| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200828051814.GC20687@gauss3.secunet.de>
Date: Fri, 28 Aug 2020 07:18:14 +0200
From: Steffen Klassert <steffen.klassert@...unet.com>
To: Antony Antony <antony.antony@...unet.com>
CC: <netdev@...r.kernel.org>, Herbert Xu <herbert@...dor.apana.org.au>,
"Antony Antony" <antony@...nome.org>
Subject: Re: [PATCH v2 3/4] xfrm: clone XFRMA_SEC_CTX in xfrm_do_migrate
On Wed, Aug 26, 2020 at 09:40:09PM +0200, Antony Antony wrote:
> XFRMA_SEC_CTX was not cloned from the old to the new.
> Migrate this attribute during XFRMA_MSG_MIGRATE
>
> v1->v2:
> - return -ENOMEM on error
>
> Fixes: 80c9abaabf42 ("[XFRM]: Extension for dynamic update of endpoint address(es)")
> Signed-off-by: Antony Antony <antony.antony@...unet.com>
> ---
> net/xfrm/xfrm_state.c | 28 ++++++++++++++++++++++++++++
> 1 file changed, 28 insertions(+)
>
> diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c
> index 3a000f289dcd..16988303aed6 100644
> --- a/net/xfrm/xfrm_state.c
> +++ b/net/xfrm/xfrm_state.c
> @@ -1441,6 +1441,30 @@ int xfrm_state_add(struct xfrm_state *x)
> EXPORT_SYMBOL(xfrm_state_add);
>
> #ifdef CONFIG_XFRM_MIGRATE
> +static inline bool clone_security(struct xfrm_state *x, struct xfrm_sec_ctx *security)
> +{
> + struct xfrm_user_sec_ctx *uctx;
> + int size = sizeof(*uctx) + security->ctx_len;
> + int err;
> +
> + uctx = kmalloc(size, GFP_KERNEL);
> + if (!uctx)
> + return -ENOMEM;
Now that this function returns error values, it should be
of type 'int' not 'bool'.
Powered by blists - more mailing lists