Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753310AbeAQNxD (ORCPT + 1 other); Wed, 17 Jan 2018 08:53:03 -0500 Received: from mail-eopbgr20053.outbound.protection.outlook.com ([40.107.2.53]:29504 "EHLO EUR02-VE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752832AbeAQNxA (ORCPT ); Wed, 17 Jan 2018 08:53:00 -0500 Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=yossiku@mellanox.com; From: yossiku@mellanox.com To: Steffen Klassert , Herbert Xu , "David S . Miller" , netdev@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Yossi Kuperman , Aviad Yehezkel , Aviv Heller Subject: [PATCH net] xfrm: Add SA to hardware at the end of xfrm_state_construct() Date: Wed, 17 Jan 2018 15:52:41 +0200 Message-Id: <1516197161-28186-1-git-send-email-yossiku@mellanox.com> X-Mailer: git-send-email 2.8.1 MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [82.166.227.17] X-ClientProxiedBy: DB6PR1001CA0025.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:4:55::11) To DB6PR0501MB2709.eurprd05.prod.outlook.com (2603:10a6:4:81::14) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 1d6b4154-91fd-4bc9-6618-08d55db19cf8 X-MS-Office365-Filtering-HT: Tenant X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(7020095)(4652020)(5600026)(4604075)(48565401081)(2017052603307)(7153060)(7193020);SRVR:DB6PR0501MB2709; X-Microsoft-Exchange-Diagnostics: 1;DB6PR0501MB2709;3:Awn0lburp/878n1Np+C5UUKomfd6jIUaQN8+zidlTYHyNURz2Xhdg4U6kSvq1XsJDSWQBh8UmDx3+6K7Rw1U0swIvsaff/dauhkMif/JcFVKy8+vnDV8HVAcuNN9QCnFrClF8S+51utpX01M5/G+9eQhovGP6Tcr7uGLaUoSL1ZAq5fhdhtPuRrmHz8bYRYE5hrVg3Ly531GBlJDgUBvQ/LApoPzXgbyq3F2XYluYGA+NxMj3yeN1RWO6Jp1Lw+e;25:B7CCGhBYtfwZ1ROpyi0TvC0nnqCdyuMTepkN7s8RL6KC8cwXgHTxKlPTKs8P+3hVHWcVPpwAePCaKBX1q0vODJ8Md/1mx5YAfhkXolsisjU0jqJO6vT3Qwhw2qvNaxVNlZ6CY5a4b/5U3ewBaUHxGYzJXlG2dxHEX60mIEay+XOky2g+Mb13w7PoRB6sSV1Yly9A8LO1zkktDeT1ZIN5UZ2QbOepMkwX9SgBMqnNpH1wIh0LOoCTNHfTOuu9P4+eHdnX9NlWgr6fZqk8xZpOK44UUs4sc5ZLYIP3RPJ1wB7c1fgLD8YDKOo9z6dboD8Fc3vLWtCzSm1fErgVIHzaIg==;31:XULiP4tr0CE3X+Oz6Ctj2HD2GSYRC8yGugzMbUhkiVFBVxCd3gz/T/p6LHPcvU1lgj36ND487Ncqg1VvWeJnZsjS/ExwDSqgfm+P4qu0lNh4yB7EOE4DQDTMLFyt8t8Y5WfCpJCEDB+K8b28p8minZ3PpZs0CRn/Zi1I07F0gNOlW2zUQdcs/zHOo9RBNpJ/GJcRw8eONW/JJrF6G4mqMOaWBa0knz+iCptoFZw/mN4= X-MS-TrafficTypeDiagnostic: DB6PR0501MB2709: X-Microsoft-Exchange-Diagnostics: 