xfrm: fix sa selector validation [Linux 4.4.187]

This Linux kernel change "xfrm: fix sa selector validation" is included in the Linux 4.4.187 release. This change is authored by Nicolas Dichtel <nicolas.dichtel [at] 6wind.com> on Fri Jun 14 11:13:55 2019 +0200. The commit for this change in Linux stable tree is ffee581 (patch) which is from upstream commit b8d6d00. The same Linux upstream change may have been applied to various maintained Linux releases and you can find all Linux releases containing changes from upstream b8d6d00.

xfrm: fix sa selector validation

[ Upstream commit b8d6d0079757cbd1b69724cfd1c08e2171c68cee ]

After commit b38ff4075a80, the following command does not work anymore:
$ ip xfrm state add src 10.125.0.2 dst 10.125.0.1 proto esp spi 34 reqid 1 \
  mode tunnel enc 'cbc(aes)' 0xb0abdba8b782ad9d364ec81e3a7d82a1 auth-trunc \
  'hmac(sha1)' 0xe26609ebd00acb6a4d51fca13e49ea78a72c73e6 96 flag align4

In fact, the selector is not mandatory, allow the user to provide an empty
selector.

Fixes: b38ff4075a80 ("xfrm: Fix xfrm sel prefix length validation")
CC: Anirudh Gupta <anirudh.gupta@sophos.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

There are 3 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 net/xfrm/xfrm_user.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 10fda9a..8cc2a9d 100644
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -166,6 +166,9 @@ static int verify_newsa_info(struct xfrm_usersa_info *p,
    }

    switch (p->sel.family) {
+   case AF_UNSPEC:
+       break;
+
    case AF_INET:
        if (p->sel.prefixlen_d > 32 || p->sel.prefixlen_s > 32)
            goto out;

Leave a Reply

Your email address will not be published. Required fields are marked *