xfrm: ensure minlen in policy for XFRMA_OFFLOAD_DEV

Otherwise, we cannot just access the netlink attribute and be sure it has the right size. Add the length to the policy, so it gets validated.
author: Thomas Haller <thaller@redhat.com> 2022-03-03 12:17:07 (GMT)
committer: Thomas Haller <thaller@redhat.com> 2022-03-03 12:17:07 (GMT)
commit: 89501949892e8d5ca38236b44b681f5032f9e87c (patch)
tree: ab3f3a771a4dc7bebe326e54bf7a2229aeb2adde /lib/xfrm/sa.c
parent: c8f33a4851de0b6e67f72308465c3542d88e455f (diff)
download: libnl-89501949892e8d5ca38236b44b681f5032f9e87c.zip
libnl-89501949892e8d5ca38236b44b681f5032f9e87c.tar.gz
libnl-89501949892e8d5ca38236b44b681f5032f9e87c.tar.bz2
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/xfrm/sa.c b/lib/xfrm/sa.c
index 4427e59..1e83942 100644
--- a/lib/xfrm/sa.c
+++ b/lib/xfrm/sa.c
@@ -643,6 +643,7 @@ static struct nla_policy xfrm_sa_policy[XFRMA_MAX+1] = {
 	[XFRMA_SEC_CTX]         = { .minlen = sizeof(struct xfrm_sec_ctx) },
 	[XFRMA_LTIME_VAL]       = { .minlen = sizeof(struct xfrm_lifetime_cur) },
 	[XFRMA_REPLAY_VAL]      = { .minlen = sizeof(struct xfrm_replay_state) },
+	[XFRMA_OFFLOAD_DEV]     = { .minlen = sizeof(struct xfrm_user_offload) },
 	[XFRMA_REPLAY_THRESH]   = { .type = NLA_U32 },
 	[XFRMA_ETIMER_THRESH]   = { .type = NLA_U32 },
 	[XFRMA_SRCADDR]         = { .minlen = sizeof(xfrm_address_t) },
author	Thomas Haller <thaller@redhat.com>	2022-03-03 12:17:07 (GMT)
committer	Thomas Haller <thaller@redhat.com>	2022-03-03 12:17:07 (GMT)
commit	89501949892e8d5ca38236b44b681f5032f9e87c (patch)
tree	ab3f3a771a4dc7bebe326e54bf7a2229aeb2adde /lib/xfrm/sa.c
parent	c8f33a4851de0b6e67f72308465c3542d88e455f (diff)
download	libnl-89501949892e8d5ca38236b44b681f5032f9e87c.zip libnl-89501949892e8d5ca38236b44b681f5032f9e87c.tar.gz libnl-89501949892e8d5ca38236b44b681f5032f9e87c.tar.bz2