From 861edbec9d76e7d353adf08abdd8d8edf324569b Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Thu, 24 Feb 2011 12:08:25 +0000 Subject: main/linux-grsec: backported xfrm: avoid possible oopse in xfrm_alloc_dst --- ...rm-avoid-possible-oopse-in-xfrm_alloc_dst.patch | 37 ++++++++++++++++++++++ 1 file changed, 37 insertions(+) create mode 100644 main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch (limited to 'main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch') diff --git a/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch b/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch new file mode 100644 index 00000000..ae4a972e --- /dev/null +++ b/main/linux-grsec/0001-xfrm-avoid-possible-oopse-in-xfrm_alloc_dst.patch @@ -0,0 +1,37 @@ +From 0b150932197b185ad5816932912e648116c7a96a Mon Sep 17 00:00:00 2001 +From: Hiroaki SHIMODA +Date: Thu, 10 Feb 2011 23:08:33 -0800 +Subject: [PATCH] xfrm: avoid possible oopse in xfrm_alloc_dst + +Commit 80c802f3073e84 (xfrm: cache bundles instead of policies for +outgoing flows) introduced possible oopse when dst_alloc returns NULL. + +Signed-off-by: Hiroaki SHIMODA +Signed-off-by: David S. Miller +--- + net/xfrm/xfrm_policy.c | 7 +++++-- + 1 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c +index 8b3ef40..6459588 100644 +--- a/net/xfrm/xfrm_policy.c ++++ b/net/xfrm/xfrm_policy.c +@@ -1340,10 +1340,13 @@ static inline struct xfrm_dst *xfrm_alloc_dst(struct net *net, int family) + default: + BUG(); + } +- xdst = dst_alloc(dst_ops) ?: ERR_PTR(-ENOBUFS); ++ xdst = dst_alloc(dst_ops); + xfrm_policy_put_afinfo(afinfo); + +- xdst->flo.ops = &xfrm_bundle_fc_ops; ++ if (likely(xdst)) ++ xdst->flo.ops = &xfrm_bundle_fc_ops; ++ else ++ xdst = ERR_PTR(-ENOBUFS); + + return xdst; + } +-- +1.7.4.1 + -- cgit v1.2.3