From: Jakub Kicinski <kuba@kernel.org>
Date: Thu, 9 Apr 2026 01:44:37 +0000 (-0700)
Subject: Merge branch 'rxrpc-miscellaneous-fixes'
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cade36eed7173e5d341ea31b59c61435fe08a8ff;p=thirdparty%2Fkernel%2Flinux.git

Merge branch 'rxrpc-miscellaneous-fixes'

David Howells says:

====================
rxrpc: Miscellaneous fixes

Here are some fixes for rxrpc:

 (1) Fix key quota calculation.

 (2) Fix a memory leak.

 (3) Fix rxrpc_new_client_call_for_sendmsg() to substitute NULL for an
     empty key.

     Might want to remove this substitution entirely or handle it in
     rxrpc_init_client_call_security() instead.

 (4) Fix deletion of call->link to be RCU safe.

 (5) Fix missing bounds checks when parsing RxGK tickets.

 (6) Fix use of wrong skbuff to get challenge serial number.  Also actually
     substitute the newer response skbuff and release the older one.

 (7) Fix unexpected RACK timer warning to report old mode.

 (8) Fix call key refcount leak.

 (9) Fix the interaction of jumbograms with Tx window space, setting the
     request-ack flag when the window space is getting low, typically
     because each jumbogram take a big bite out of the window and fewer UDP
     packets get traded.

(10) Don't call rxrpc_put_call() with a NULL pointer.

(11) Reject undecryptable rxkad response tickets by checking result of
     decryption.

(12) Fix buffer bounds calculation in the RESPONSE authenticator parser.

(13) Fix oversized response length check.

(14) Fix refcount leak on multiple setting of server keyring.

(15) Fix checks made by RXRPC_SECURITY_KEY and RXRPC_SECURITY_KEYRING (both
     should be allowed).

(16) Fix lack of result checking on calls to crypto_skcipher_en/decrypt().

(17) Fix token_len limit check in rxgk_verify_response().

(18) Fix rxgk context leak in rxgk_verify_response().

(19) Fix read beyond end of buffer in rxgk_do_verify_authenticator().

(20) Fix parsing of RESPONSE packet on a connection that has already been set
     from a prior response.

(21) Fix size of buffers used for rendering addresses into for procfiles.
====================

Link: https://patch.msgid.link/20260408121252.2249051-1-dhowells@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---

cade36eed7173e5d341ea31b59c61435fe08a8ff