diff options
| author | Leon Romanovsky <leonro@nvidia.com> | 2022-02-08 17:14:32 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-03-08 21:01:56 +0300 |
| commit | ab4fa0d4f8e721d8ca94c47512d2d6df69f44fb2 (patch) | |
| tree | a1007ab579d819e71090aedcbf01dc82a0c5fb03 /include | |
| parent | 05f7927b25d2635e87267ff6c79db79fb46cf313 (diff) | |
| download | linux-ab4fa0d4f8e721d8ca94c47512d2d6df69f44fb2.tar.xz | |
xfrm: enforce validity of offload input flags
commit 7c76ecd9c99b6e9a771d813ab1aa7fa428b3ade1 upstream.
struct xfrm_user_offload has flags variable that received user input,
but kernel didn't check if valid bits were provided. It caused a situation
where not sanitized input was forwarded directly to the drivers.
For example, XFRM_OFFLOAD_IPV6 define that was exposed, was used by
strongswan, but not implemented in the kernel at all.
As a solution, check and sanitize input flags to forward
XFRM_OFFLOAD_INBOUND to the drivers.
Fixes: d77e38e612a0 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: Leon Romanovsky <leonro@nvidia.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/uapi/linux/xfrm.h | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/include/uapi/linux/xfrm.h b/include/uapi/linux/xfrm.h index 0b636432cdf3..748e22a92a81 100644 --- a/include/uapi/linux/xfrm.h +++ b/include/uapi/linux/xfrm.h @@ -501,6 +501,12 @@ struct xfrm_user_offload { int ifindex; __u8 flags; }; +/* This flag was exposed without any kernel code that supporting it. + * Unfortunately, strongswan has the code that uses sets this flag, + * which makes impossible to reuse this bit. + * + * So leave it here to make sure that it won't be reused by mistake. + */ #define XFRM_OFFLOAD_IPV6 1 #define XFRM_OFFLOAD_INBOUND 2 |