[IPSEC]: Move encap check back down to esp4.c

In a previous, I moved the encap_type checks in esp4.c from the packet processing path to xfrm_user/af_key. This isn't ideal since those encap types only make sense for esp4. The following patch moves it back into esp4.c. The difference is that it's now done in init_state so that it's only done once rather than per-packet. I've also added encap_type checks for every transform. This means that people attaching encap objects to AH/IPCOMP/IPIP will now get errors. That should be fine as no major KM does this. Please note that the error returned is now EINVAL instead of ENOPROTOOPT. This shouldn't break anything since KMs only test the errno from setsockopt() for NAT-T support rather than add_sa where it would be too late anyway. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@redhat.com>

[IPSEC]: Move encap check back down to esp4.c
In a previous, I moved the encap_type checks in esp4.c from the packet processing path to xfrm_user/af_key. This isn't ideal since those encap types only make sense for esp4. The following patch moves it back into esp4.c. The difference is that it's now done in init_state so that it's only done once rather than per-packet. I've also added encap_type checks for every transform. This means that people attaching encap objects to AH/IPCOMP/IPIP will now get errors. That should be fine as no major KM does this. Please note that the error returned is now EINVAL instead of ENOPROTOOPT. This shouldn't break anything since KMs only test the errno from setsockopt() for NAT-T support rather than add_sa where it would be too late anyway. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: David S. Miller <davem@redhat.com>
3ded0baf · Herbert Xu · David S. Miller · 6567299a · 3ded0baf · 3ded0baf
Commit 3ded0baf authored Aug 15, 2004 by Herbert Xu Committed by David S. Miller Aug 15, 2004
10 changed files
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -214,6 +214,9 @@ static int ah_init_state(struct xfrm_state *x, void *args)
 	if (x->aalg->alg_key_len > 512)
 		goto error;

+	if (x->encap)
+		goto error;
+
 	ahp = kmalloc(sizeof(*ahp), GFP_KERNEL);
 	if (ahp == NULL)
 		return -ENOMEM;

--- a/net/ipv4/esp4.c
+++ b/net/ipv4/esp4.c
@@ -436,6 +436,7 @@ int esp_init_state(struct xfrm_state *x, void *args)

 		switch (encap->encap_type) {
 		default:
+			goto error;
 		case UDP_ENCAP_ESPINUDP:
 			x->props.header_len += sizeof(struct udphdr);
 			break;
@@ -449,15 +450,9 @@ int esp_init_state(struct xfrm_state *x, void *args)
 	return 0;

 error:
-	if (esp) {
-		if (esp->auth.tfm)
-			crypto_free_tfm(esp->auth.tfm);
-		if (esp->auth.work_icv)
-			kfree(esp->auth.work_icv);
-		if (esp->conf.tfm)
-			crypto_free_tfm(esp->conf.tfm);
-		kfree(esp);
-	}
+	x->data = esp;
+	esp_destroy(x);
+	x->data = NULL;
 	return -EINVAL;
 }


--- a/net/ipv4/ipcomp.c
+++ b/net/ipv4/ipcomp.c
@@ -288,6 +288,9 @@ static int ipcomp_init_state(struct xfrm_state *x, void *args)
 	if (!x->calg)
 		goto out;

+	if (x->encap)
+		goto out;
+
 	err = -ENOMEM;
 	ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL);
 	if (!ipcd)

--- a/net/ipv4/xfrm4_tunnel.c
+++ b/net/ipv4/xfrm4_tunnel.c
@@ -84,6 +84,10 @@ static int ipip_init_state(struct xfrm_state *x, void *args)
 {
 	if (!x->props.mode)
 		return -EINVAL;
+
+	if (x->encap)
+		return -EINVAL;
+
 	x->props.header_len = sizeof(struct iphdr);

 	return 0;

--- a/net/ipv6/ah6.c
+++ b/net/ipv6/ah6.c
@@ -353,6 +353,9 @@ static int ah6_init_state(struct xfrm_state *x, void *args)
 	if (x->aalg->alg_key_len > 512)
 		goto error;

+	if (x->encap)
+		goto error;
+
 	ahp = kmalloc(sizeof(*ahp), GFP_KERNEL);
 	if (ahp == NULL)
 		return -ENOMEM;

--- a/net/ipv6/esp6.c
+++ b/net/ipv6/esp6.c
@@ -310,6 +310,9 @@ int esp6_init_state(struct xfrm_state *x, void *args)
 	if (x->ealg == NULL)
 		goto error;

+	if (x->encap)
+		goto error;
+
 	esp = kmalloc(sizeof(*esp), GFP_KERNEL);
 	if (esp == NULL)
 		return -ENOMEM;

--- a/net/ipv6/ipcomp6.c
+++ b/net/ipv6/ipcomp6.c
@@ -284,6 +284,9 @@ static int ipcomp6_init_state(struct xfrm_state *x, void *args)
 	if (!x->calg)
 		goto out;

+	if (x->encap)
+		goto out;
+
 	err = -ENOMEM;
 	ipcd = kmalloc(sizeof(*ipcd), GFP_KERNEL);
 	if (!ipcd)

--- a/net/ipv6/xfrm6_tunnel.c
+++ b/net/ipv6/xfrm6_tunnel.c
@@ -517,6 +517,9 @@ static int xfrm6_tunnel_init_state(struct xfrm_state *x, void *args)
 	if (!x->props.mode)
 		return -EINVAL;

+	if (x->encap)
+		return -EINVAL;
+
 	x->props.header_len = sizeof(struct ipv6hdr);

 	return 0;

--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1075,15 +1075,6 @@ static struct xfrm_state * pfkey_msg2xfrm_state(struct sadb_msg *hdr,
 		n_type = ext_hdrs[SADB_X_EXT_NAT_T_TYPE-1];
 		natt->encap_type = n_type->sadb_x_nat_t_type_type;

-		switch (natt->encap_type) {
-		case UDP_ENCAP_ESPINUDP:
-		case UDP_ENCAP_ESPINUDP_NON_IKE:
-			break;
-		default:
-			err = -ENOPROTOOPT;
-			goto out;
-		}
-
 		if (ext_hdrs[SADB_X_EXT_NAT_T_SPORT-1]) {
 			struct sadb_x_nat_t_port* n_port =
 				ext_hdrs[SADB_X_EXT_NAT_T_SPORT-1];

--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -78,15 +78,6 @@ static int verify_encap_tmpl(struct rtattr **xfrma)
 	if ((rt->rta_len - sizeof(*rt)) < sizeof(*encap))
 		return -EINVAL;

-	encap = RTA_DATA(rt);
-	switch (encap->encap_type) {
-	case UDP_ENCAP_ESPINUDP:
-	case UDP_ENCAP_ESPINUDP_NON_IKE:
-		break;
-	default:
-		return -ENOPROTOOPT;
-	}
-
 	return 0;
 }