Hi all,
On Fri, 26 Apr 2019 11:41:20 +1000 Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx> wrote:
>
> Today's linux-next merge of the ipsec-next tree got a conflict in:
>
> net/ipv4/xfrm4_policy.c
>
> between commit:
>
> 8742dc86d0c7 ("xfrm4: Fix uninitialized memory read in _decode_session4")
>
> from the ipsec tree and commit:
>
> c53ac41e3720 ("xfrm: remove decode_session indirection from afinfo_policy")
>
> from the ipsec-next tree.
>
> From: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
> Date: Fri, 26 Apr 2019 11:37:41 +1000
> Subject: [PATCH] xfrm4: fix up for moved _decode_session4
>
> Signed-off-by: Stephen Rothwell <sfr@xxxxxxxxxxxxxxxx>
> ---
> net/xfrm/xfrm_policy.c | 24 +++++++++++++-----------
> 1 file changed, 13 insertions(+), 11 deletions(-)
>
> diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c
> index 410233c5681e..7a43ae6b2a44 100644
> --- a/net/xfrm/xfrm_policy.c
> +++ b/net/xfrm/xfrm_policy.c
> @@ -3264,7 +3264,8 @@ static void
> decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> {
> const struct iphdr *iph = ip_hdr(skb);
> - u8 *xprth = skb_network_header(skb) + iph->ihl * 4;
> + int ihl = iph->ihl;
> + u8 *xprth = skb_network_header(skb) + ihl * 4;
> struct flowi4 *fl4 = &fl->u.ip4;
> int oif = 0;
>
> @@ -3275,6 +3276,11 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> fl4->flowi4_mark = skb->mark;
> fl4->flowi4_oif = reverse ? skb->skb_iif : oif;
>
> + fl4->flowi4_proto = iph->protocol;
> + fl4->daddr = reverse ? iph->saddr : iph->daddr;
> + fl4->saddr = reverse ? iph->daddr : iph->saddr;
> + fl4->flowi4_tos = iph->tos;
> +
> if (!ip_is_fragment(iph)) {
> switch (iph->protocol) {
> case IPPROTO_UDP:
> @@ -3286,7 +3292,7 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> pskb_may_pull(skb, xprth + 4 - skb->data)) {
> __be16 *ports;
>
> - xprth = skb_network_header(skb) + iph->ihl * 4;
> + xprth = skb_network_header(skb) + ihl * 4;
> ports = (__be16 *)xprth;
>
> fl4->fl4_sport = ports[!!reverse];
> @@ -3298,7 +3304,7 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> pskb_may_pull(skb, xprth + 2 - skb->data)) {
> u8 *icmp;
>
> - xprth = skb_network_header(skb) + iph->ihl * 4;
> + xprth = skb_network_header(skb) + ihl * 4;
> icmp = xprth;
>
> fl4->fl4_icmp_type = icmp[0];
> @@ -3310,7 +3316,7 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> pskb_may_pull(skb, xprth + 4 - skb->data)) {
> __be32 *ehdr;
>
> - xprth = skb_network_header(skb) + iph->ihl * 4;
> + xprth = skb_network_header(skb) + ihl * 4;
> ehdr = (__be32 *)xprth;
>
> fl4->fl4_ipsec_spi = ehdr[0];
> @@ -3321,7 +3327,7 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> pskb_may_pull(skb, xprth + 8 - skb->data)) {
> __be32 *ah_hdr;
>
> - xprth = skb_network_header(skb) + iph->ihl * 4;
> + xprth = skb_network_header(skb) + ihl * 4;
> ah_hdr = (__be32 *)xprth;
>
> fl4->fl4_ipsec_spi = ah_hdr[1];
> @@ -3332,7 +3338,7 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> pskb_may_pull(skb, xprth + 4 - skb->data)) {
> __be16 *ipcomp_hdr;
>
> - xprth = skb_network_header(skb) + iph->ihl * 4;
> + xprth = skb_network_header(skb) + ihl * 4;
> ipcomp_hdr = (__be16 *)xprth;
>
> fl4->fl4_ipsec_spi = htonl(ntohs(ipcomp_hdr[1]));
> @@ -3344,7 +3350,7 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> __be16 *greflags;
> __be32 *gre_hdr;
>
> - xprth = skb_network_header(skb) + iph->ihl * 4;
> + xprth = skb_network_header(skb) + ihl * 4;
> greflags = (__be16 *)xprth;
> gre_hdr = (__be32 *)xprth;
>
> @@ -3360,10 +3366,6 @@ decode_session4(struct sk_buff *skb, struct flowi *fl, bool reverse)
> break;
> }
> }
> - fl4->flowi4_proto = iph->protocol;
> - fl4->daddr = reverse ? iph->saddr : iph->daddr;
> - fl4->saddr = reverse ? iph->daddr : iph->saddr;
> - fl4->flowi4_tos = iph->tos;
> }
>
> #if IS_ENABLED(CONFIG_IPV6)
This is now a conflict between the net and net-next trees.
--
Cheers,
Stephen Rothwell
Attachment:
pgpx0ksoAEkd7.pgp
Description: OpenPGP digital signature
