Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 776e9dd9 authored by Fan Du's avatar Fan Du Committed by Steffen Klassert
Browse files

xfrm: export verify_userspi_info for pkfey and netlink interface 



In order to check against valid IPcomp spi range, export verify_userspi_info
for both pfkey and netlink interface.

Signed-off-by: default avatarFan Du <fan.du@windriver.com>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent ea9884b3

include/net/xfrm.h

+1 −0
Original line number Diff line number Diff line
@@ -1563,6 +1563,7 @@ struct xfrm_policy *xfrm_policy_byid(struct net *net, u32 mark, u8, int dir, 
				     u32 id, int delete, int *err);

int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info);

u32 xfrm_get_acqseq(void);

int verify_spi_info(u8 proto, u32 min, u32 max);

int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi);

struct xfrm_state *xfrm_find_acq(struct net *net, const struct xfrm_mark *mark,

				 u8 mode, u32 reqid, u8 proto,

net/key/af_key.c

+6 −0
Original line number Diff line number Diff line
@@ -1340,6 +1340,12 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, const struct sadb_ 
		max_spi = range->sadb_spirange_max;

	}



	err = verify_spi_info(x->id.proto, min_spi, max_spi);

	if (err) {

		xfrm_state_put(x);

		return err;

	}



	err = xfrm_alloc_spi(x, min_spi, max_spi);

	resp_skb = err ? ERR_PTR(err) : pfkey_xfrm_state2msg(x);

net/xfrm/xfrm_state.c

+24 −0
Original line number Diff line number Diff line
@@ -1489,6 +1489,30 @@ u32 xfrm_get_acqseq(void) 
}

EXPORT_SYMBOL(xfrm_get_acqseq);



int verify_spi_info(u8 proto, u32 min, u32 max)

{

	switch (proto) {

	case IPPROTO_AH:

	case IPPROTO_ESP:

		break;



	case IPPROTO_COMP:

		/* IPCOMP spi is 16-bits. */

		if (max >= 0x10000)

			return -EINVAL;

		break;



	default:

		return -EINVAL;

	}



	if (min > max)

		return -EINVAL;



	return 0;

}

EXPORT_SYMBOL(verify_spi_info);



int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high)

{

	struct net *net = xs_net(x);

net/xfrm/xfrm_user.c

+1 −24
Original line number Diff line number Diff line
@@ -1079,29 +1079,6 @@ static int xfrm_get_sa(struct sk_buff *skb, struct nlmsghdr *nlh, 
	return err;

}



static int verify_userspi_info(struct xfrm_userspi_info *p)

{

	switch (p->info.id.proto) {

	case IPPROTO_AH:

	case IPPROTO_ESP:

		break;



	case IPPROTO_COMP:

		/* IPCOMP spi is 16-bits. */

		if (p->max >= 0x10000)

			return -EINVAL;

		break;



	default:

		return -EINVAL;

	}



	if (p->min > p->max)

		return -EINVAL;



	return 0;

}



static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh,

		struct nlattr **attrs)

{
@@ -1116,7 +1093,7 @@ static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, 
	struct xfrm_mark m;



	p = nlmsg_data(nlh);

	err = verify_userspi_info(p);

	err = verify_spi_info(p->info.id.proto, p->min, p->max);

	if (err)

		goto out_noput;