diff options
author | Fan Du <fan.du@windriver.com> | 2013-12-16 18:47:49 +0800 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2013-12-16 12:54:02 +0100 |
commit | 776e9dd90ca223b82166eb2835389493b5914cba (patch) | |
tree | 565d2ac3f67fe6fa88e789fe94ac5cf9ee3a3d4b /net/key | |
parent | ea9884b3acf3311c8a11db67bfab21773f6f82ba (diff) | |
download | linux-next-776e9dd90ca223b82166eb2835389493b5914cba.tar.gz |
xfrm: export verify_userspi_info for pkfey and netlink interface
In order to check against valid IPcomp spi range, export verify_userspi_info
for both pfkey and netlink interface.
Signed-off-by: Fan Du <fan.du@windriver.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/key')
-rw-r--r-- | net/key/af_key.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c index 5beabd8ba772..1a04c1329362 100644 --- a/net/key/af_key.c +++ b/net/key/af_key.c @@ -1340,6 +1340,12 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, const struct sadb_ max_spi = range->sadb_spirange_max; } + err = verify_spi_info(x->id.proto, min_spi, max_spi); + if (err) { + xfrm_state_put(x); + return err; + } + err = xfrm_alloc_spi(x, min_spi, max_spi); resp_skb = err ? ERR_PTR(err) : pfkey_xfrm_state2msg(x); |