When ESP offload is not supported by the device return an error,
-EINVAL, instead of silently ignoring it, creating a SA without offload,
and returning success.
with this fix ip x s a would return
RTNETLINK answers: Invalid argument
Also, return an error, -EINVAL, when CONFIG_XFRM_OFFLOAD is
not defined and the user is trying to create an SA with the offload.
Fixes: d77e38e612a0 ("xfrm: Add an IPsec hardware offloading API")
Signed-off-by: Antony Antony <antony.ant...@secunet.com>
---
include/net/xfrm.h | 2 +-
net/xfrm/xfrm_device.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/net/xfrm.h b/include/net/xfrm.h
index bfbc7810df94..05d9f178093c 100644
--- a/include/net/xfrm.h
+++ b/include/net/xfrm.h
@@ -1914,7 +1914,7 @@ static inline struct sk_buff *validate_xmit_xfrm(struct
sk_buff *skb, netdev_fea
static inline int xfrm_dev_state_add(struct net *net, struct xfrm_state *x,
struct xfrm_user_offload *xuo)
{
- return 0;
+ return -EINVAL;
}
static inline void xfrm_dev_state_delete(struct xfrm_state *x)
diff --git a/net/xfrm/xfrm_device.c b/net/xfrm/xfrm_device.c
index edf11893dbe8..1e1a9493c8db 100644
--- a/net/xfrm/xfrm_device.c
+++ b/net/xfrm/xfrm_device.c
@@ -250,7 +250,7 @@ int xfrm_dev_state_add(struct net *net, struct xfrm_state
*x,
if (!dev->xfrmdev_ops || !dev->xfrmdev_ops->xdo_dev_state_add) {
xso->dev = NULL;
dev_put(dev);
- return 0;
+ return -EINVAL;
}
if (x->props.flags & XFRM_STATE_ESN &&
--
2.20.1
