xfrm: set err and extack on failure to create pcpu SA

xfrm_state_construct can fail without setting an error if the
requested pcpu_num value is too big. Set err and add an extack message
to avoid confusing userspace.

Fixes: 1ddf9916ac09 ("xfrm: Add support for per cpu xfrm state handling.")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>

diff --git a/net/xfrm/xfrm_user.c b/net/xfrm/xfrm_user.c
index 010c9e6638c0cdbf0756af3fbfcb3b53f6bd88c6..9d98cc9daa37c5aadb960228a8e741415165aee6 100644 (file)
--- a/net/xfrm/xfrm_user.c
+++ b/net/xfrm/xfrm_user.c
@@ -947,8 +947,11 @@ static struct xfrm_state *xfrm_state_construct(struct net *net,
 
        if (attrs[XFRMA_SA_PCPU]) {
                x->pcpu_num = nla_get_u32(attrs[XFRMA_SA_PCPU]);
-               if (x->pcpu_num >= num_possible_cpus())
+               if (x->pcpu_num >= num_possible_cpus()) {
+                       err = -ERANGE;
+                       NL_SET_ERR_MSG(extack, "pCPU number too big");
                        goto error;
+               }
        }
 
        err = __xfrm_init_state(x, extack);