diff options
| author | Steffen Klassert <steffen.klassert@secunet.com> | 2021-03-23 09:26:44 +0100 |
|---|---|---|
| committer | Steffen Klassert <steffen.klassert@secunet.com> | 2021-03-24 10:00:24 +0100 |
| commit | b1e3a5607034aa0a481c6f69a6893049406665fb (patch) | |
| tree | 8283c922b67fbcb204219deaad46456bc87777ad /include/net/xfrm.h | |
| parent | xfrm: BEET mode doesn't support fragments for inner packets (diff) | |
| download | linux-b1e3a5607034aa0a481c6f69a6893049406665fb.tar.xz linux-b1e3a5607034aa0a481c6f69a6893049406665fb.zip | |
xfrm: Fix NULL pointer dereference on policy lookup
When xfrm interfaces are used in combination with namespaces
and ESP offload, we get a dst_entry NULL pointer dereference.
This is because we don't have a dst_entry attached in the ESP
offloading case and we need to do a policy lookup before the
namespace transition.
Fix this by expicit checking of skb_dst(skb) before accessing it.
Fixes: f203b76d78092 ("xfrm: Add virtual xfrm interfaces")
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'include/net/xfrm.h')
| -rw-r--r-- | include/net/xfrm.h | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/include/net/xfrm.h b/include/net/xfrm.h index bfbc7810df94..c58a6d4eb610 100644 --- a/include/net/xfrm.h +++ b/include/net/xfrm.h @@ -1097,7 +1097,7 @@ static inline int __xfrm_policy_check2(struct sock *sk, int dir, return __xfrm_policy_check(sk, ndir, skb, family); return (!net->xfrm.policy_count[dir] && !secpath_exists(skb)) || - (skb_dst(skb)->flags & DST_NOPOLICY) || + (skb_dst(skb) && (skb_dst(skb)->flags & DST_NOPOLICY)) || __xfrm_policy_check(sk, ndir, skb, family); } |