Received: by 10.213.65.68 with SMTP id h4csp2436411imn; Mon, 9 Apr 2018 03:36:07 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+yfa9prfbS/DrjWuuNb2tQ6Z7zoucRXAEXZsTeXTmIR4vh/ctzXfvps1liOB899KWKM/ul X-Received: by 2002:a17:902:6b03:: with SMTP id o3-v6mr32421480plk.183.1523270167128; Mon, 09 Apr 2018 03:36:07 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1523270167; cv=none; d=google.com; s=arc-20160816; b=TIEWylv6vL4C+gJFrzIMWMQaPuq6j7GKiGJOqPtobJv8O+jicf2ms7QBdf38KRy7ue lNWETqDxHI2SAZet7alOKvJkFGudlziHylp5/QyBVbYzMyYYK88ZmJO3pht7UljpuMO9 xw6+fCI+D3XrsAArmZmki54ly1tI8DBNrWtwL5vRL6Iej0H7YFIzzgoSdnjIy5lTXYwF MtpeKk+Mm77+BL3At0bxHgKBT1nay/kSXBgIDzj5hCLjz5xAQmTT2QtaFvimsFLrUZtV exc1/n95FeqmqL5FJShXn8fGCXKCbE9yS07uDIKJNm/4/4MeqomYqAULdpHO99LQY79P mn/g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=vL6uPSGuDTqMIk5yUFFhY3aV8SaF0fNp1u2nwgTubdI=; b=MJ+sWYLFhuS/Ol1t7U3AevxT9qybnuTu4LRBxB9lFP+9LQNYngfY6LJx0ynn0U3ikj 2nUv1+KucIyRCmsOYXhtEY/q9db4P2GRFZnZL2eN6A/s1ulwVfaEvFvG66MceEGBzLPX WAm0rYIsYbI+w35ufK/aBOuURekecV01/6TeEpRh/jUoskxT68WZnHVNDF+Vcq7JYh15 a9JQ2WsFjj7hVdb6kqgOK0Msd6IfM4fVpVZnErrvbebeipDipQ1pHYsC5xba2r5nGxnf RDHbVEdS8UAi4sWBO+W5TpdWJHXOMoy4pIbDC8ihMumfPAPeKMaim8ucUGCV12Fhznjg 2R/A== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f26si19100pfn.269.2018.04.09.03.35.30; Mon, 09 Apr 2018 03:36:07 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751754AbeDIKcv (ORCPT + 99 others); Mon, 9 Apr 2018 06:32:51 -0400 Received: from a.mx.secunet.com ([62.96.220.36]:52828 "EHLO a.mx.secunet.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751455AbeDIKcu (ORCPT ); Mon, 9 Apr 2018 06:32:50 -0400 Received: from localhost (localhost [127.0.0.1]) by a.mx.secunet.com (Postfix) with ESMTP id 3985A201C2; Mon, 9 Apr 2018 12:32:49 +0200 (CEST) X-Virus-Scanned: by secunet Received: from a.mx.secunet.com ([127.0.0.1]) by localhost (a.mx.secunet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MM1qS-4fenn5; Mon, 9 Apr 2018 12:32:48 +0200 (CEST) Received: from mail-essen-01.secunet.de (mail-essen-01.secunet.de [10.53.40.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by a.mx.secunet.com (Postfix) with ESMTPS id 6072A201BF; Mon, 9 Apr 2018 12:32:48 +0200 (CEST) Received: from gauss2.secunet.de (10.182.7.193) by mail-essen-01.secunet.de (10.53.40.204) with Microsoft SMTP Server id 14.3.389.1; Mon, 9 Apr 2018 12:32:48 +0200 Received: by gauss2.secunet.de (Postfix, from userid 1000) id EB4E2318136F; Mon, 9 Apr 2018 12:32:47 +0200 (CEST) Date: Mon, 9 Apr 2018 12:32:47 +0200 From: Steffen Klassert To: Kevin Easton CC: Herbert Xu , "David S. Miller" , , Subject: Re: [PATCH v2 0/2] af_key: Fix for sadb_key memcpy read overrun Message-ID: <20180409103247.tfcvthfjsszz3z6y@gauss3.secunet.de> References: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Disposition: inline In-Reply-To: User-Agent: NeoMutt/20170609 (1.8.3) X-G-Data-MailSecurity-for-Exchange-State: 0 X-G-Data-MailSecurity-for-Exchange-Error: 0 X-G-Data-MailSecurity-for-Exchange-Sender: 23 X-G-Data-MailSecurity-for-Exchange-Server: d65e63f7-5c15-413f-8f63-c0d707471c93 X-EXCLAIMER-MD-CONFIG: 2c86f778-e09b-4440-8b15-867914633a10 X-G-Data-MailSecurity-for-Exchange-Guid: B6A0CA9A-6863-43A8-80BB-49D564AF5BAF Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sat, Apr 07, 2018 at 11:40:18AM -0400, Kevin Easton wrote: > As found by syzbot, af_key does not properly validate the key length in > sadb_key messages from userspace. This can result in copying from beyond > the end of the sadb_key part of the message, or indeed beyond the end of > the entire packet. > > Both these patches apply cleanly to ipsec-next. Based on Steffen's > feedback I have re-ordered them so that the fix only is in patch 1, which > I would suggest is also a stable tree candidate, whereas patch 2 is a > cleanup only. I think here is some explanation needed. Usually bugfixes and cleanups don't go to the same tree. On IPsec bugfixes go to the'ipsec' tree while cleanups and new features go to the 'ipsec-next' tree. So you need to split up your patchsets into patches that are targeted to 'ipsec' and 'ipsec-next'. Aside from that, we are in 'merge window' currently. This means that most maintainers don't accept patches to their -next trees. If you have patches for a -next tree, wait until the merge window is over (when v4.17-rc1 is released) and send them then.