Merge tag 'ipsec-next-2025-09-26' of... (ed6cfe86) · Commits · git / linux-net

net/ipv6/ah6.c

+31 −19

Original line number	Diff line number	Diff line
		@@ -46,6 +46,34 @@ struct ah_skb_cb {

		#define AH_SKB_CB(__skb) ((struct ah_skb_cb *)&((__skb)->cb[0]))

		/* Helper to save IPv6 addresses and extension headers to temporary storage */
		static inline void ah6_save_hdrs(struct tmp_ext *iph_ext,
		struct ipv6hdr *top_iph, int extlen)
		{
		if (!extlen)
		return;

		#if IS_ENABLED(CONFIG_IPV6_MIP6)
		iph_ext->saddr = top_iph->saddr;
		#endif
		iph_ext->daddr = top_iph->daddr;
		memcpy(&iph_ext->hdrs, top_iph + 1, extlen - sizeof(*iph_ext));
		}

		/* Helper to restore IPv6 addresses and extension headers from temporary storage */
		static inline void ah6_restore_hdrs(struct ipv6hdr *top_iph,
		struct tmp_ext *iph_ext, int extlen)
		{
		if (!extlen)
		return;

		#if IS_ENABLED(CONFIG_IPV6_MIP6)
		top_iph->saddr = iph_ext->saddr;
		#endif
		top_iph->daddr = iph_ext->daddr;
		memcpy(top_iph + 1, &iph_ext->hdrs, extlen - sizeof(*iph_ext));
		}

		static void ah_alloc_tmp(struct crypto_ahash ahash, int nfrags,
		unsigned int size)
		{
		@@ -301,13 +329,7 @@ static void ah6_output_done(void *data, int err)
		memcpy(ah->auth_data, icv, ahp->icv_trunc_len);
		memcpy(top_iph, iph_base, IPV6HDR_BASELEN);

		if (extlen) {
		#if IS_ENABLED(CONFIG_IPV6_MIP6)
		memcpy(&top_iph->saddr, iph_ext, extlen);
		#else
		memcpy(&top_iph->daddr, iph_ext, extlen);
		#endif
		}
		ah6_restore_hdrs(top_iph, iph_ext, extlen);

		kfree(AH_SKB_CB(skb)->tmp);
		xfrm_output_resume(skb->sk, skb, err);
		@@ -378,12 +400,8 @@ static int ah6_output(struct xfrm_state x, struct sk_buff skb)
		*/
		memcpy(iph_base, top_iph, IPV6HDR_BASELEN);

		ah6_save_hdrs(iph_ext, top_iph, extlen);
		if (extlen) {
		#if IS_ENABLED(CONFIG_IPV6_MIP6)
		memcpy(iph_ext, &top_iph->saddr, extlen);
		#else
		memcpy(iph_ext, &top_iph->daddr, extlen);
		#endif
		err = ipv6_clear_mutable_options(top_iph,
		extlen - sizeof(*iph_ext) +
		sizeof(*top_iph),
		@@ -434,13 +452,7 @@ static int ah6_output(struct xfrm_state x, struct sk_buff skb)
		memcpy(ah->auth_data, icv, ahp->icv_trunc_len);
		memcpy(top_iph, iph_base, IPV6HDR_BASELEN);

		if (extlen) {
		#if IS_ENABLED(CONFIG_IPV6_MIP6)
		memcpy(&top_iph->saddr, iph_ext, extlen);
		#else
		memcpy(&top_iph->daddr, iph_ext, extlen);
		#endif
		}
		ah6_restore_hdrs(top_iph, iph_ext, extlen);

		out_free:
		kfree(iph_base);

net/xfrm/xfrm_user.c

+5 −5

Original line number	Diff line number	Diff line
		@@ -593,7 +593,7 @@ static int attach_one_algo(struct xfrm_algo *algpp, u8 props,
		if (!p)
		return -ENOMEM;

		strcpy(p->alg_name, algo->name);
		strscpy(p->alg_name, algo->name);
		*algpp = p;
		return 0;
		}
		@@ -620,7 +620,7 @@ static int attach_crypt(struct xfrm_state x, struct nlattr rta,
		if (!p)
		return -ENOMEM;

		strcpy(p->alg_name, algo->name);
		strscpy(p->alg_name, algo->name);
		x->ealg = p;
		x->geniv = algo->uinfo.encr.geniv;
		return 0;
		@@ -649,7 +649,7 @@ static int attach_auth(struct xfrm_algo_auth *algpp, u8 props,
		if (!p)
		return -ENOMEM;

		strcpy(p->alg_name, algo->name);
		strscpy(p->alg_name, algo->name);
		p->alg_key_len = ualg->alg_key_len;
		p->alg_trunc_len = algo->uinfo.auth.icv_truncbits;
		memcpy(p->alg_key, ualg->alg_key, (ualg->alg_key_len + 7) / 8);
		@@ -684,7 +684,7 @@ static int attach_auth_trunc(struct xfrm_algo_auth *algpp, u8 props,
		if (!p)
		return -ENOMEM;

		strcpy(p->alg_name, algo->name);
		strscpy(p->alg_name, algo->name);
		if (!p->alg_trunc_len)
		p->alg_trunc_len = algo->uinfo.auth.icv_truncbits;

		@@ -714,7 +714,7 @@ static int attach_aead(struct xfrm_state x, struct nlattr rta,
		if (!p)
		return -ENOMEM;

		strcpy(p->alg_name, algo->name);
		strscpy(p->alg_name, algo->name);
		x->aead = p;
		x->geniv = algo->uinfo.aead.geniv;
		return 0;