Skip to content

Commit

Permalink
xfrm: Fix NULL pointer dereference on policy lookup
Browse files Browse the repository at this point in the history
When xfrm interfaces are used in combination with namespaces
and ESP offload, we get a dst_entry NULL pointer dereference.
This is because we don't have a dst_entry attached in the ESP
offloading case and we need to do a policy lookup before the
namespace transition.

Fix this by expicit checking of skb_dst(skb) before accessing it.

Fixes: f203b76 ("xfrm: Add virtual xfrm interfaces")
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
  • Loading branch information
Steffen Klassert committed Mar 24, 2021
1 parent 68dc022 commit b1e3a56
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion include/net/xfrm.h
Original file line number Diff line number Diff line change
Expand Up @@ -1097,7 +1097,7 @@ static inline int __xfrm_policy_check2(struct sock *sk, int dir,
return __xfrm_policy_check(sk, ndir, skb, family);

return (!net->xfrm.policy_count[dir] && !secpath_exists(skb)) ||
(skb_dst(skb)->flags & DST_NOPOLICY) ||
(skb_dst(skb) && (skb_dst(skb)->flags & DST_NOPOLICY)) ||
__xfrm_policy_check(sk, ndir, skb, family);
}

Expand Down

0 comments on commit b1e3a56

Please sign in to comment.