Skip to content
Snippets Groups Projects
Commit 48c4b4b5 authored by Leon Romanovsky's avatar Leon Romanovsky Committed by Yongqiang Liu
Browse files

xfrm: enforce validity of offload input flags

stable inclusion
from linux-4.19.233
commit 94c115d1380400f0001640619244dfe7a3a04772
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I5646A


CVE: NA

--------------------------------

commit 7c76ecd9c99b6e9a771d813ab1aa7fa428b3ade1 upstream.

struct xfrm_user_offload has flags variable that received user input,
but kernel didn't check if valid bits were provided. It caused a situation
where not sanitized input was forwarded directly to the drivers.

For example, XFRM_OFFLOAD_IPV6 define that was exposed, was used by
strongswan, but not implemented in the kernel at all.

As a solution, check and sanitize input flags to forward
XFRM_OFFLOAD_INBOUND to the drivers.

Fixes: d77e38e6 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: default avatarLeon Romanovsky <leonro@nvidia.com>
Signed-off-by: default avatarSteffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: default avatarYongqiang Liu <liuyongqiang13@huawei.com>
parent 8db3cf08
No related branches found
No related tags found
No related merge requests found
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment