aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTimo Teräs <timo.teras@iki.fi>2010-03-30 20:17:04 -0400
committerDavid S. Miller <davem@davemloft.net>2010-04-01 22:41:35 -0400
commitc8bf4d04f970fafb3430d332533e1cf103f2a018 (patch)
tree5d0a7507da01350b64fe182d7906bc0d85166f8b
parent34996cb91dd72f0b0456d8fd3fef4aaee62232f2 (diff)
xfrm_user: verify policy direction at XFRM_MSG_POLEXPIRE handler
Add missing check for policy direction verification. This is especially important since without this xfrm_user may end up deleting per-socket policy which is not allowed. Signed-off-by: Timo Teras <timo.teras@iki.fi> Acked-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--net/xfrm/xfrm_user.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 6106b72826d3..da5ba86181de 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -1741,6 +1741,10 @@ static int xfrm_add_pol_expire(struct sk_buff *skb, struct nlmsghdr *nlh,
1741 if (err) 1741 if (err)
1742 return err; 1742 return err;
1743 1743
1744 err = verify_policy_dir(p->dir);
1745 if (err)
1746 return err;
1747
1744 if (p->index) 1748 if (p->index)
1745 xp = xfrm_policy_byid(net, mark, type, p->dir, p->index, 0, &err); 1749 xp = xfrm_policy_byid(net, mark, type, p->dir, p->index, 0, &err);
1746 else { 1750 else {