Received: by 2002:a25:86ce:0:0:0:0:0 with SMTP id y14csp436458ybm;
        Mon, 20 May 2019 19:52:02 -0700 (PDT)
X-Google-Smtp-Source: APXvYqwhe0i0U0gbiyJon/UPSEDE2w+KVXZezowdFCp6miAgcJhDaVyXKp60SOwHjMRnFoUvZ6QJ
X-Received: by 2002:a63:2107:: with SMTP id h7mr6872991pgh.330.1558407122390;
        Mon, 20 May 2019 19:52:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1558407122; cv=none;
        d=google.com; s=arc-20160816;
        b=E3Twd5WCugSHuBL+00C3BDDYs6IYp6Cl4nyzYpDE0YN/aqchBC7iinpx9WMWSj69g8
         MyTtc2g/KK7IjRrY0Kej8+K6Vy8e17BIPW1dvziTo487rUgRB0Klv7r1mBsV6hKFNeVE
         eUjiSrDKbKLhuk4lkuhl4sh+h8k9wA3aEsv86Yu9pWoRS5yyjr7qv86b4xHwJ8BIWjUO
         8rSdyQ0dFZYh8weOrCFj+IOf7VLF6cYrkfi3ElJF5NkVBGD9gXaUvPLFceT15NP1Srqa
         UP8QDjiPohGv0XKSpf6g/KbBswBzDazVzgut8h7ZkK4zxy18n5NLOQAk0JbHr0LDIHO0
         +jvw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=f+KN7DMZdssBS7bB0juLePZypuyMzBLvmPKRugwuWBw=;
        b=w1DH3I5JMEx4faJs+Kzm+vV0cCi2reWyjlxpZ5OljmsQqeBcHn4FirZnTeffu8Kx9L
         Uv0EKCMO/n3ktsMGls8x5xu3Ux6RbAOLPRjbmkj7yZxFB5AkO8g5oT4gE92ueCVzWfMF
         vAbe6lnKXAGemdTT7pWCQJZGxZFLzey3GagVg/a+W41i+ZItmSO0IXkQluLVhwn9KuiV
         Eqgk5syeb8+T84FY3kg+zOPyIB2D6lI8nuGhufuliULiwuwW8W/N35YjWUqH4VOiuxDy
         +HCdDXf+xnGRfibCqK4PC0Gd6TArvYTUBXkNaaiLzUkrMiJtfo5+7dMLEyvkFz0/rjvd
         psRA==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id a22si6151803pfa.170.2019.05.20.19.51.47;
        Mon, 20 May 2019 19:52:02 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727742AbfEUCtq (ORCPT <rfc822;utfcpqpk@gmail.com> + 99 others);
        Mon, 20 May 2019 22:49:46 -0400
Received: from helcar.hmeau.com ([216.24.177.18]:54704 "EHLO deadmen.hmeau.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1726325AbfEUCtp (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 20 May 2019 22:49:45 -0400
Received: from gondobar.mordor.me.apana.org.au ([192.168.128.4] helo=gondobar)
        by deadmen.hmeau.com with esmtps (Exim 4.89 #2 (Debian))
        id 1hSuqS-0005HR-40; Tue, 21 May 2019 10:49:40 +0800
Received: from herbert by gondobar with local (Exim 4.89)
        (envelope-from <herbert@gondor.apana.org.au>)
        id 1hSuqO-0002iz-Gf; Tue, 21 May 2019 10:49:36 +0800
Date:   Tue, 21 May 2019 10:49:36 +0800
From:   Herbert Xu <herbert@gondor.apana.org.au>
To:     Anirudh Gupta <anirudhrudr@gmail.com>
Cc:     Steffen Klassert <steffen.klassert@secunet.com>,
        Anirudh Gupta <anirudh.gupta@sophos.com>,
        "David S. Miller" <davem@davemloft.net>, netdev@vger.kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH net] xfrm: Fix xfrm sel prefix length validation
Message-ID: <20190521024936.ou7gkfhb6hvhbi7j@gondor.apana.org.au>
References: <20190520093157.59825-1-anirudh.gupta@sophos.com>
 <20190520153219.oq3se5wvkasgbtkp@gondor.apana.org.au>
 <CAN2cbVe3WNj8cR1dLysCP46-LwiHZYMWRpowA+bzNpyZRexSaA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAN2cbVe3WNj8cR1dLysCP46-LwiHZYMWRpowA+bzNpyZRexSaA@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, May 20, 2019 at 10:30:29PM +0530, Anirudh Gupta wrote:
> Yes, I notice that is the only verification of p->family from userspace.
> However, the underlying conditions added in commit '07bf7908950a',
> validates the selector src/dest prefix len.

You need to check both p->family and p->sel.family.

Cheers,
-- 
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt