• Patrick McHardy's avatar
    [XFRM]: Fix aevent related crash · be33690d
    Patrick McHardy authored
    When xfrm_user isn't loaded xfrm_nl is NULL, which makes IPsec crash because
    xfrm_aevent_is_on passes the NULL pointer to netlink_has_listeners as socket.
    A second problem is that the xfrm_nl pointer is not cleared when the socket
    is releases at module unload time.
    
    Protect references of xfrm_nl from outside of xfrm_user by RCU, check
    that the socket is present in xfrm_aevent_is_on and set it to NULL
    when unloading xfrm_user.
    Signed-off-by: default avatarPatrick McHardy <kaber@trash.net>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    be33690d
xfrm_user.c 43.7 KB