archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-13 23:46:14 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
Linux kernel source tree
1351539 commits 1 branch 922 tags 8.5 GiB
Find a file
Antonio Quartulli 89d3c0e461 ovpn: kill key and notify userspace in case of IV exhaustion 
IV wrap-around is cryptographically dangerous for a number of ciphers,
therefore kill the key and inform userspace (via netlink) should the
IV space go exhausted.

Userspace has two ways of deciding when the key has to be renewed before
exhausting the IV space:
1) time based approach:
   after X seconds/minutes userspace generates a new key and sends it
   to the kernel. This is based on guestimate and normally default
   timer value works well.

2) packet count based approach:
   after X packets/bytes userspace generates a new key and sends it to
   the kernel. Userspace keeps track of the amount of traffic by
   periodically polling GET_PEER and fetching the VPN/LINK stats.

Signed-off-by: Antonio Quartulli <antonio@openvpn.net>
Link: https://patch.msgid.link/20250415-b4-ovpn-v26-20-577f6097b964@openvpn.net
Reviewed-by: Sabrina Dubroca <sd@queasysnail.net>
Tested-by: Oleksandr Natalenko <oleksandr@natalenko.name>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
2025-04-17 12:30:03 +02:00
arch net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
block treewide: Switch/rename to timer_delete[_sync]() 2025-04-05 10:30:12 +02:00
certs sign-file,extract-cert: use pkcs11 provider for OPENSSL MAJOR >= 3 2024-09-20 19:52:48 +03:00
crypto This push fixes reverts the multibuffer hash testing as it is buggy. 2025-04-02 09:14:59 -07:00
Documentation ovpn: add basic interface creation/destruction/management routines 2025-04-17 12:30:02 +02:00
drivers ovpn: kill key and notify userspace in case of IV exhaustion 2025-04-17 12:30:03 +02:00
fs afs: Use rxgk RESPONSE to pass token for callback channel 2025-04-14 17:36:42 -07:00
include skb: implement skb_send_sock_locked_with_flags() 2025-04-17 12:30:03 +02:00
init Miscellaneous scheduler fixes/updates: 2025-04-06 10:44:58 -07:00
io_uring io_uring/kbuf: reject zero sized provided buffers 2025-04-07 07:51:23 -06:00
ipc treewide: const qualify ctl_tables where applicable 2025-01-28 13:48:37 +01:00
kernel trace: tcp: Add tracepoint for tcp_sendmsg_locked() 2025-04-10 18:34:05 -07:00
lib CRC cleanups for 6.15 2025-04-08 12:09:28 -07:00
LICENSES LICENSES: add 0BSD license text 2024-09-01 20:43:24 -07:00
mm page_pool: Move pp_magic check into helper functions 2025-04-14 16:30:29 -07:00
net skb: implement skb_send_sock_locked_with_flags() 2025-04-17 12:30:03 +02:00
rust Kbuild updates for v6.15 2025-04-05 15:46:50 -07:00
samples net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
scripts net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
security net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
sound soundwire fix for 6.15-rc1 2025-04-06 12:04:53 -07:00
tools selftests: mptcp: use IPPROTO_MPTCP for getaddrinfo 2025-04-15 08:21:47 -07:00
usr kbuild: hdrcheck: fix cross build with clang 2025-03-05 04:06:45 +09:00
virt ARM: 2025-04-08 13:47:55 -07:00
.clang-format clang-format: Update with v6.11-rc1's for_each macro list 2024-08-02 13:20:31 +02:00
.clippy.toml rust: give Clippy the minimum supported Rust version 2025-01-10 00:17:25 +01:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.editorconfig .editorconfig: remove trim_trailing_whitespace option 2024-06-13 16:47:52 +02:00
.get_maintainer.ignore MAINTAINERS: Retire Ralf Baechle 2024-11-12 15:48:59 +01:00
.gitattributes .gitattributes: set diff driver for Rust source code files 2023-05-31 17:48:25 +02:00
.gitignore kbuild: Create intermediate vmlinux build with relocations preserved 2025-03-17 00:29:50 +09:00
.mailmap mailmap: add an entry for Nicolas Schier 2025-04-01 15:20:45 -07:00
.rustfmt.toml rust: add .rustfmt.toml 2022-09-28 09:02:20 +02:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS Including fixes from netfilter. 2025-04-04 09:15:35 -07:00
Kbuild drm: ensure drm headers are self-contained and pass kernel-doc 2025-02-12 10:44:43 +02:00
Kconfig io_uring: Rename KConfig to Kconfig 2025-02-19 14:53:27 -07:00
MAINTAINERS ovpn: add basic netlink support 2025-04-17 12:30:02 +02:00
Makefile kbuild: Add '-fno-builtin-wcslen' 2025-04-08 12:03:26 -07:00
README README: Fix spelling 2024-03-18 03:36:32 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.