!12155 bonding: Fix CVE-2024-44990 (9e44bdbf) · Commits · EulixOS / Software / Kernel

drivers/net/bonding/bond_main.c

+8 −12

Original line number	Diff line number	Diff line
		@@ -570,34 +570,30 @@ static bool bond_ipsec_offload_ok(struct sk_buff skb, struct xfrm_state xs)
		struct net_device *real_dev;
		struct slave *curr_active;
		struct bonding *bond;
		int err;
		bool ok = false;

		bond = netdev_priv(bond_dev);
		rcu_read_lock();
		curr_active = rcu_dereference(bond->curr_active_slave);
		if (!curr_active)
		goto out;
		real_dev = curr_active->dev;

		if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP) {
		err = false;
		if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP)
		goto out;
		}

		if (!xs->xso.real_dev) {
		err = false;
		if (!xs->xso.real_dev)
		goto out;
		}

		if (!real_dev->xfrmdev_ops \|\|
		!real_dev->xfrmdev_ops->xdo_dev_offload_ok \|\|
		netif_is_bond_master(real_dev)) {
		err = false;
		netif_is_bond_master(real_dev))
		goto out;
		}

		err = real_dev->xfrmdev_ops->xdo_dev_offload_ok(skb, xs);
		ok = real_dev->xfrmdev_ops->xdo_dev_offload_ok(skb, xs);
		out:
		rcu_read_unlock();
		return err;
		return ok;
		}

		static const struct xfrmdev_ops bond_xfrmdev_ops = {