On 11/1/21 10:34 AM, Leonard Crestez wrote:
@@ -584,10 +614,24 @@ int tcp_set_authopt_key(struct sock *sk, sockptr_t optval, unsigned int optlen)
return -EINVAL;
err = tcp_authopt_alg_require(alg);
if (err)
return err;
+ /* check ifindex is valid (zero is always valid) */
+ if (opt.flags & TCP_AUTHOPT_KEY_IFINDEX && opt.ifindex) {
+ struct net_device *dev;
+
+ rcu_read_lock();
+ dev = dev_get_by_index_rcu(sock_net(sk), opt.ifindex);
+ if (dev && netif_is_l3_master(dev))
+ l3index = dev->ifindex;
+ rcu_read_unlock();
rcu_read_lock()... rcu_read_unlock() can be replaced with
netif_index_is_l3_master(...)