diff options
| author | Steffen Klassert <[email protected]> | 2024-10-23 10:53:45 +0000 |
|---|---|---|
| committer | Steffen Klassert <[email protected]> | 2024-10-29 10:56:24 +0000 |
| commit | 83dfce38c49f3242c7edf5baab5c79c9ec360ecc (patch) | |
| tree | a0c992455820cbcda733fafeb717ea487084347f | |
| parent | xfrm: Add an inbound percpu state cache. (diff) | |
| download | kernel-83dfce38c49f3242c7edf5baab5c79c9ec360ecc.tar.gz kernel-83dfce38c49f3242c7edf5baab5c79c9ec360ecc.zip | |
xfrm: Restrict percpu SA attribute to specific netlink message types
Reject the usage of XFRMA_SA_PCPU in xfrm netlink messages when
it's not applicable.
Signed-off-by: Steffen Klassert <[email protected]>
Tested-by: Antony Antony <[email protected]>
Tested-by: Tobias Brunner <[email protected]>
| -rw-r--r-- | net/xfrm/xfrm_user.c | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index e4d448950d05..b6ce2b3c6b87 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -3282,6 +3282,20 @@ static int xfrm_reject_unused_attr(int type, struct nlattr **attrs, } } + if (attrs[XFRMA_SA_PCPU]) { + switch (type) { + case XFRM_MSG_NEWSA: + case XFRM_MSG_UPDSA: + case XFRM_MSG_ALLOCSPI: + case XFRM_MSG_ACQUIRE: + + break; + default: + NL_SET_ERR_MSG(extack, "Invalid attribute SA_PCPU"); + return -EINVAL; + } + } + return 0; } |