diff options
author | Sabrina Dubroca <sd@queasysnail.net> | 2022-09-27 17:45:30 +0200 |
---|---|---|
committer | Steffen Klassert <steffen.klassert@secunet.com> | 2022-09-29 07:17:59 +0200 |
commit | ef87a4f84b10187a1db8aee95ed5b863474750c1 (patch) | |
tree | 94e6f6b89fabdba6e718f91f05cfa04e92c1c9a5 /net/ipv4/ah4.c | |
parent | e1e10b44cf284248fb099681f48cc723564a1cc8 (diff) | |
download | linux-stable-ef87a4f84b10187a1db8aee95ed5b863474750c1.tar.gz linux-stable-ef87a4f84b10187a1db8aee95ed5b863474750c1.tar.bz2 linux-stable-ef87a4f84b10187a1db8aee95ed5b863474750c1.zip |
xfrm: ah: add extack to ah_init_state, ah6_init_state
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Diffstat (limited to 'net/ipv4/ah4.c')
-rw-r--r-- | net/ipv4/ah4.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/net/ipv4/ah4.c b/net/ipv4/ah4.c index babefff15de3..ee4e578c7f20 100644 --- a/net/ipv4/ah4.c +++ b/net/ipv4/ah4.c @@ -477,24 +477,32 @@ static int ah_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack) struct xfrm_algo_desc *aalg_desc; struct crypto_ahash *ahash; - if (!x->aalg) + if (!x->aalg) { + NL_SET_ERR_MSG(extack, "AH requires a state with an AUTH algorithm"); goto error; + } - if (x->encap) + if (x->encap) { + NL_SET_ERR_MSG(extack, "AH is not compatible with encapsulation"); goto error; + } ahp = kzalloc(sizeof(*ahp), GFP_KERNEL); if (!ahp) return -ENOMEM; ahash = crypto_alloc_ahash(x->aalg->alg_name, 0, 0); - if (IS_ERR(ahash)) + if (IS_ERR(ahash)) { + NL_SET_ERR_MSG(extack, "Kernel was unable to initialize cryptographic operations"); goto error; + } ahp->ahash = ahash; if (crypto_ahash_setkey(ahash, x->aalg->alg_key, - (x->aalg->alg_key_len + 7) / 8)) + (x->aalg->alg_key_len + 7) / 8)) { + NL_SET_ERR_MSG(extack, "Kernel was unable to initialize cryptographic operations"); goto error; + } /* * Lookup the algorithm description maintained by xfrm_algo, @@ -507,10 +515,7 @@ static int ah_init_state(struct xfrm_state *x, struct netlink_ext_ack *extack) if (aalg_desc->uinfo.auth.icv_fullbits/8 != crypto_ahash_digestsize(ahash)) { - pr_info("%s: %s digestsize %u != %u\n", - __func__, x->aalg->alg_name, - crypto_ahash_digestsize(ahash), - aalg_desc->uinfo.auth.icv_fullbits / 8); + NL_SET_ERR_MSG(extack, "Kernel was unable to initialize cryptographic operations"); goto error; } |