bonding: fix null pointer deref in bond_ipsec_offload_ok

[ Upstream commit 95c90e4ad89d493a7a14fa200082e466e2548f9d ]

We must check if there is an active slave before dereferencing the pointer.

Fixes: 18cb261afd7b ("bonding: support hardware encryption offload to slaves")
Signed-off-by: Nikolay Aleksandrov <razor@blackwall.org>
Reviewed-by: Hangbin Liu <liuhangbin@gmail.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/drivers/net/bonding/bond_main.c b/drivers/net/bonding/bond_main.c
index 349f1c9dd58818598dd6ff86480213006854ac32..bd74b2d64ad487a626f64b3e31d75505fd2e0b22 100644 (file)
--- a/drivers/net/bonding/bond_main.c
+++ b/drivers/net/bonding/bond_main.c
@@ -562,6 +562,8 @@ static bool bond_ipsec_offload_ok(struct sk_buff *skb, struct xfrm_state *xs)
        bond = netdev_priv(bond_dev);
        rcu_read_lock();
        curr_active = rcu_dereference(bond->curr_active_slave);
+       if (!curr_active)
+               goto out;
        real_dev = curr_active->dev;
 
        if (BOND_MODE(bond) != BOND_MODE_ACTIVEBACKUP)