1;DB6PR0501MB2709;20:75PjdJ/1bS0P97bLMeI8ZpNfV4PpMVwqS/RSQEGJsWsaUcNPQmc5jX6Y9TJcKEE/B+MW5vhpbvL31kfEjGLeVf16FfuW9A1E9mP+wjKxTRSf9CnxByXot4WJI7NNHPEYWJlj1nAMXVSPzyU9mmB9+7Sv4c0Ya4J9GRPdmNbaurFkYhCLNpmFZ5rMX+HCuqHs6+aSuFPnWwoW0Op/YynFArZnvuhTuGHrdb/S0zwQEjjSHJrBXFpdPJ+pXCGtT0TIPwRDikV371AC7iRnTDj1v40lYmExN9kuuZVPjV4YD08u4NyKvPbI6CrqVHEZY7I/ibR/6PgHpNU+MDoSCJLGaEFUYsTmHgewYPHyUEf/0d7lk/muQv9jC/3LCBzUqJ1Jm33rrlgbonp1QvfJwAcr2X/SLu8aMmHlu5r97VCkqu91/JnKKkkyteOYh01RhrCwMvA0MhgcwZQzVXnGvSIaANO+jgOqGVtwk9Bgqi6ZJNg80NNQPpwDRuIlkR2Nc+SD;4:Fys/pl6GH3KqyenlhLH3A8TfL1R0l+rQPqMqfkKb8MMTTQ1V3O9VSAZJdMKZUqYU0icICc3iiJVWulA01AEVhuf5ZBp2zw7ZkXGlPZlrsY7wXmss+3YRigMk2kvFzjkbAbEeMhgSKV93/gfxnHvnVTr/0G/7RqKrXYl0TqJciU3TQGIdYzRTJxaSAfNrpEta2lS1ToanVikUXsRJspX5arJAg0TXR+Reic6TRoh4yjdSAeHBfAyT1Dh7BMr5xzs2do2sSNSefLD4gytRb7tWIw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040470)(2401047)(5005006)(8121501046)(3231023)(2400046)(944501161)(3002001)(10201501046)(93006095)(93001095)(6055026)(6041268)(20161123558120)(20161123560045)(20161123564045)(201703131423095)(201702281528075)(20161123555045)(201703061421075)(201703061406153)(20161123562045)(6072148)(201708071742011);SRVR:DB6PR0501MB2709;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:DB6PR0501MB2709; X-Forefront-PRVS: 0555EC8317 X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10009020)(39860400002)(39380400002)(366004)(396003)(346002)(376002)(189003)(199004)(97736004)(386003)(26005)(85782001)(50466002)(48376002)(6512007)(16586007)(25786009)(54906003)(36756003)(86362001)(106356001)(107886003)(2906002)(9686003)(4326008)(316002)(16526018)(110136005)(478600001)(53936002)(50226002)(47776003)(68736007)(6666003)(51416003)(3846002)(5660300001)(8936002)(81156014)(66066001)(81166006)(8676002)(6486002)(52116002)(6506007)(7736002)(59450400001)(33896004)(6116002)(305945005)(105586002)(85772001);DIR:OUT;SFP:1101;SCL:1;SRVR:DB6PR0501MB2709;H:dev-l-vrt-187.mtl.labs.mlnx;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1;DB6PR0501MB2709;23:yWH12CgaJHptylvSk5OinasJMWJr8ssPWZ45hyJ?= =?us-ascii?Q?aT0Bw/SpDxYgIffUynHNTv3ItgaNpog8BTGjZSY5hD859w9Szm0Tja2aaigz?= =?us-ascii?Q?80JSemtMWAecatnS+pEXuSIl7Dy1McUl9C6Vv8N/rnHTzq/wCK+Qb7T7IRBe?= =?us-ascii?Q?nJL3FNVQvDsfld6tEQgcV7hm9jN9DSi69F2xrn395d9MVmzWHRlRhagOIncN?= =?us-ascii?Q?230EUqFwm3M4zdU61EDGq4EBhagpZAIg7VA//hmetjtC9WJHe4IpFtcE1SbX?= =?us-ascii?Q?lazVuhldImrsCmfAB7xOhzVj8d4lH35mH2Aj60gMpkBEtrcTcuKhsVkO57mk?= =?us-ascii?Q?3BGJWpYiTtGrf2H03NJ3I8AvWEVNUZxw60Ggenwgaji9k2idv8Z0FCK3Gsl3?