linux-stable/net
Willem de Bruijn 36d60eba86 ip: Fix SO_MARK in RST, ACK and ICMP packets
[ Upstream commit 0da7536fb4 ]

When no full socket is available, skbs are sent over a per-netns
control socket. Its sk_mark is temporarily adjusted to match that
of the real (request or timewait) socket or to reflect an incoming
skb, so that the outgoing skb inherits this in __ip_make_skb.

Introduction of the socket cookie mark field broke this. Now the
skb is set through the cookie and cork:

<caller>		# init sockc.mark from sk_mark or cmsg
ip_append_data
  ip_setup_cork		# convert sockc.mark to cork mark
ip_push_pending_frames
  ip_finish_skb
    __ip_make_skb	# set skb->mark to cork mark

But I missed these special control sockets. Update all callers of
__ip(6)_make_skb that were originally missed.

For IPv6, the same two icmp(v6) paths are affected. The third
case is not, as commit 92e55f412c ("tcp: don't annotate
mark on control socket from tcp_v6_send_response()") replaced
the ctl_sk->sk_mark with passing the mark field directly as a
function argument. That commit predates the commit that
introduced the bug.

Fixes: c6af0c227a ("ip: support SO_MARK cmsg")
Signed-off-by: Willem de Bruijn <willemb@google.com>
Reported-by: Martin KaFai Lau <kafai@fb.com>
Reviewed-by: Martin KaFai Lau <kafai@fb.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-07-22 09:32:50 +02:00
..
6lowpan
9p
802
8021q
appletalk
atm
ax25 ax25: fix setsockopt(SO_BINDTODEVICE) 2020-06-03 08:20:39 +02:00
batman-adv batman-adv: Revert "disable ethtool link speed detection when auto negotiation off" 2020-06-22 09:30:56 +02:00
bluetooth Bluetooth: Add SCO fallback for invalid LMP parameters error 2020-06-22 09:30:54 +02:00
bpf
bpfilter
bridge bridge: mcast: Fix MLD2 Report IPv6 payload length check 2020-07-22 09:32:46 +02:00
caif
can
ceph libceph: ignore pool overlay and cache logic on redirects 2020-06-03 08:21:25 +02:00
core cgroup: fix cgroup_sk_alloc() for sk_clone_lock() 2020-07-22 09:32:49 +02:00
dcb
dccp dccp: Fix possible memleak in dccp_init and dccp_fini 2020-06-17 16:40:32 +02:00
decnet
dns_resolver KEYS: Don't write out to userspace while holding key semaphore 2020-04-23 10:36:45 +02:00
dsa net: dsa: declare lockless TX feature for slave ports 2020-06-03 08:21:38 +02:00
ethernet
hsr
ieee802154
ife
ipv4 ip: Fix SO_MARK in RST, ACK and ICMP packets 2020-07-22 09:32:50 +02:00
ipv6 ip: Fix SO_MARK in RST, ACK and ICMP packets 2020-07-22 09:32:50 +02:00
iucv
kcm
key
l2tp l2tp: remove skb_dst_set() from l2tp_xmit_skb() 2020-07-22 09:32:47 +02:00
l3mdev
lapb
llc llc: make sure applications use ARPHRD_ETHER 2020-07-22 09:32:47 +02:00
mac80211 mac80211: mesh: fix discovery timer re-arming issue / crash 2020-06-03 08:21:30 +02:00
mac802154
mpls
ncsi
netfilter netfilter: conntrack: refetch conntrack after nf_conntrack_update() 2020-07-16 08:16:38 +02:00
netlabel netlabel: cope with NULL catmap 2020-05-20 08:20:08 +02:00
netlink genetlink: remove genl_bind 2020-07-22 09:32:46 +02:00
netrom net: netrom: Fix potential nr_neigh refcnt leak in nr_add_node 2020-04-29 16:33:08 +02:00
nfc
nsh
openvswitch openvswitch: take into account de-fragmentation/gso_size in execute_check_pkt_len 2020-06-30 15:36:45 -04:00
packet
phonet
psample
qrtr net: qrtr: Fix an out of bounds read qrtr_endpoint_post() 2020-07-16 08:16:36 +02:00
rds net/rds: Use ERR_PTR for rds_message_alloc_sgs() 2020-05-20 08:20:27 +02:00
rfkill
rose
rxrpc rxrpc: Fix afs large storage transmission performance drop 2020-07-09 09:37:52 +02:00
sched sched: consistently handle layer3 header accesses in the presence of VLANs 2020-07-22 09:32:48 +02:00
sctp sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket 2020-06-30 15:36:45 -04:00
smc
strparser
sunrpc xprtrdma: Fix handling of RDMA_ERROR replies 2020-06-30 15:37:12 -04:00
switchdev
tipc tipc: block BH before using dst_cache 2020-06-03 08:21:03 +02:00
tls bpf: Fix running sk_skb program types with ktls 2020-06-22 09:31:12 +02:00
unix
vmw_vsock vsock: fix timeout in vsock_accept() 2020-06-10 20:24:55 +02:00
wimax
wireless nl80211: don't return err unconditionally in nl80211_start_ap() 2020-07-16 08:16:37 +02:00
x25 net/x25: Fix x25_neigh refcnt leak when receiving frame 2020-04-29 16:33:09 +02:00
xdp xdp: Fix xsk_generic_xmit errno 2020-06-24 17:50:44 +02:00
xfrm xfrm: Fix double ESP trailer insertion in IPsec crypto offload. 2020-06-30 15:36:53 -04:00
compat.c
Kconfig
Makefile
socket.c
sysctl_net.c