xfrm: export verify_userspi_info for pkfey and netlink interface

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In order to check against valid IPcomp spi range, export verify_userspi_info
for both pfkey and netlink interface.

Signed-off-by: Fan Du <fan.du@windriver.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

authored by

Fan Du and committed by

Steffen Klassert 12 years ago 776e9dd9 ea9884b3

+32 -24

4 changed files

expand all

include

net

xfrm.h

net

key

af_key.c

xfrm

xfrm_state.c

xfrm_user.c

include/net/xfrm.h

··· 1563 1563 u32 id, int delete, int *err); 1564 1564 int xfrm_policy_flush(struct net *net, u8 type, struct xfrm_audit *audit_info); 1565 1565 u32 xfrm_get_acqseq(void); 1566 + int verify_spi_info(u8 proto, u32 min, u32 max); 1566 1567 int xfrm_alloc_spi(struct xfrm_state *x, u32 minspi, u32 maxspi); 1567 1568 struct xfrm_state *xfrm_find_acq(struct net *net, const struct xfrm_mark *mark, 1568 1569 u8 mode, u32 reqid, u8 proto,

net/key/af_key.c

··· 1340 1340 max_spi = range->sadb_spirange_max; 1341 1341 } 1342 1342 1343 + err = verify_spi_info(x->id.proto, min_spi, max_spi); 1344 + if (err) { 1345 + xfrm_state_put(x); 1346 + return err; 1347 + } 1348 + 1343 1349 err = xfrm_alloc_spi(x, min_spi, max_spi); 1344 1350 resp_skb = err ? ERR_PTR(err) : pfkey_xfrm_state2msg(x); 1345 1351

+24

net/xfrm/xfrm_state.c

··· 1489 1489 } 1490 1490 EXPORT_SYMBOL(xfrm_get_acqseq); 1491 1491 1492 + int verify_spi_info(u8 proto, u32 min, u32 max) 1493 + { 1494 + switch (proto) { 1495 + case IPPROTO_AH: 1496 + case IPPROTO_ESP: 1497 + break; 1498 + 1499 + case IPPROTO_COMP: 1500 + /* IPCOMP spi is 16-bits. */ 1501 + if (max >= 0x10000) 1502 + return -EINVAL; 1503 + break; 1504 + 1505 + default: 1506 + return -EINVAL; 1507 + } 1508 + 1509 + if (min > max) 1510 + return -EINVAL; 1511 + 1512 + return 0; 1513 + } 1514 + EXPORT_SYMBOL(verify_spi_info); 1515 + 1492 1516 int xfrm_alloc_spi(struct xfrm_state *x, u32 low, u32 high) 1493 1517 { 1494 1518 struct net *net = xs_net(x);

+1 -24

net/xfrm/xfrm_user.c

··· 1079 1079 return err; 1080 1080 } 1081 1081 1082 - static int verify_userspi_info(struct xfrm_userspi_info *p) 1083 - { 1084 - switch (p->info.id.proto) { 1085 - case IPPROTO_AH: 1086 - case IPPROTO_ESP: 1087 - break; 1088 - 1089 - case IPPROTO_COMP: 1090 - /* IPCOMP spi is 16-bits. */ 1091 - if (p->max >= 0x10000) 1092 - return -EINVAL; 1093 - break; 1094 - 1095 - default: 1096 - return -EINVAL; 1097 - } 1098 - 1099 - if (p->min > p->max) 1100 - return -EINVAL; 1101 - 1102 - return 0; 1103 - } 1104 - 1105 1082 static int xfrm_alloc_userspi(struct sk_buff *skb, struct nlmsghdr *nlh, 1106 1083 struct nlattr **attrs) 1107 1084 { ··· 1093 1116 struct xfrm_mark m; 1094 1117 1095 1118 p = nlmsg_data(nlh); 1096 - err = verify_userspi_info(p); 1119 + err = verify_spi_info(p->info.id.proto, p->min, p->max); 1097 1120 if (err) 1098 1121 goto out_noput; 1099 1122