= =?us-ascii?Q?6+735voKg8KhM7z9KpbX8WWTLEEWAaT9WuKGDt9sV35vSYaoCBc+/kuQL5GO?= =?us-ascii?Q?sRsLbAdgH454QkwCgOr37psWIC4JkEuSpdIRrQkUaeS9vgJksx8Nr0Hw8DIH?= =?us-ascii?Q?h/avPcdg1yZT9zqTeDBeydsi4pNHrYQGH47ArLg2NvIdnbenSSKVZLWjioiy?= =?us-ascii?Q?6xSiAa75ki0EcAXDRAaeJDmPPIs0+8SZ6NYi5AnnNiPmEyWcs5xbxEyGkG2E?= =?us-ascii?Q?wdlA7gmN13VKXq/IpgnRotVPqlvl5u4a8j0I3QQ6j2L4IYm+UdA8mbSn9xkg?= =?us-ascii?Q?V6iRylroFckx/gq2ga3pSVYmqokFx3RJvDCWHdll6tf1Uv9MMAKGkAw5+9Pk?= =?us-ascii?Q?/Ve+jBXRtI7BmycU1fARZS6ejSg6KPXTY5E0J8e/TX0a+N0ViaoEQ98POubD?= =?us-ascii?Q?vkEF+yVLMyx/Q47uUlXYKVa89v4khRxfhBC0tcGC2JCiD3miX2HyrtqCEBEf?= =?us-ascii?Q?duMhbk+png5U9riPK8MtNPZfR0ugeHneFi+J4tyaCNTundEk0TtSx9YiV4g0?= =?us-ascii?Q?H49Hi7I6c2wqOB4zs9BcNKdtKOx+iTnHXfDGHNwH3T3d2quQX+tEHO8yYHBl?= =?us-ascii?Q?D1Fg45Mpxx+2qCzGr+n2fVIzBSuDoeM9C/3xvz1PHlrKx67ZrTiAo/yXJ3Lb?= =?us-ascii?Q?5zrDNiW3vwJTbPhzWvzRGneheHFO7EV++31vddazLonnTQLS8ZmbIBqsxtlb?= =?us-ascii?Q?UhsR/HYU2BCgJ8USod1YsO5LR768UKpFfA8ONd+CF/kT+nVAx9zXFZHgWGwe?= =?us-ascii?Q?914LsbPAyWg2MH+8=3D?= X-Microsoft-Exchange-Diagnostics: 1;DB6PR0501MB2709;6:wk7K/PqDDgoF7YyR5KHT2hVl8Ersi7zw6T8aQ+4juLrjGc5n3j4KgGWIxLyiZhsf9wRyWAopzV+EPS98YdiEROhjGiEk1W+DNSB201wkI0dPCESXk9oI8lKW7iKEegwb5Sxch0KJbmLEHx9JenCISg6uke7/OlHaZ4oiTnJ+mMzISWWEEY4QuNDvjmR1uo78kxyBGuiDQPVRkW79wly9IuLWIlLrA/NqGU/IN7EEG7SmrCITsrjbYtJ/rr0VooRZZYDwdStm1KKVWqq8fvJzw0RiXKPAuSyqoYYU3jy6LTmHZaSw/CpNF8sfqqQ+mCXpQvxwBxBoBXLHlYzX9x4b4UWZH6eJey2AN4cqG8Vs96M=;5:K+YcFiTrXKmpOqFmDptclCAjjdJeGWxzikonNH1H+6YZfGJ1ytxhMbDZThnJj74PB/F3mpqrGp+2CvWP4eCfblMMBUVJ88jN2MEEdXzLEqLnr4puEraO5NtSCBO/ZoLeXutT40Xc3WaHXD9j9NHmYpZ/9jtk9GJS6xnIVdeCdRU=;24:5tnxba89MiftZ/lyG9FWAvnKbZP3g8cXG+P5eLmcTGo47/9320bubh+Jy3f6ZO3hpqL9Ls1TewHALy/ruiE8e8F3zApYfxQ/PGUvH7MdkUU=;7:KlFOw05WiHwGNxhYuAz8T4xFIxI6qgZY4cMGKUW/TzYqBRISa+XiMtHyA7LL1AoDpvwqxV/wsMOq+WW+ZXpTHOw2YQ9hNKkFIwtb1Wth7C/VVCQvzaKuvpcwrXzsMJk7Mfto1RSgfXvDD1pYtfOKrV4FVFqyPGAdUQQ7Ifepw9UZa9DIN7x693NZZ9NaCeefRHbIZNPU6XX9QMb0dzLQVLhRcsDOhl6kJLTp8W/H6qy2q7/6ps4eJcnPR49EUJlv SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jan 2018 13:52:55.8006 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 1d6b4154-91fd-4bc9-6618-08d55db19cf8 X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: a652971c-7d2e-4d9b-a6a4-d149256f461b X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0501MB2709 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Return-Path: From: Yossi Kuperman Current code configures