[][openwrt][mt7988][crypto][Add checking xfrm state info to avoid null pointer]
[Description]
Add checking xfrm state info to avoid null pointer.
[Release-log]
N/A
Change-Id: I1fab1b13b52dbc59d7e9ce9083541af014998b0e
Reviewed-on: https://gerrit.mediatek.inc/c/openwrt/feeds/mtk_openwrt_feeds/+/9437494
diff --git a/feed/kernel/crypto-eip/src/ddk-wrapper.c b/feed/kernel/crypto-eip/src/ddk-wrapper.c
index ffc0df1..43bb138 100644
--- a/feed/kernel/crypto-eip/src/ddk-wrapper.c
+++ b/feed/kernel/crypto-eip/src/ddk-wrapper.c
@@ -2081,6 +2081,13 @@
return (u32 *) sa_handle.p;
}
+ /* Check algorithm exist in xfrm state*/
+ if (!xs->ealg || !xs->aalg) {
+ CRYPTO_ERR("NULL algorithm in xfrm state\n");
+ sa_handle.p = NULL;
+ return (u32 *) sa_handle.p;
+ }
+
/* Add crypto key and parameters */
params.CryptoAlgo = set_crypto_algo(xs->ealg);
params.CryptoMode = SAB_CRYPTO_MODE_CBC;
diff --git a/feed/kernel/crypto-eip/src/xfrm-offload.c b/feed/kernel/crypto-eip/src/xfrm-offload.c
index 1075b77..81d3415 100644
--- a/feed/kernel/crypto-eip/src/xfrm-offload.c
+++ b/feed/kernel/crypto-eip/src/xfrm-offload.c
@@ -61,6 +61,9 @@
static void mtk_xfrm_offload_cdrt_tear_down(struct mtk_xfrm_params *xfrm_params)
{
+ if (!xfrm_params->cdrt)
+ return;
+
memset(&xfrm_params->cdrt->desc, 0, sizeof(struct cdrt_desc));
mtk_pce_cdrt_entry_write(xfrm_params->cdrt);
@@ -83,6 +86,9 @@
static void mtk_xfrm_offload_cls_entry_tear_down(struct mtk_xfrm_params *xfrm_params)
{
+ if (!xfrm_params->cdrt || !xfrm_params->cdrt->cls)
+ return;
+
memset(&xfrm_params->cdrt->cls->cdesc, 0, sizeof(struct cls_desc));
mtk_pce_cls_entry_write(xfrm_params->cdrt->cls);
@@ -301,7 +307,8 @@
mtk_xfrm_offload_context_tear_down(xfrm_params);
- mtk_pce_cdrt_entry_free(xfrm_params->cdrt);
+ if (xfrm_params->cdrt)
+ mtk_pce_cdrt_entry_free(xfrm_params->cdrt);
devm_kfree(crypto_dev, xfrm_params);
}