Commit 1fc8fde5 authored by Sabrina Dubroca's avatar Sabrina Dubroca Committed by Steffen Klassert
Browse files

xfrm: add extack to verify_one_alg, verify_auth_trunc, verify_aead 



Signed-off-by: default avatarSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent 785b87b2

net/xfrm/xfrm_user.c

+20 −11
Original line number Diff line number Diff line
@@ -35,7 +35,8 @@ 
#endif

#include <asm/unaligned.h>



static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type)

static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type,

			  struct netlink_ext_ack *extack)

{

	struct nlattr *rt = attrs[type];

	struct xfrm_algo *algp;
@@ -44,8 +45,10 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type) 
		return 0;



	algp = nla_data(rt);

	if (nla_len(rt) < (int)xfrm_alg_len(algp))

	if (nla_len(rt) < (int)xfrm_alg_len(algp)) {

		NL_SET_ERR_MSG(extack, "Invalid AUTH/CRYPT/COMP attribute length");

		return -EINVAL;

	}



	switch (type) {

	case XFRMA_ALG_AUTH:
@@ -54,6 +57,7 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type) 
		break;



	default:

		NL_SET_ERR_MSG(extack, "Invalid algorithm attribute type");

		return -EINVAL;

	}
@@ -61,7 +65,8 @@ static int verify_one_alg(struct nlattr **attrs, enum xfrm_attr_type_t type) 
	return 0;

}



static int verify_auth_trunc(struct nlattr **attrs)

static int verify_auth_trunc(struct nlattr **attrs,

			     struct netlink_ext_ack *extack)

{

	struct nlattr *rt = attrs[XFRMA_ALG_AUTH_TRUNC];

	struct xfrm_algo_auth *algp;
@@ -70,14 +75,16 @@ static int verify_auth_trunc(struct nlattr **attrs) 
		return 0;



	algp = nla_data(rt);

	if (nla_len(rt) < (int)xfrm_alg_auth_len(algp))

	if (nla_len(rt) < (int)xfrm_alg_auth_len(algp)) {

		NL_SET_ERR_MSG(extack, "Invalid AUTH_TRUNC attribute length");

		return -EINVAL;

	}



	algp->alg_name[sizeof(algp->alg_name) - 1] = '\0';

	return 0;

}



static int verify_aead(struct nlattr **attrs)

static int verify_aead(struct nlattr **attrs, struct netlink_ext_ack *extack)

{

	struct nlattr *rt = attrs[XFRMA_ALG_AEAD];

	struct xfrm_algo_aead *algp;
@@ -86,8 +93,10 @@ static int verify_aead(struct nlattr **attrs) 
		return 0;



	algp = nla_data(rt);

	if (nla_len(rt) < (int)aead_len(algp))

	if (nla_len(rt) < (int)aead_len(algp)) {

		NL_SET_ERR_MSG(extack, "Invalid AEAD attribute length");

		return -EINVAL;

	}



	algp->alg_name[sizeof(algp->alg_name) - 1] = '\0';

	return 0;
@@ -313,15 +322,15 @@ static int verify_newsa_info(struct xfrm_usersa_info *p, 
		goto out;

	}



	if ((err = verify_aead(attrs)))

	if ((err = verify_aead(attrs, extack)))

		goto out;

	if ((err = verify_auth_trunc(attrs)))

	if ((err = verify_auth_trunc(attrs, extack)))

		goto out;

	if ((err = verify_one_alg(attrs, XFRMA_ALG_AUTH)))

	if ((err = verify_one_alg(attrs, XFRMA_ALG_AUTH, extack)))

		goto out;

	if ((err = verify_one_alg(attrs, XFRMA_ALG_CRYPT)))

	if ((err = verify_one_alg(attrs, XFRMA_ALG_CRYPT, extack)))

		goto out;

	if ((err = verify_one_alg(attrs, XFRMA_ALG_COMP)))

	if ((err = verify_one_alg(attrs, XFRMA_ALG_COMP, extack)))

		goto out;

	if ((err = verify_sec_ctx_len(attrs, extack)))

		goto out;