the hardware with a new SA before the state has been fully initialized. During this time interval, an incoming ESP packet can cause a crash due to a NULL dereference. More specifically, xfrm_input() considers the packet as valid, and yet, anti-replay mechanism is not initialized. Move hardware configuration to the end of xfrm_state_construct(), and mark the state as valid once the SA is fully initialized. Fixes: d77e38e612a0 ("xfrm: Add an IPsec hardware offloading API") Signed-off-by: Aviad Yehezkel Signed-off-by: Aviv Heller Signed-off-by: Yossi Kuperman --- net/xfrm/xfrm_state.c | 10 +++++++--- net/xfrm/xfrm_user.c | 18 +++++++++++------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/net/xfrm/xfrm_state.c b/net/xfrm/xfrm_state.c index cc4c519..9750233 100644 --- a/net/xfrm/xfrm_state.c +++ b/net/xfrm/xfrm_state.c @@ -2272,8 +2272,6 @@ int __xfrm_init_state(struct xfrm_state *x, bool init_replay, bool offload) goto error; } - x->km.state = XFRM_STATE_VALID; - error: return err; } @@ -2282,7 +2280,13 @@ EXPORT_SYMBOL(__xfrm_init_state); int xfrm_init_state(struct xfrm_state *x) { - return __xfrm_init_state(x, true, false); + int err; + + err = __xfrm_init_state(x, true, false); + if (!err) + x->km.state = XFRM_STATE_VALID; + + return err; } EXPORT_SYMBOL(xfrm_init_state); diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c index bdb48e5..7f52b8e 100644 --- a/net/xfrm/xfrm_user.c +++ b/net/xfrm/xfrm_user.c @@ -598,13 +598,6 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, goto error; } - if (attrs[XFRMA_OFFLOAD_DEV]) { - err = xfrm_dev_state_add(net, x, - nla_data(attrs[XFRMA_OFFLOAD_DEV])); - if (err) - goto error; - } - if ((err = xfrm_alloc_replay_state_esn(&x->replay_esn, &x->preplay_esn, attrs[XFRMA_REPLAY_ESN_VAL]))) goto error; @@ -620,6 +613,14 @@ static struct xfrm_state *xfrm_state_construct(struct net *net, /* override default values from above */ xfrm_update_ae_params(x, attrs, 0); + /* configure the hardware if offload is requested */ + if (attrs[XFRMA_OFFLOAD_DEV]) { + err = xfrm_dev_state_add(net, x, + nla_data(attrs[XFRMA_OFFLOAD_DEV])); + if (err) + goto error; + } + return x; error: @@ -662,6 +663,9 @@ static int xfrm_add_sa(struct sk_buff *skb, struct nlmsghdr *nlh, goto out; } + if (x->km.state == XFRM_STATE_VOID) + x->km.state = XFRM_STATE_VALID; + c.seq = nlh->nlmsg_seq; c.portid = nlh->nlmsg_pid; c.event = nlh->nlmsg_type; -- 2.8.1