Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-06 05:06:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

xfrm: add extack to verify_one_alg, verify_auth_trunc, verify_aead

Browse Source 
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
Sabrina Dubroca 2022-09-14 19:04:02 +02:00 committed by Steffen Klassert
parent 785b87b220
commit 1fc8fde553
1 changed files with 20 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
net/xfrm/xfrm_user.c
View File

@ -35,7 +35,8 @@
#endif
#include <asm/unaligned.h>
static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)
static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type,
struct netlink_ext_ack *extack)
{
struct nlattr *rt = attrs[type];
struct xfrm_algo *algp;
@ -44,8 +45,10 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)
return 0;
algp = nla_data(rt);
if (nla_len(rt) < (int)xfrm_alg_len(algp))
if (nla_len(rt) < (int)xfrm_alg_len(algp)) {
NL_SET_ERR_MSG(extack, "Invalid AUTH/CRYPT/COMP attribute length");
return -EINVAL;
}
switch (type) {
case XFRMA_ALG_AUTH:
@ -54,6 +57,7 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)
break;
default:
NL_SET_ERR_MSG(extack, "Invalid algorithm attribute type");
return -EINVAL;
}
@ -61,7 +65,8 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)
return 0;
}
static int verify_auth_trunc(struct nlattr **attrs)
static int verify_auth_trunc(struct nlattr **attrs,
struct netlink_ext_ack *extack)
{
struct nlattr *rt = attrs[XFRMA_ALG_AUTH_TRUNC];
struct xfrm_algo_auth *algp;
@ -70,14 +75,16 @@ static int verify_auth_trunc(struct nlattr **attrs)
return 0;
algp = nla_data(rt);
if (nla_len(rt) < (int)xfrm_alg_auth_len(algp))
if (nla_len(rt) < (int)xfrm_alg_auth_len(algp)) {
NL_SET_ERR_MSG(extack, "Invalid AUTH_TRUNC attribute length");
return -EINVAL;
}
algp->alg_name[sizeof(algp->alg_name) - 1] = '\0';
return 0;
}
static int verify_aead(struct nlattr **attrs)
static int verify_aead(struct nlattr **attrs, struct netlink_ext_ack *extack)
{
struct nlattr *rt = attrs[XFRMA_ALG_AEAD];
struct xfrm_algo_aead *algp;
@ -86,8 +93,10 @@ static int verify_aead(struct nlattr **attrs)
return 0;
algp = nla_data(rt);
if (nla_len(rt) < (int)aead_len(algp))
if (nla_len(rt) < (int)aead_len(algp)) {
NL_SET_ERR_MSG(extack, "Invalid AEAD attribute length");
return -EINVAL;
}
algp->alg_name[sizeof(algp->alg_name) - 1] = '\0';
return 0;
@ -313,15 +322,15 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
goto out;
}
if ((err = verify_aead(attrs)))
if ((err = verify_aead(attrs, extack)))
goto out;
if ((err = verify_auth_trunc(attrs)))
if ((err = verify_auth_trunc(attrs, extack)))
goto out;
if ((err = verify_one_alg(attrs, XFRMA_ALG_AUTH)))
if ((err = verify_one_alg(attrs, XFRMA_ALG_AUTH, extack)))
goto out;
if ((err = verify_one_alg(attrs, XFRMA_ALG_CRYPT)))
if ((err = verify_one_alg(attrs, XFRMA_ALG_CRYPT, extack)))
goto out;
if ((err = verify_one_alg(attrs, XFRMA_ALG_COMP)))
if ((err = verify_one_alg(attrs, XFRMA_ALG_COMP, extack)))
goto out;
if ((err = verify_sec_ctx_len(attrs, extack)))
goto out;