linux/net/xfrm
fernando@oss.ntt.co a432226614 xfrm: do not leak ESRCH to user space
I noticed that, under certain conditions, ESRCH can be leaked from the
xfrm layer to user space through sys_connect. In particular, this seems
to happen reliably when the kernel fails to resolve a template either
because the AF_KEY receive buffer being used by racoon is full or
because the SA entry we are trying to use is in XFRM_STATE_EXPIRED
state.

However, since this could be a transient issue it could be argued that
EAGAIN would be more appropriate. Besides this error code is not even
documented in the man page for sys_connect (as of man-pages 3.07).

Signed-off-by: Fernando Luis Vazquez Cao <fernando@oss.ntt.co.jp>
Signed-off-by: David S. Miller <davem@davemloft.net>
2008-10-31 00:06:03 -07:00
..
Kconfig ipsec: ipcomp - Merge IPComp implementations 2008-07-25 02:54:40 -07:00
Makefile ipsec: ipcomp - Merge IPComp implementations 2008-07-25 02:54:40 -07:00
xfrm_algo.c net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
xfrm_hash.c [IPSEC]: kmalloc + memset conversion to kzalloc 2008-01-28 14:55:05 -08:00
xfrm_hash.h [XFRM] STATE: Use destination address for src hash. 2006-10-04 00:31:02 -07:00
xfrm_input.c [IPSEC]: Fix inter address family IPsec tunnel handling. 2008-03-24 14:51:51 -07:00
xfrm_ipcomp.c net: convert BUG_TRAP to generic WARN_ON 2008-07-25 21:43:18 -07:00
xfrm_output.c ipsec: Fix pskb_expand_head corruption in xfrm_state_check_space 2008-09-30 02:03:19 -07:00
xfrm_policy.c xfrm: do not leak ESRCH to user space 2008-10-31 00:06:03 -07:00
xfrm_proc.c [XFRM]: Fix statistics. 2008-01-31 19:28:30 -08:00
xfrm_state.c xfrm: MIGRATE enhancements (draft-ebalard-mext-pfkey-enhanced-migrate) 2008-10-05 13:33:42 -07:00
xfrm_user.c xfrm: MIGRATE enhancements (draft-ebalard-mext-pfkey-enhanced-migrate) 2008-10-05 13:33:42 -07:00