提交 e40b3286 编写于 作者: H Herbert Xu 提交者: David S. Miller

[IPSEC]: Forbid BEET + ipcomp for now

While BEET can theoretically work with IPComp the current code can't
do that because it tries to construct a BEET mode tunnel type which
doesn't (and cannot) exist.  In fact as it is it won't even attach a
tunnel object at all for BEET which is bogus.

To support this fully we'd also need to change the policy checks on
input to recognise a plain tunnel as a legal variant of an optional
BEET transform.

This patch simply fails such constructions for now.
Signed-off-by: NHerbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 25ee3286
...@@ -182,7 +182,6 @@ static void ipcomp4_err(struct sk_buff *skb, u32 info) ...@@ -182,7 +182,6 @@ static void ipcomp4_err(struct sk_buff *skb, u32 info)
static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x)
{ {
struct xfrm_state *t; struct xfrm_state *t;
u8 mode = XFRM_MODE_TUNNEL;
t = xfrm_state_alloc(); t = xfrm_state_alloc();
if (t == NULL) if (t == NULL)
...@@ -193,9 +192,7 @@ static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x) ...@@ -193,9 +192,7 @@ static struct xfrm_state *ipcomp_tunnel_create(struct xfrm_state *x)
t->id.daddr.a4 = x->id.daddr.a4; t->id.daddr.a4 = x->id.daddr.a4;
memcpy(&t->sel, &x->sel, sizeof(t->sel)); memcpy(&t->sel, &x->sel, sizeof(t->sel));
t->props.family = AF_INET; t->props.family = AF_INET;
if (x->props.mode == XFRM_MODE_BEET) t->props.mode = x->props.mode;
mode = x->props.mode;
t->props.mode = mode;
t->props.saddr.a4 = x->props.saddr.a4; t->props.saddr.a4 = x->props.saddr.a4;
t->props.flags = x->props.flags; t->props.flags = x->props.flags;
...@@ -389,15 +386,22 @@ static int ipcomp_init_state(struct xfrm_state *x) ...@@ -389,15 +386,22 @@ static int ipcomp_init_state(struct xfrm_state *x)
if (x->encap) if (x->encap)
goto out; goto out;
x->props.header_len = 0;
switch (x->props.mode) {
case XFRM_MODE_TRANSPORT:
break;
case XFRM_MODE_TUNNEL:
x->props.header_len += sizeof(struct iphdr);
break;
default:
goto out;
}
err = -ENOMEM; err = -ENOMEM;
ipcd = kzalloc(sizeof(*ipcd), GFP_KERNEL); ipcd = kzalloc(sizeof(*ipcd), GFP_KERNEL);
if (!ipcd) if (!ipcd)
goto out; goto out;
x->props.header_len = 0;
if (x->props.mode == XFRM_MODE_TUNNEL)
x->props.header_len += sizeof(struct iphdr);
mutex_lock(&ipcomp_resource_mutex); mutex_lock(&ipcomp_resource_mutex);
if (!ipcomp_alloc_scratches()) if (!ipcomp_alloc_scratches())
goto error; goto error;
......
...@@ -190,7 +190,6 @@ static void ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, ...@@ -190,7 +190,6 @@ static void ipcomp6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x)
{ {
struct xfrm_state *t = NULL; struct xfrm_state *t = NULL;
u8 mode = XFRM_MODE_TUNNEL;
t = xfrm_state_alloc(); t = xfrm_state_alloc();
if (!t) if (!t)
...@@ -204,9 +203,7 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x) ...@@ -204,9 +203,7 @@ static struct xfrm_state *ipcomp6_tunnel_create(struct xfrm_state *x)
memcpy(t->id.daddr.a6, x->id.daddr.a6, sizeof(struct in6_addr)); memcpy(t->id.daddr.a6, x->id.daddr.a6, sizeof(struct in6_addr));
memcpy(&t->sel, &x->sel, sizeof(t->sel)); memcpy(&t->sel, &x->sel, sizeof(t->sel));
t->props.family = AF_INET6; t->props.family = AF_INET6;
if (x->props.mode == XFRM_MODE_BEET) t->props.mode = x->props.mode;
mode = x->props.mode;
t->props.mode = mode;
memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr)); memcpy(t->props.saddr.a6, x->props.saddr.a6, sizeof(struct in6_addr));
if (xfrm_init_state(t)) if (xfrm_init_state(t))
...@@ -405,22 +402,22 @@ static int ipcomp6_init_state(struct xfrm_state *x) ...@@ -405,22 +402,22 @@ static int ipcomp6_init_state(struct xfrm_state *x)
if (x->encap) if (x->encap)
goto out; goto out;
err = -ENOMEM;
ipcd = kzalloc(sizeof(*ipcd), GFP_KERNEL);
if (!ipcd)
goto out;
x->props.header_len = 0; x->props.header_len = 0;
switch (x->props.mode) { switch (x->props.mode) {
case XFRM_MODE_BEET:
case XFRM_MODE_TRANSPORT: case XFRM_MODE_TRANSPORT:
break; break;
case XFRM_MODE_TUNNEL: case XFRM_MODE_TUNNEL:
x->props.header_len += sizeof(struct ipv6hdr); x->props.header_len += sizeof(struct ipv6hdr);
break;
default: default:
goto error; goto out;
} }
err = -ENOMEM;
ipcd = kzalloc(sizeof(*ipcd), GFP_KERNEL);
if (!ipcd)
goto out;
mutex_lock(&ipcomp6_resource_mutex); mutex_lock(&ipcomp6_resource_mutex);
if (!ipcomp6_alloc_scratches()) if (!ipcomp6_alloc_scratches())
goto error; goto error;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册