lisa/android_kernel_xiaomi_sm8350
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5b7d4d91c0
android_kernel_xiaomi_sm8350/net
History
Nicolas Dichtel 5b7d4d91c0 ipv{4,6}/raw: fix output xfrm lookup wrt protocol 
commit 3632679d9e4f879f49949bb5b050e0de553e4739 upstream.

With a raw socket bound to IPPROTO_RAW (ie with hdrincl enabled), the
protocol field of the flow structure, build by raw_sendmsg() /
rawv6_sendmsg()),  is set to IPPROTO_RAW. This breaks the ipsec policy
lookup when some policies are defined with a protocol in the selector.

For ipv6, the sin6_port field from 'struct sockaddr_in6' could be used to
specify the protocol. Just accept all values for IPPROTO_RAW socket.

For ipv4, the sin_port field of 'struct sockaddr_in' could not be used
without breaking backward compatibility (the value of this field was never
checked). Let's add a new kind of control message, so that the userland
could specify which protocol is used.

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
CC: stable@vger.kernel.org
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Link: https://lore.kernel.org/r/20230522120820.1319391-1-nicolas.dichtel@6wind.com
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2023-06-05 08:17:33 +02:00
..
6lowpan
9p 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition 2023-04-20 12:07:36 +02:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2023-01-18 11:41:37 +01:00
8021q vlan: fix a potential uninit-value in vlan_dev_hard_start_xmit() 2023-05-30 12:44:06 +01:00
appletalk
atm treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() 2023-04-20 12:07:32 +02:00
ax25
batman-adv
bluetooth bluetooth: Add cmd validity checks at the start of hci_sock_ioctl() 2023-06-05 08:17:33 +02:00
bpf bpf: Move skb->len == 0 checks into __bpf_redirect 2023-01-18 11:41:04 +01:00
bpfilter
bridge netfilter: nftables: add nft_parse_register_store() and use it 2023-05-30 12:44:07 +01:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-17 08:32:51 +01:00
can can: j1939: recvmsg(): allow MSG_CMSG_COMPAT flag 2023-05-30 12:44:06 +01:00
ceph
core net: fix skb leak in __skb_tstamp_tx() 2023-05-30 12:44:10 +01:00
dcb
dccp dccp: Call inet6_destroy_sock() via sk->sk_destruct(). 2023-04-26 11:24:05 +02:00
decnet
dns_resolver
dsa net: dsa: ksz: Check return value 2022-12-14 11:30:45 +01:00
ethernet
hsr hsr: Avoid double remove of a node. 2023-01-18 11:41:09 +01:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-11-03 23:56:54 +09:00
ife
ipv4 ipv{4,6}/raw: fix output xfrm lookup wrt protocol 2023-06-05 08:17:33 +02:00
ipv6 ipv{4,6}/raw: fix output xfrm lookup wrt protocol 2023-06-05 08:17:33 +02:00
iucv treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() 2023-04-20 12:07:32 +02:00
kcm kcm: close race conditions on sk_receive_queue 2022-11-25 17:42:21 +01:00
key af_key: Reject optional tunnel/BEET mode templates in outbound policies 2023-05-30 12:44:05 +01:00
l2tp inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). 2023-04-26 11:24:05 +02:00
l3mdev
lapb
llc
mac80211 wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta 2023-04-20 12:07:33 +02:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-14 11:30:45 +01:00
mpls net: mpls: fix stale pointer if allocation fails during device rename 2023-02-22 12:50:41 +01:00
ncsi net/ncsi: clear Tx enable mode when handling a Config required AEN 2023-05-17 11:35:58 +02:00
netfilter netfilter: nf_tables: hold mutex on netns pre_exit path 2023-05-30 12:44:08 +01:00
netlabel
netlink netlink: annotate accesses to nlk->cb_running 2023-05-30 12:44:01 +01:00
netrom netrom: Fix use-after-free caused by accept on already connected socket 2023-02-22 12:50:24 +01:00
nfc nfc: change order inside nfc_se_io error path 2023-03-17 08:32:48 +01:00
nsh net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() 2023-05-30 12:44:05 +01:00
openvswitch net: openvswitch: fix flow memory leak in ovs_flow_cmd_new 2023-02-22 12:50:25 +01:00
packet net: add vlan_get_protocol_and_depth() helper 2023-05-30 12:44:01 +01:00
phonet
psample
qrtr
rds rds: rds_rm_zerocopy_callback() correct order for list_add_tail() 2023-03-11 16:43:41 +01:00
rfkill
rose net/rose: Fix to not accept on connected socket 2023-02-22 12:50:34 +01:00
rxrpc rxrpc: Fix hard call timeout units 2023-05-17 11:35:59 +02:00
sched net/sched: act_mirred: Add carrier check 2023-05-17 11:35:59 +02:00
sctp sctp: Call inet6_destroy_sock() via sk->sk_destruct(). 2023-04-26 11:24:05 +02:00
smc net/smc: fix fallback failed while sendmsg with fastopen 2023-03-17 08:32:51 +01:00
strparser
sunrpc SUNRPC: remove the maximum number of retries in call_bind_status 2023-05-17 11:35:52 +02:00
switchdev
tipc tipc: call tipc_lxc_xmit without holding node_read_lock 2023-01-18 11:42:06 +01:00
tls net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() 2023-04-05 11:16:36 +02:00
unix af_unix: Fix data races around sk->sk_shutdown. 2023-05-30 12:44:02 +01:00
vmw_vsock vsock: avoid to close connected socket after the timeout 2023-05-30 12:44:05 +01:00
wimax
wireless wifi: cfg80211: Partial revert "wifi: cfg80211: Fix use after free for wext" 2023-03-13 10:18:25 +01:00
x25 net/x25: Fix to not accept on connected socket 2023-02-22 12:50:26 +01:00
xdp
xfrm xfrm: Allow transport-mode states with AF_UNSPEC selector 2023-03-22 13:28:03 +01:00
compat.c
Kconfig
Makefile
socket.c net: annotate sk->sk_err write from do_recvmmsg() 2023-05-30 12:44:01 +01:00
sysctl_net.c