diff options
| author | Yossi Kuperman <[email protected]> | 2018-01-17 15:52:41 +0200 |
|---|---|---|
| committer | Steffen Klassert <[email protected]> | 2018-01-18 11:09:29 +0100 |
| commit | cc01572e2fb080e279ca625f239aca61f435ebf3 (patch) | |
| tree | 93bd94fee95408caeab452c97c90a71b8f49f4d0 /lib/memory-notifier-error-inject.c | |
| parent | ad9294dbc227cbc8e173b3b963e7dd9af5314f77 (diff) | |
xfrm: Add SA to hardware at the end of xfrm_state_construct()
Current code configures the hardware with a new SA before the state has been
fully initialized. During this time interval, an incoming ESP packet can cause
a crash due to a NULL dereference. More specifically, xfrm_input() considers
the packet as valid, and yet, anti-replay mechanism is not initialized.
Move hardware configuration to the end of xfrm_state_construct(), and mark
the state as valid once the SA is fully initialized.
Fixes: d77e38e612a0 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: Aviad Yehezkel <[email protected]>
Signed-off-by: Aviv Heller <[email protected]>
Signed-off-by: Yossi Kuperman <[email protected]>
Signed-off-by: Steffen Klassert <[email protected]>
Diffstat (limited to 'lib/memory-notifier-error-inject.c')
0 files changed, 0 insertions, 0 deletions