ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add

JIRA: https://issues.redhat.com/browse/RHEL-115599

commit 84967de
Author: Minhong He <heminhong@kylinos.cn>
Date:   Fri Aug 15 14:38:45 2025 +0800

    ipv6: sr: validate HMAC algorithm ID in seg6_hmac_info_add

    The seg6_genl_sethmac() directly uses the algorithm ID provided by the
    userspace without verifying whether it is an HMAC algorithm supported
    by the system.
    If an unsupported HMAC algorithm ID is configured, packets using SRv6 HMAC
    will be dropped during encapsulation or decapsulation.

    Fixes: 4f4853d ("ipv6: sr: implement API to control SR HMAC structure")
    Signed-off-by: Minhong He <heminhong@kylinos.cn>
    Reviewed-by: Kuniyuki Iwashima <kuniyu@google.com>
    Link: https://patch.msgid.link/20250815063845.85426-1-heminhong@kylinos.cn
    Signed-off-by: Jakub Kicinski <kuba@kernel.org>

Signed-off-by: CKI Backport Bot <cki-ci-bot+cki-gitlab-backport-bot@redhat.com>

Author: CKI Backport Bot

net/ipv6/seg6_hmac.c

@@ -295,6 +295,9 @@ int seg6_hmac_info_add(struct net *net, u32 key, struct seg6_hmac_info *hinfo)
 	struct seg6_pernet_data *sdata = seg6_pernet(net);
 	int err;
 
+	if (!__hmac_get_algo(hinfo->alg_id))
+		return -EINVAL;
+
 	err = rhashtable_lookup_insert_fast(&sdata->hmac_infos, &hinfo->node,
 					    rht_params);