULL dereference in xfrm_input()	2017-09-13 10:15:24 +02:00
xfrm_ipcomp.c
xfrm_output.c	net: xfrm: support setting an output mark.	2017-08-11 07:03:00 +02:00
xfrm_policy.c	ipsec: Fix dst leak in xfrm_bundle_create().	2017-10-11 10:15:58 +02:00
xfrm_proc.c
xfrm_replay.c	xfrm: Add xfrm_replay_overflow functions for offloading	2017-04-14 10:07:01 +02:00
xfrm_state.c	xfrm: don't call xfrm_policy_cache_flush under xfrm_state_lock	2017-09-28 09:39:05 +02:00
xfrm_sysctl.c
xfrm_user.c	ipsec: Fix aborted xfrm policy dump crash	2017-10-23 09:35:48 +02:00