Received: by 2002:a5d:9c59:0:0:0:0:0 with SMTP id 25csp61817iof;
        Sun, 5 Jun 2022 21:09:32 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJzdwDLIb9jIXSNNuINmD3YBtlvRZCC/UgR2NnpmbQg75mmCvVKpTgrLhz7d1Gxlk72HcwU7
X-Received: by 2002:a63:e449:0:b0:3fb:10d9:ec18 with SMTP id i9-20020a63e449000000b003fb10d9ec18mr19198360pgk.43.1654488571986;
        Sun, 05 Jun 2022 21:09:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1654488571; cv=none;
        d=google.com; s=arc-20160816;
        b=v27uo7SzdM36P6SIDmeqiSMsXO5GZbZ0d15QnyDHfEsqZJHDbnYQpd/4DfgZIJ8wK6
         u24GXf3dyk11+uJuAl172MliYvZj0moLDhbux4fUj4vcKLkWAKA2LMiJmqNNIpYtMpHI
         bDGEvKfOwFQEOCaqmQe5AF5LS+UTdBl7Vg0Io7CGX1RaaL1HlbhP1GSr5l6QnypS/5Fd
         UgewE7tFcNKy/bOFu57rNlrAmEP+lG3uBRXvo/jiYC1/3Tkmfu/fApHltPCnW52K5kix
         mJ+ryX43ZILqmZNoRzGPXwY6ntJZnIgj2sWuqcSGQPoPS3EWRwi4R6n537CkVUEXUYPN
         h/Kw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=hDK9gPjMeG81PnpErg44o4Aqu0k8JEIEkaWaANuesKs=;
        b=P+d/afIk+NteT+7kwqikyqYzKCUcIOsruCC/a74GQ9yFI4Yuq3JBR6PULoIRQw3eQm
         a013epXu85dUhObxxL8K2eqc9GdYVypd6yENG2PjEGfdw0B3l5GyUXDHZaHgqvuex0q+
         pvGhAhifHAMYcwLEtND6yisnLodp3iy5VMOsx0lQtNA4PKJ/NiPws4RL8/70vkouSGMU
         DqriOxQK4KW3SBDh8tBTePJbKoSZuo7UMJ4v//LH33+0d/Coy05ThJgszglFJoCcdHbW
         qWsRtGLkVUfaniBU4OSpT1W+JUUg97ghkbYlkZCofQXJYHKyUWho03Hxz0g3ArbJNHYs
         k+2A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=qrv2nb5r;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [2620:137:e000::1:18])
        by mx.google.com with ESMTPS id x82-20020a633155000000b003995a4f48c4si19385175pgx.377.2022.06.05.21.09.31
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 05 Jun 2022 21:09:31 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) client-ip=2620:137:e000::1:18;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=qrv2nb5r;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by lindbergh.monkeyblade.net (Postfix) with ESMTP id 44E336D3A1;
	Sun,  5 Jun 2022 20:49:09 -0700 (PDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1344826AbiFCRlo (ORCPT <rfc822;a.bouin@gmail.com> + 99 others);
        Fri, 3 Jun 2022 13:41:44 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56108 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1344735AbiFCRlM (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 3 Jun 2022 13:41:12 -0400
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74C2A53E0C;
        Fri,  3 Jun 2022 10:40:55 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by ams.source.kernel.org (Postfix) with ESMTPS id D2FA6B82437;
        Fri,  3 Jun 2022 17:40:53 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 4F5FAC385A9;
        Fri,  3 Jun 2022 17:40:52 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org;
        s=korg; t=1654278052;
        bh=gkk1sG4sOrtrmy6GTWLJGXeGCVo0l+3iQo2TZuJ6t8s=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=qrv2nb5rwhuJYyNeyes7G9S7HBmxd8j5Y2cO/r7fHkJ9BoygVyWWlNCBjQhj0Y86b
         MujJ23j3s1LBeun8A3XFzVqDaMuiQPBiLGANPGMaSYHPvDATsWy3V/62wm2PGjVK6s
         8fsWrkvdqQVbpAiGJAErXrgA7ZzQAOdY2b/jvUwI=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org,
        Thomas Bartschies <thomas.bartschies@cvk.de>,
        Steffen Klassert <steffen.klassert@secunet.com>,
        Sasha Levin <sashal@kernel.org>
Subject: [PATCH 4.14 07/23] net: af_key: check encryption module availability consistency
Date:   Fri,  3 Jun 2022 19:39:34 +0200
Message-Id: <20220603173814.588665021@linuxfoundation.org>
X-Mailer: git-send-email 2.36.1
In-Reply-To: <20220603173814.362515009@linuxfoundation.org>
References: <20220603173814.362515009@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE
	autolearn=unavailable autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
	lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Thomas Bartschies <thomas.bartschies@cvk.de>

[ Upstream commit 015c44d7bff3f44d569716117becd570c179ca32 ]

Since the recent introduction supporting the SM3 and SM4 hash algos for IPsec, the kernel
produces invalid pfkey acquire messages, when these encryption modules are disabled. This
happens because the availability of the algos wasn't checked in all necessary functions.
This patch adds these checks.

Signed-off-by: Thomas Bartschies <thomas.bartschies@cvk.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/key/af_key.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/net/key/af_key.c b/net/key/af_key.c
index 3d5a46080169..990de0702b79 100644
--- a/net/key/af_key.c
+++ b/net/key/af_key.c
@@ -2908,7 +2908,7 @@ static int count_ah_combs(const struct xfrm_tmpl *t)
 			break;
 		if (!aalg->pfkey_supported)
 			continue;
-		if (aalg_tmpl_set(t, aalg))
+		if (aalg_tmpl_set(t, aalg) && aalg->available)
 			sz += sizeof(struct sadb_comb);
 	}
 	return sz + sizeof(struct sadb_prop);
@@ -2926,7 +2926,7 @@ static int count_esp_combs(const struct xfrm_tmpl *t)
 		if (!ealg->pfkey_supported)
 			continue;
 
-		if (!(ealg_tmpl_set(t, ealg)))
+		if (!(ealg_tmpl_set(t, ealg) && ealg->available))
 			continue;
 
 		for (k = 1; ; k++) {
@@ -2937,7 +2937,7 @@ static int count_esp_combs(const struct xfrm_tmpl *t)
 			if (!aalg->pfkey_supported)
 				continue;
 
-			if (aalg_tmpl_set(t, aalg))
+			if (aalg_tmpl_set(t, aalg) && aalg->available)
 				sz += sizeof(struct sadb_comb);
 		}
 	}
-- 
2.35.1