forked from Minki/linux
xfrm: interface with if_id 0 should return error
xfrm interface if_id = 0 would cause xfrm policy lookup errors since Commit9f8550e4bd
. Now explicitly fail to create an xfrm interface when if_id = 0 With this commit: ip link add ipsec0 type xfrm dev lo if_id 0 Error: if_id must be non zero. v1->v2 change: - add Fixes: tag Fixes:9f8550e4bd
("xfrm: fix disable_xfrm sysctl when used on xfrm interfaces") Signed-off-by: Antony Antony <antony.antony@secunet.com> Reviewed-by: Eyal Birger <eyal.birger@gmail.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
This commit is contained in:
parent
7770a39d7c
commit
8dce439195
@ -637,11 +637,16 @@ static int xfrmi_newlink(struct net *src_net, struct net_device *dev,
|
||||
struct netlink_ext_ack *extack)
|
||||
{
|
||||
struct net *net = dev_net(dev);
|
||||
struct xfrm_if_parms p;
|
||||
struct xfrm_if_parms p = {};
|
||||
struct xfrm_if *xi;
|
||||
int err;
|
||||
|
||||
xfrmi_netlink_parms(data, &p);
|
||||
if (!p.if_id) {
|
||||
NL_SET_ERR_MSG(extack, "if_id must be non zero");
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
xi = xfrmi_locate(net, &p);
|
||||
if (xi)
|
||||
return -EEXIST;
|
||||
@ -666,7 +671,12 @@ static int xfrmi_changelink(struct net_device *dev, struct nlattr *tb[],
|
||||
{
|
||||
struct xfrm_if *xi = netdev_priv(dev);
|
||||
struct net *net = xi->net;
|
||||
struct xfrm_if_parms p;
|
||||
struct xfrm_if_parms p = {};
|
||||
|
||||
if (!p.if_id) {
|
||||
NL_SET_ERR_MSG(extack, "if_id must be non zero");
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
xfrmi_netlink_parms(data, &p);
|
||||
xi = xfrmi_locate(net, &p);
|
||||
|
Loading…
Reference in New Issue
Block a user