summaryrefslogtreecommitdiffstats
path: root/net/ipv4/ah4.c
diff options
context:
space:
mode:
authorSabrina Dubroca <sd@queasysnail.net>2022-09-27 17:45:30 +0200
committerSteffen Klassert <steffen.klassert@secunet.com>2022-09-29 07:17:59 +0200
commitef87a4f84b10187a1db8aee95ed5b863474750c1 (patch)
tree94e6f6b89fabdba6e718f91f05cfa04e92c1c9a5 /net/ipv4/ah4.c
parente1e10b44cf284248fb099681f48cc723564a1cc8 (diff)
downloadlinux-stable-ef87a4f84b10187a1db8aee95ed5b863474750c1.tar.gz
linux-stable-ef87a4f84b10187a1db8aee95ed5b863474750c1.tar.bz2
linux-stable-ef87a4f84b10187a1db8aee95ed5b863474750c1.zip
xfrm: ah: add extack to ah_init_state, ah6_init_state
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net> Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/ipv4/ah4.c')
-rw-r--r--net/ipv4/ah4.c21
1 files changed, 13 insertions, 8 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c
index babefff15de3..ee4e578c7f20 100644
--- a/net/ipv4/ah4.c
+++ b/net/ipv4/ah4.c
@@ -477,24 +477,32 @@ static int ah_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack)
struct xfrm_algo_desc *aalg_desc;
struct crypto_ahash *ahash;
- if (!x->aalg)
+ if (!x->aalg) {
+ NL_SET_ERR_MSG(extack, "AH requires a state with an AUTH algorithm");
goto error;
+ }
- if (x->encap)
+ if (x->encap) {
+ NL_SET_ERR_MSG(extack, "AH is not compatible with encapsulation");
goto error;
+ }
ahp = kzalloc(sizeof(*ahp), GFP_KERNEL);
if (!ahp)
return -ENOMEM;
ahash = crypto_alloc_ahash(x->aalg->alg_name, 0, 0);
- if (IS_ERR(ahash))
+ if (IS_ERR(ahash)) {
+ NL_SET_ERR_MSG(extack, "Kernel was unable to initialize cryptographic operations");
goto error;
+ }
ahp->ahash = ahash;
if (crypto_ahash_setkey(ahash, x->aalg->alg_key,
- (x->aalg->alg_key_len + 7) / 8))
+ (x->aalg->alg_key_len + 7) / 8)) {
+ NL_SET_ERR_MSG(extack, "Kernel was unable to initialize cryptographic operations");
goto error;
+ }
/*
* Lookup the algorithm description maintained by xfrm_algo,
@@ -507,10 +515,7 @@ static int ah_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack)
if (aalg_desc->uinfo.auth.icv_fullbits/8 !=
crypto_ahash_digestsize(ahash)) {
- pr_info("%s: %s digestsize %u != %u\n",
- __func__, x->aalg->alg_name,
- crypto_ahash_digestsize(ahash),
- aalg_desc->uinfo.auth.icv_fullbits / 8);
+ NL_SET_ERR_MSG(extack, "Kernel was unable to initialize cryptographic operations");
goto error;
}