aboutsummaryrefslogtreecommitdiffstats
path: root/net/xfrm/xfrm_user.c
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2011-04-13 07:32:28 -0400
committerPatrick McHardy <kaber@trash.net>2011-04-13 07:32:28 -0400
commitb32e3dc7860d00124fa432dba09667e647cb9bcc (patch)
tree2fa6e56f389431dfb84609d3d7572cad76e88e71 /net/xfrm/xfrm_user.c
parent6604271c5bc658a6067ed0c3deba4d89e0e50382 (diff)
parent96120d86fe302c006259baee9061eea9e1b9e486 (diff)
Merge branch 'master' of ssh://master.kernel.org/pub/scm/linux/kernel/git/kaber/nf-2.6
Diffstat (limited to 'net/xfrm/xfrm_user.c')
-rw-r--r--net/xfrm/xfrm_user.c26
1 files changed, 25 insertions, 1 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 706385ae3e4b..3d15d3e1b2c4 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -127,6 +127,9 @@ static inline int verify_replay(struct xfrm_usersa_info *p,
127 if (!rt) 127 if (!rt)
128 return 0; 128 return 0;
129 129
130 if (p->id.proto != IPPROTO_ESP)
131 return -EINVAL;
132
130 if (p->replay_window != 0) 133 if (p->replay_window != 0)
131 return -EINVAL; 134 return -EINVAL;
132 135
@@ -360,6 +363,23 @@ static int attach_aead(struct xfrm_algo_aead **algpp, u8 *props,
360 return 0; 363 return 0;
361} 364}
362 365
366static inline int xfrm_replay_verify_len(struct xfrm_replay_state_esn *replay_esn,
367 struct nlattr *rp)
368{
369 struct xfrm_replay_state_esn *up;
370
371 if (!replay_esn || !rp)
372 return 0;
373
374 up = nla_data(rp);
375
376 if (xfrm_replay_state_esn_len(replay_esn) !=
377 xfrm_replay_state_esn_len(up))
378 return -EINVAL;
379
380 return 0;
381}
382
363static int xfrm_alloc_replay_state_esn(struct xfrm_replay_state_esn **replay_esn, 383static int xfrm_alloc_replay_state_esn(struct xfrm_replay_state_esn **replay_esn,
364 struct xfrm_replay_state_esn **preplay_esn, 384 struct xfrm_replay_state_esn **preplay_esn,
365 struct nlattr *rta) 385 struct nlattr *rta)
@@ -511,7 +531,7 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
511 531
512 xfrm_mark_get(attrs, &x->mark); 532 xfrm_mark_get(attrs, &x->mark);
513 533
514 err = xfrm_init_state(x); 534 err = __xfrm_init_state(x, false);
515 if (err) 535 if (err)
516 goto error; 536 goto error;
517 537
@@ -1766,6 +1786,10 @@ static int xfrm_new_ae(struct sk_buff *skb, struct nlmsghdr *nlh,
1766 if (x->km.state != XFRM_STATE_VALID) 1786 if (x->km.state != XFRM_STATE_VALID)
1767 goto out; 1787 goto out;
1768 1788
1789 err = xfrm_replay_verify_len(x->replay_esn, rp);
1790 if (err)
1791 goto out;
1792
1769 spin_lock_bh(&x->lock); 1793 spin_lock_bh(&x->lock);
1770 xfrm_update_ae_params(x, attrs); 1794 xfrm_update_ae_params(x, attrs);
1771 spin_unlock_bh(&x->lock); 1795 spin_unlock_bh(&x->lock);