[thirdparty/kernel/stable-queue.git] / releases / 4.10.5 / ipv4-add-missing-initialization-for-flowi4_uid.patch

From foo@baz Sat Mar 18 22:03:53 CST 2017
From: Julian Anastasov <ja@ssi.bg>
Date: Sun, 26 Feb 2017 15:50:52 +0200
Subject: ipv4: add missing initialization for flowi4_uid

From: Julian Anastasov <ja@ssi.bg>


[ Upstream commit 8bcfd0925ef15f072ba1e7bee2c25e9e1b5fd6ca ]

Avoid matching of random stack value for uid when rules
are looked up on input route or when RP filter is used.
Problem should affect only setups that use ip rules with
uid range.

Fixes: 622ec2c9d524 ("net: core: add UID to flows, rules, and routes")
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 net/ipv4/fib_frontend.c |    6 +++---
 net/ipv4/route.c        |    1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -319,7 +319,7 @@ static int __fib_validate_source(struct
 	int ret, no_addr;
 	struct fib_result res;
 	struct flowi4 fl4;
-	struct net *net;
+	struct net *net = dev_net(dev);
 	bool dev_match;
 
 	fl4.flowi4_oif = 0;
@@ -332,6 +332,7 @@ static int __fib_validate_source(struct
 	fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
 	fl4.flowi4_tun_key.tun_id = 0;
 	fl4.flowi4_flags = 0;
+	fl4.flowi4_uid = sock_net_uid(net, NULL);
 
 	no_addr = idev->ifa_list == NULL;
 
@@ -339,13 +340,12 @@ static int __fib_validate_source(struct
 
 	trace_fib_validate_source(dev, &fl4);
 
-	net = dev_net(dev);
 	if (fib_lookup(net, &fl4, &res, 0))
 		goto last_resort;
 	if (res.type != RTN_UNICAST &&
 	    (res.type != RTN_LOCAL || !IN_DEV_ACCEPT_LOCAL(idev)))
 		goto e_inval;
-	if (!rpf && !fib_num_tclassid_users(dev_net(dev)) &&
+	if (!rpf && !fib_num_tclassid_users(net) &&
 	    (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev)))
 		goto last_resort;
 	fib_combine_itag(itag, &res);
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1858,6 +1858,7 @@ static int ip_route_input_slow(struct sk
 	fl4.flowi4_flags = 0;
 	fl4.daddr = daddr;
 	fl4.saddr = saddr;
+	fl4.flowi4_uid = sock_net_uid(net, NULL);
 	err = fib_lookup(net, &fl4, &res, 0);
 	if (err != 0) {
 		if (!IN_DEV_FORWARD(in_dev))
Commit	Line	Data
2ee025e9 GKH	1	From foo@baz Sat Mar 18 22:03:53 CST 2017
	2	From: Julian Anastasov <ja@ssi.bg>
	3	Date: Sun, 26 Feb 2017 15:50:52 +0200
	4	Subject: ipv4: add missing initialization for flowi4_uid
	5
	6	From: Julian Anastasov <ja@ssi.bg>
	7
	8
	9	[ Upstream commit 8bcfd0925ef15f072ba1e7bee2c25e9e1b5fd6ca ]
	10
	11	Avoid matching of random stack value for uid when rules
	12	are looked up on input route or when RP filter is used.
	13	Problem should affect only setups that use ip rules with
	14	uid range.
	15
	16	Fixes: 622ec2c9d524 ("net: core: add UID to flows, rules, and routes")
	17	Signed-off-by: Julian Anastasov <ja@ssi.bg>
	18	Signed-off-by: David S. Miller <davem@davemloft.net>
	19	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	20	---
	21	net/ipv4/fib_frontend.c \| 6 +++---
	22	net/ipv4/route.c \| 1 +
	23	2 files changed, 4 insertions(+), 3 deletions(-)
	24
	25	--- a/net/ipv4/fib_frontend.c
	26	+++ b/net/ipv4/fib_frontend.c
	27	@@ -319,7 +319,7 @@ static int __fib_validate_source(struct
	28	int ret, no_addr;
	29	struct fib_result res;
	30	struct flowi4 fl4;
	31	- struct net *net;
	32	+ struct net *net = dev_net(dev);
	33	bool dev_match;
	34
	35	fl4.flowi4_oif = 0;
	36	@@ -332,6 +332,7 @@ static int __fib_validate_source(struct
	37	fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
	38	fl4.flowi4_tun_key.tun_id = 0;
	39	fl4.flowi4_flags = 0;
	40	+ fl4.flowi4_uid = sock_net_uid(net, NULL);
	41
	42	no_addr = idev->ifa_list == NULL;
	43
	44	@@ -339,13 +340,12 @@ static int __fib_validate_source(struct
	45
	46	trace_fib_validate_source(dev, &fl4);
	47
	48	- net = dev_net(dev);
	49	if (fib_lookup(net, &fl4, &res, 0))
	50	goto last_resort;
	51	if (res.type != RTN_UNICAST &&
	52	(res.type != RTN_LOCAL \|\| !IN_DEV_ACCEPT_LOCAL(idev)))
	53	goto e_inval;
	54	- if (!rpf && !fib_num_tclassid_users(dev_net(dev)) &&
	55	+ if (!rpf && !fib_num_tclassid_users(net) &&
	56	(dev->ifindex != oif \|\| !IN_DEV_TX_REDIRECTS(idev)))
	57	goto last_resort;
	58	fib_combine_itag(itag, &res);
	59	--- a/net/ipv4/route.c
	60	+++ b/net/ipv4/route.c
	61	@@ -1858,6 +1858,7 @@ static int ip_route_input_slow(struct sk
	62	fl4.flowi4_flags = 0;
	63	fl4.daddr = daddr;
	64	fl4.saddr = saddr;
65	+ fl4.flowi4_uid = sock_net_uid(net, NULL);
66	err = fib_lookup(net, &fl4, &res, 0);
67	if (err != 0) {
68	if (!IN_DEV_FORWARD(in_dev))