4.14-stable patches

added patches:
	taskstats-cleanup-the-use-of-task-exit_code.patch
	xfrm-don-t-accidentally-set-rto_onlink-in-decode_session4.patch

diff --git a/queue-4.14/series b/queue-4.14/series
index 532dd7f2efb96f203bdc9113c694d3b8a3e6b039..63e58f01c0c8402eb2113902c074f07046c2fe8b 100644 (file)
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -14,3 +14,5 @@ quota-make-dquot_quota_sync-return-errors-from-sync_.patch
 revert-module-async-async_synchronize_full-on-module.patch
 iwlwifi-fix-use-after-free.patch
 drm-radeon-fix-backlight-control-on-imac-12-1.patch
+xfrm-don-t-accidentally-set-rto_onlink-in-decode_session4.patch
+taskstats-cleanup-the-use-of-task-exit_code.patch

diff --git a/queue-4.14/taskstats-cleanup-the-use-of-task-exit_code.patch b/queue-4.14/taskstats-cleanup-the-use-of-task-exit_code.patch
new file mode 100644 (file)
index 0000000..acb03a9
--- /dev/null
+++ b/queue-4.14/taskstats-cleanup-the-use-of-task-exit_code.patch
@@ -0,0 +1,61 @@
+From foo@baz Fri Feb 18 10:35:08 AM CET 2022
+From: "Eric W. Biederman" <ebiederm@xmission.com>
+Date: Mon, 3 Jan 2022 11:32:36 -0600
+Subject: taskstats: Cleanup the use of task->exit_code
+
+From: "Eric W. Biederman" <ebiederm@xmission.com>
+
+commit 1b5a42d9c85f0e731f01c8d1129001fd8531a8a0 upstream.
+
+In the function bacct_add_task the code reading task->exit_code was
+introduced in commit f3cef7a99469 ("[PATCH] csa: basic accounting over
+taskstats"), and it is not entirely clear what the taskstats interface
+is trying to return as only returning the exit_code of the first task
+in a process doesn't make a lot of sense.
+
+As best as I can figure the intent is to return task->exit_code after
+a task exits.  The field is returned with per task fields, so the
+exit_code of the entire process is not wanted.  Only the value of the
+first task is returned so this is not a useful way to get the per task
+ptrace stop code.  The ordinary case of returning this value is
+returning after a task exits, which also precludes use for getting
+a ptrace value.
+
+It is common to for the first task of a process to also be the last
+task of a process so this field may have done something reasonable by
+accident in testing.
+
+Make ac_exitcode a reliable per task value by always returning it for
+every exited task.
+
+Setting ac_exitcode in a sensible mannter makes it possible to continue
+to provide this value going forward.
+
+Cc: Balbir Singh <bsingharora@gmail.com>
+Fixes: f3cef7a99469 ("[PATCH] csa: basic accounting over taskstats")
+Link: https://lkml.kernel.org/r/20220103213312.9144-5-ebiederm@xmission.com
+Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
+[sudip: adjust context]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ kernel/tsacct.c |    7 +++----
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+--- a/kernel/tsacct.c
++++ b/kernel/tsacct.c
+@@ -46,11 +46,10 @@ void bacct_add_tsk(struct user_namespace
+       /* Convert to seconds for btime */
+       do_div(delta, USEC_PER_SEC);
+       stats->ac_btime = get_seconds() - delta;
+-      if (thread_group_leader(tsk)) {
++      if (tsk->flags & PF_EXITING)
+               stats->ac_exitcode = tsk->exit_code;
+-              if (tsk->flags & PF_FORKNOEXEC)
+-                      stats->ac_flag |= AFORK;
+-      }
++      if (thread_group_leader(tsk) && (tsk->flags & PF_FORKNOEXEC))
++              stats->ac_flag |= AFORK;
+       if (tsk->flags & PF_SUPERPRIV)
+               stats->ac_flag |= ASU;
+       if (tsk->flags & PF_DUMPCORE)

diff --git a/queue-4.14/xfrm-don-t-accidentally-set-rto_onlink-in-decode_session4.patch b/queue-4.14/xfrm-don-t-accidentally-set-rto_onlink-in-decode_session4.patch
new file mode 100644 (file)
index 0000000..962bb89
--- /dev/null
+++ b/queue-4.14/xfrm-don-t-accidentally-set-rto_onlink-in-decode_session4.patch
@@ -0,0 +1,49 @@
+From foo@baz Fri Feb 18 10:23:23 AM CET 2022
+From: Guillaume Nault <gnault@redhat.com>
+Date: Mon, 10 Jan 2022 14:43:06 +0100
+Subject: xfrm: Don't accidentally set RTO_ONLINK in decode_session4()
+
+From: Guillaume Nault <gnault@redhat.com>
+
+commit 23e7b1bfed61e301853b5e35472820d919498278 upstream.
+
+Similar to commit 94e2238969e8 ("xfrm4: strip ECN bits from tos field"),
+clear the ECN bits from iph->tos when setting ->flowi4_tos.
+This ensures that the last bit of ->flowi4_tos is cleared, so
+ip_route_output_key_hash() isn't going to restrict the scope of the
+route lookup.
+
+Use ~INET_ECN_MASK instead of IPTOS_RT_MASK, because we have no reason
+to clear the high order bits.
+
+Found by code inspection, compile tested only.
+
+Fixes: 4da3089f2b58 ("[IPSEC]: Use TOS when doing tunnel lookups")
+Signed-off-by: Guillaume Nault <gnault@redhat.com>
+Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+[sudip: manually backport to previous location]
+Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ net/ipv4/xfrm4_policy.c |    3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/net/ipv4/xfrm4_policy.c
++++ b/net/ipv4/xfrm4_policy.c
+@@ -17,6 +17,7 @@
+ #include <net/xfrm.h>
+ #include <net/ip.h>
+ #include <net/l3mdev.h>
++#include <net/inet_ecn.h>
+ 
+ static struct dst_entry *__xfrm4_dst_lookup(struct net *net, struct flowi4 *fl4,
+                                           int tos, int oif,
+@@ -126,7 +127,7 @@ _decode_session4(struct sk_buff *skb, st
+       fl4->flowi4_proto = iph->protocol;
+       fl4->daddr = reverse ? iph->saddr : iph->daddr;
+       fl4->saddr = reverse ? iph->daddr : iph->saddr;
+-      fl4->flowi4_tos = iph->tos;
++      fl4->flowi4_tos = iph->tos & ~INET_ECN_MASK;
+ 
+       if (!ip_is_fragment(iph)) {
+               switch (iph->protocol) {