On Mon, Nov 27, 2017 at 11:15:16AM -0800, Cong Wang wrote: > syzbot reported a kernel warning in xfrm_state_fini(), which > indicates that we have entries left in the list > net->xfrm.state_all whose proto is zero. And > xfrm_id_proto_match() doesn't consider them as a match with > IPSEC_PROTO_ANY in this case. > > Proto with value 0 is probably not a valid value, at least > verify_newsa_info() doesn't consider it valid either. > > This patch fixes it by checking the proto value in > validate_tmpl() and rejecting invalid ones, like what iproute2 > does in xfrm_xfrmproto_getbyname(). > > Reported-by: syzbot <syzkal...@googlegroups.com> > Cc: Steffen Klassert <steffen.klass...@secunet.com> > Cc: Herbert Xu <herb...@gondor.apana.org.au> > Signed-off-by: Cong Wang <xiyou.wangc...@gmail.com>
Patch applied, thanks!
