summaryrefslogtreecommitdiff
path: root/net/key
diff options
context:
space:
mode:
authorFan Du <fan.du@windriver.com>2013-12-16 18:47:49 +0800
committerSteffen Klassert <steffen.klassert@secunet.com>2013-12-16 12:54:02 +0100
commit776e9dd90ca223b82166eb2835389493b5914cba (patch)
tree565d2ac3f67fe6fa88e789fe94ac5cf9ee3a3d4b /net/key
parentea9884b3acf3311c8a11db67bfab21773f6f82ba (diff)
downloadlinux-next-776e9dd90ca223b82166eb2835389493b5914cba.tar.gz
xfrm: export verify_userspi_info for pkfey and netlink interface
In order to check against valid IPcomp spi range, export verify_userspi_info for both pfkey and netlink interface. Signed-off-by: Fan Du <fan.du@windriver.com> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/key')
-rw-r--r--net/key/af_key.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/net/key/af_key.c b/net/key/af_key.c
index 5beabd8ba772..1a04c1329362 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -1340,6 +1340,12 @@ static int pfkey_getspi(struct sock *sk, struct sk_buff *skb, const struct sadb_
max_spi = range->sadb_spirange_max;
}
+ err = verify_spi_info(x->id.proto, min_spi, max_spi);
+ if (err) {
+ xfrm_state_put(x);
+ return err;
+ }
+
err = xfrm_alloc_spi(x, min_spi, max_spi);
resp_skb = err ? ERR_PTR(err) : pfkey_xfrm_state2msg(x);