macsec: check return value of skb_to_sgvec always

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Cc: Sabrina Dubroca <sd@queasysnail.net>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 91642fd87cd1b8edfd7d009a130ba4ef51c9aeac..b79513b8322fdacec7990d732e96fe8c21717b3a 100644 (file)
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -740,7 +740,12 @@ static struct sk_buff *macsec_encrypt(struct sk_buff *skb,
        macsec_fill_iv(iv, secy->sci, pn);
 
        sg_init_table(sg, ret);
-       skb_to_sgvec(skb, sg, 0, skb->len);
+       ret = skb_to_sgvec(skb, sg, 0, skb->len);
+       if (unlikely(ret < 0)) {
+               macsec_txsa_put(tx_sa);
+               kfree_skb(skb);
+               return ERR_PTR(ret);
+       }
 
        if (tx_sc->encrypt) {
                int len = skb->len - macsec_hdr_len(sci_present) -
@@ -947,7 +952,11 @@ static struct sk_buff *macsec_decrypt(struct sk_buff *skb,
        macsec_fill_iv(iv, sci, ntohl(hdr->packet_number));
 
        sg_init_table(sg, ret);
-       skb_to_sgvec(skb, sg, 0, skb->len);
+       ret = skb_to_sgvec(skb, sg, 0, skb->len);
+       if (unlikely(ret < 0)) {
+               kfree_skb(skb);
+               return ERR_PTR(ret);
+       }
 
        if (hdr->tci_an & MACSEC_TCI_E) {
                /* confidentiality: ethernet + macsec header