Commit 451b5096 authored by Antony Antony's avatar Antony Antony Committed by Steffen Klassert
Browse files

xfrm: Restrict SA direction attribute to specific netlink message types 



Reject the usage of the SA_DIR attribute in xfrm netlink messages when
it's not applicable. This ensures that SA_DIR is only accepted for
certain message types (NEWSA, UPDSA, and ALLOCSPI)

Signed-off-by: default avatarAntony Antony <antony.antony@secunet.com>
Reviewed-by: default avatarSabrina Dubroca <sd@queasysnail.net>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
parent 304b44f0

net/xfrm/xfrm_user.c

+24 −0
Original line number Diff line number Diff line
@@ -3213,6 +3213,24 @@ static const struct xfrm_link { 
	[XFRM_MSG_GETDEFAULT  - XFRM_MSG_BASE] = { .doit = xfrm_get_default   },

};



static int xfrm_reject_unused_attr(int type, struct nlattr **attrs,

				   struct netlink_ext_ack *extack)

{

	if (attrs[XFRMA_SA_DIR]) {

		switch (type) {

		case XFRM_MSG_NEWSA:

		case XFRM_MSG_UPDSA:

		case XFRM_MSG_ALLOCSPI:

			break;

		default:

			NL_SET_ERR_MSG(extack, "Invalid attribute SA_DIR");

			return -EINVAL;

		}

	}



	return 0;

}



static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh,

			     struct netlink_ext_ack *extack)

{
@@ -3272,6 +3290,12 @@ static int xfrm_user_rcv_msg(struct sk_buff *skb, struct nlmsghdr *nlh, 
	if (err < 0)

		goto err;



	if (!link->nla_pol || link->nla_pol == xfrma_policy) {

		err = xfrm_reject_unused_attr((type + XFRM_MSG_BASE), attrs, extack);

		if (err < 0)

			goto err;

	}



	if (link->doit == NULL) {

		err = -EINVAL;

		goto err;