| From a3d9001b4e287fc043e5539d03d71a32ab114bcb Mon Sep 17 00:00:00 2001 |
| From: Kai Lueke <kailueke@linux.microsoft.com> |
| Date: Thu, 3 Mar 2022 15:55:10 +0100 |
| Subject: Revert "xfrm: state and policy should fail if XFRMA_IF_ID 0" |
| |
| From: Kai Lueke <kailueke@linux.microsoft.com> |
| |
| commit a3d9001b4e287fc043e5539d03d71a32ab114bcb upstream. |
| |
| This reverts commit 68ac0f3810e76a853b5f7b90601a05c3048b8b54 because ID |
| 0 was meant to be used for configuring the policy/state without |
| matching for a specific interface (e.g., Cilium is affected, see |
| https://github.com/cilium/cilium/pull/18789 and |
| https://github.com/cilium/cilium/pull/19019). |
| |
| Signed-off-by: Kai Lueke <kailueke@linux.microsoft.com> |
| Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/xfrm/xfrm_user.c | 21 +++------------------ |
| 1 file changed, 3 insertions(+), 18 deletions(-) |
| |
| --- a/net/xfrm/xfrm_user.c |
| +++ b/net/xfrm/xfrm_user.c |
| @@ -620,13 +620,8 @@ static struct xfrm_state *xfrm_state_con |
| |
| xfrm_smark_init(attrs, &x->props.smark); |
| |
| - if (attrs[XFRMA_IF_ID]) { |
| + if (attrs[XFRMA_IF_ID]) |
| x->if_id = nla_get_u32(attrs[XFRMA_IF_ID]); |
| - if (!x->if_id) { |
| - err = -EINVAL; |
| - goto error; |
| - } |
| - } |
| |
| err = __xfrm_init_state(x, false, attrs[XFRMA_OFFLOAD_DEV]); |
| if (err) |
| @@ -1332,13 +1327,8 @@ static int xfrm_alloc_userspi(struct sk_ |
| |
| mark = xfrm_mark_get(attrs, &m); |
| |
| - if (attrs[XFRMA_IF_ID]) { |
| + if (attrs[XFRMA_IF_ID]) |
| if_id = nla_get_u32(attrs[XFRMA_IF_ID]); |
| - if (!if_id) { |
| - err = -EINVAL; |
| - goto out_noput; |
| - } |
| - } |
| |
| if (p->info.seq) { |
| x = xfrm_find_acq_byseq(net, mark, p->info.seq); |
| @@ -1640,13 +1630,8 @@ static struct xfrm_policy *xfrm_policy_c |
| |
| xfrm_mark_get(attrs, &xp->mark); |
| |
| - if (attrs[XFRMA_IF_ID]) { |
| + if (attrs[XFRMA_IF_ID]) |
| xp->if_id = nla_get_u32(attrs[XFRMA_IF_ID]); |
| - if (!xp->if_id) { |
| - err = -EINVAL; |
| - goto error; |
| - } |
| - } |
| |
| return xp; |
| error: |