evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

BACKPORT: xfrm: Fix return value check of copy_sec_ctx.

Browse source 
commit 8598112d04af21cf6c895670e72dcb8a9f58e74f upstream.

A recent commit added an output_mark. When copying
this output_mark, the return value of copy_sec_ctx
is overwitten without a check. Fix this by copying
the output_mark before the security context.

Fixes: 077fbac405bf ("net: xfrm: support setting an output mark.")
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

Change-Id: I25e9ac6cf79dc8d0ee599bbd23e9d5b5f34a4284
Fixes: Change-Id: I76120fba036e21780ced31ad390faf491ea81e52
       ("BACKPORT: net: xfrm: support setting an output mark.")
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
This commit is contained in:
Steffen Klassert 2017-08-31 10:37:00 +02:00 committed by Dmitry Shmidt
parent 5e56f24272
commit 55a3665962
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
net/xfrm/xfrm_user.c
View file

@ -868,13 +868,13 @@ static int copy_to_user_state_extra(struct xfrm_state *x,
&x->replay);
if (ret)
goto out;
if (x->security)
ret = copy_sec_ctx(x->security, skb);
if (x->props.output_mark) {
ret = nla_put_u32(skb, XFRMA_OUTPUT_MARK, x->props.output_mark);
if (ret)
goto out;
}
if (x->security)
ret = copy_sec_ctx(x->security, skb);
out:
return ret;
}