diff options
Diffstat (limited to 'net/xfrm/xfrm_user.c')
| -rw-r--r-- | net/xfrm/xfrm_user.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index f964d4c00ffb..4e0546e9bb0a 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c | |||
| @@ -1189,6 +1189,8 @@ static int verify_policy_type(u8 type) | |||
| 1189 | 1189 | ||
| 1190 | static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) | 1190 | static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) |
| 1191 | { | 1191 | { |
| 1192 | int ret; | ||
| 1193 | |||
| 1192 | switch (p->share) { | 1194 | switch (p->share) { |
| 1193 | case XFRM_SHARE_ANY: | 1195 | case XFRM_SHARE_ANY: |
| 1194 | case XFRM_SHARE_SESSION: | 1196 | case XFRM_SHARE_SESSION: |
| @@ -1224,7 +1226,13 @@ static int verify_newpolicy_info(struct xfrm_userpolicy_info *p) | |||
| 1224 | return -EINVAL; | 1226 | return -EINVAL; |
| 1225 | } | 1227 | } |
| 1226 | 1228 | ||
| 1227 | return verify_policy_dir(p->dir); | 1229 | ret = verify_policy_dir(p->dir); |
| 1230 | if (ret) | ||
| 1231 | return ret; | ||
| 1232 | if (p->index && ((p->index & XFRM_POLICY_MAX) != p->dir)) | ||
| 1233 | return -EINVAL; | ||
| 1234 | |||
| 1235 | return 0; | ||
| 1228 | } | 1236 | } |
| 1229 | 1237 | ||
| 1230 | static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct nlattr **attrs) | 1238 | static int copy_from_user_sec_ctx(struct xfrm_policy *pol, struct nlattr **attrs) |