git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Lorenzo Colitti <lorenzo@google.com>
	Mon, 20 Nov 2017 10:26:02 +0000 (19:26 +0900)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 22 Mar 2018 08:23:28 +0000 (09:23 +0100)
commit	c9e82cb34c3c2ee895af01bc899c6ed0bc6eb04a
tree	4f069f3ad838372704a6f7fbdce4c3f8a7e54614	tree \| snapshot
parent	6daa32b6cb51b6daced7d17d28ab1ca48f01d401	commit \| diff

net: xfrm: allow clearing socket xfrm policies.

[ Upstream commit be8f8284cd897af2482d4e54fbc2bdfc15557259 ]

Currently it is possible to add or update socket policies, but
not clear them. Therefore, once a socket policy has been applied,
the socket cannot be used for unencrypted traffic.

This patch allows (privileged) users to clear socket policies by
passing in a NULL pointer and zero length argument to the
{IP,IPV6}_{IPSEC,XFRM}_POLICY setsockopts. This results in both
the incoming and outgoing policies being cleared.

The simple approach taken in this patch cannot clear socket
policies in only one direction. If desired this could be added
in the future, for example by continuing to pass in a length of
zero (which currently is guaranteed to return EMSGSIZE) and
making the policy be a pointer to an integer that contains one
of the XFRM_POLICY_{IN,OUT} enum values.

An alternative would have been to interpret the length as a
signed integer and use XFRM_POLICY_IN (i.e., 0) to clear the
input policy and -XFRM_POLICY_OUT (i.e., -1) to clear the output
policy.

Tested: https://android-review.googlesource.com/539816
Signed-off-by: Lorenzo Colitti <lorenzo@google.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

net/xfrm/xfrm_policy.c		diff \| blob \| blame \| history
net/xfrm/xfrm_state.c		diff \| blob \| blame \| history