xfrm: set err and extack on failure to create pcpu SA

[ Upstream commit 1dcf617bec5cb85f68ca19969e7537ef6f6931d3 ]

xfrm_state_construct can fail without setting an error if the
requested pcpu_num value is too big. Set err and add an extack message
to avoid confusing userspace.

Fixes: 1ddf9916ac09 ("xfrm: Add support for per cpu xfrm state handling.")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index d41e5642625e3b917c2659d58de2ceda1abee33e..3d0fdeebaf3c8fa87628e3dba0bda4c793d62900 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -893,8 +893,11 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
 
        if (attrs[XFRMA_SA_PCPU]) {
                x->pcpu_num = nla_get_u32(attrs[XFRMA_SA_PCPU]);
-               if (x->pcpu_num >= num_possible_cpus())
+               if (x->pcpu_num >= num_possible_cpus()) {
+                       err = -ERANGE;
+                       NL_SET_ERR_MSG(extack, "pCPU number too big");
                        goto error;
+               }
        }
 
        err = __xfrm_init_state(x, false, attrs[XFRMA_OFFLOAD_DEV], extack);