Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 841c0b7f authored by Julian Anastasov's avatar Julian Anastasov Committed by Amit Pundir
Browse files

UPSTREAM: ipv4: add missing initialization for flowi4_uid 



commit 8bcfd0925ef15f072ba1e7bee2c25e9e1b5fd6ca upstream.

Avoid matching of random stack value for uid when rules
are looked up on input route or when RP filter is used.
Problem should affect only setups that use ip rules with
uid range.

Fixes: 622ec2c9d524 ("net: core: add UID to flows, rules, and routes")
Signed-off-by: default avatarJulian Anastasov <ja@ssi.bg>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>

Change-Id: I482d3e283a7515ea2d6a84920d66839341e63be5
Fixes: ("UPSTREAM: net: core: add UID to flows, rules, and routes")
Signed-off-by: default avatarAmit Pundir <amit.pundir@linaro.org>
parent 60cc09a9

net/ipv4/fib_frontend.c

+3 −3
Original line number Diff line number Diff line
@@ -319,7 +319,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, 
	int ret, no_addr;

	struct fib_result res;

	struct flowi4 fl4;

	struct net *net;

	struct net *net = dev_net(dev);

	bool dev_match;



	fl4.flowi4_oif = 0;
@@ -332,6 +332,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, 
	fl4.flowi4_scope = RT_SCOPE_UNIVERSE;

	fl4.flowi4_tun_key.tun_id = 0;

	fl4.flowi4_flags = 0;

	fl4.flowi4_uid = sock_net_uid(net, NULL);



	no_addr = idev->ifa_list == NULL;
@@ -339,13 +340,12 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, 


	trace_fib_validate_source(dev, &fl4);



	net = dev_net(dev);

	if (fib_lookup(net, &fl4, &res, 0))

		goto last_resort;

	if (res.type != RTN_UNICAST &&

	    (res.type != RTN_LOCAL || !IN_DEV_ACCEPT_LOCAL(idev)))

		goto e_inval;

	if (!rpf && !fib_num_tclassid_users(dev_net(dev)) &&

	if (!rpf && !fib_num_tclassid_users(net) &&

	    (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev)))

		goto last_resort;

	fib_combine_itag(itag, &res);

net/ipv4/route.c

+1 −0
Original line number Diff line number Diff line
@@ -1860,6 +1860,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, 
	fl4.flowi4_flags = 0;

	fl4.daddr = daddr;

	fl4.saddr = saddr;

	fl4.flowi4_uid = sock_net_uid(net, NULL);

	err = fib_lookup(net, &fl4, &res, 0);

	if (err != 0) {

		if (!IN_DEV_FORWARD(in_dev))