tcp: Validate route interface in early demux. (fd62e09b) · Commits · e / devices / android_kernel_fairphone_FP4

net/ipv4/tcp_ipv4.c

+9 −3

Original line number	Diff line number	Diff line
		@@ -1676,6 +1676,7 @@ int tcp_v4_early_demux(struct sk_buff *skb)
		struct net *net = dev_net(skb->dev);
		const struct iphdr *iph;
		const struct tcphdr *th;
		struct net_device *dev;
		struct sock *sk;
		int err;

		@@ -1695,10 +1696,11 @@ int tcp_v4_early_demux(struct sk_buff *skb)
		if (!pskb_may_pull(skb, ip_hdrlen(skb) + th->doff * 4))
		goto out_err;

		dev = skb->dev;
		sk = __inet_lookup_established(net, &tcp_hashinfo,
		iph->saddr, th->source,
		iph->daddr, th->dest,
		skb->dev->ifindex);
		dev->ifindex);
		if (sk) {
		skb->sk = sk;
		skb->destructor = sock_edemux;
		@@ -1707,11 +1709,15 @@ int tcp_v4_early_demux(struct sk_buff *skb)
		if (dst)
		dst = dst_check(dst, 0);
		if (dst) {
		struct rtable rt = (struct rtable ) dst;

		if (rt->rt_iif == dev->ifindex) {
		skb_dst_set_noref(skb, dst);
		err = 0;
		}
		}
		}
		}

		out_err:
		return err;