diff options
| author | Julian Anastasov <ja@ssi.bg> | 2017-02-26 08:50:52 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2017-02-26 11:03:38 -0500 |
| commit | 8bcfd0925ef15f072ba1e7bee2c25e9e1b5fd6ca (patch) | |
| tree | f3390a0540238f4d5168ae4883deb73026182848 | |
| parent | 8118b7b76c8c087055054884a39db6a7d138e1c5 (diff) | |
ipv4: add missing initialization for flowi4_uid
Avoid matching of random stack value for uid when rules
are looked up on input route or when RP filter is used.
Problem should affect only setups that use ip rules with
uid range.
Fixes: 622ec2c9d524 ("net: core: add UID to flows, rules, and routes")
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
| -rw-r--r-- | net/ipv4/fib_frontend.c | 6 | ||||
| -rw-r--r-- | net/ipv4/route.c | 1 |
2 files changed, 4 insertions, 3 deletions
diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c index 7db2ad2e82d3..b39a791f6756 100644 --- a/net/ipv4/fib_frontend.c +++ b/net/ipv4/fib_frontend.c | |||
| @@ -319,7 +319,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, | |||
| 319 | int ret, no_addr; | 319 | int ret, no_addr; |
| 320 | struct fib_result res; | 320 | struct fib_result res; |
| 321 | struct flowi4 fl4; | 321 | struct flowi4 fl4; |
| 322 | struct net *net; | 322 | struct net *net = dev_net(dev); |
| 323 | bool dev_match; | 323 | bool dev_match; |
| 324 | 324 | ||
| 325 | fl4.flowi4_oif = 0; | 325 | fl4.flowi4_oif = 0; |
| @@ -332,6 +332,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, | |||
| 332 | fl4.flowi4_scope = RT_SCOPE_UNIVERSE; | 332 | fl4.flowi4_scope = RT_SCOPE_UNIVERSE; |
| 333 | fl4.flowi4_tun_key.tun_id = 0; | 333 | fl4.flowi4_tun_key.tun_id = 0; |
| 334 | fl4.flowi4_flags = 0; | 334 | fl4.flowi4_flags = 0; |
| 335 | fl4.flowi4_uid = sock_net_uid(net, NULL); | ||
| 335 | 336 | ||
| 336 | no_addr = idev->ifa_list == NULL; | 337 | no_addr = idev->ifa_list == NULL; |
| 337 | 338 | ||
| @@ -339,13 +340,12 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst, | |||
| 339 | 340 | ||
| 340 | trace_fib_validate_source(dev, &fl4); | 341 | trace_fib_validate_source(dev, &fl4); |
| 341 | 342 | ||
| 342 | net = dev_net(dev); | ||
| 343 | if (fib_lookup(net, &fl4, &res, 0)) | 343 | if (fib_lookup(net, &fl4, &res, 0)) |
| 344 | goto last_resort; | 344 | goto last_resort; |
| 345 | if (res.type != RTN_UNICAST && | 345 | if (res.type != RTN_UNICAST && |
| 346 | (res.type != RTN_LOCAL || !IN_DEV_ACCEPT_LOCAL(idev))) | 346 | (res.type != RTN_LOCAL || !IN_DEV_ACCEPT_LOCAL(idev))) |
| 347 | goto e_inval; | 347 | goto e_inval; |
| 348 | if (!rpf && !fib_num_tclassid_users(dev_net(dev)) && | 348 | if (!rpf && !fib_num_tclassid_users(net) && |
| 349 | (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev))) | 349 | (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev))) |
| 350 | goto last_resort; | 350 | goto last_resort; |
| 351 | fib_combine_itag(itag, &res); | 351 | fib_combine_itag(itag, &res); |
diff --git a/net/ipv4/route.c b/net/ipv4/route.c index cb494a5050f7..584ed667bfa4 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c | |||
| @@ -1876,6 +1876,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, | |||
| 1876 | fl4.flowi4_flags = 0; | 1876 | fl4.flowi4_flags = 0; |
| 1877 | fl4.daddr = daddr; | 1877 | fl4.daddr = daddr; |
| 1878 | fl4.saddr = saddr; | 1878 | fl4.saddr = saddr; |
| 1879 | fl4.flowi4_uid = sock_net_uid(net, NULL); | ||
| 1879 | err = fib_lookup(net, &fl4, &res, 0); | 1880 | err = fib_lookup(net, &fl4, &res, 0); |
| 1880 | if (err != 0) { | 1881 | if (err != 0) { |
| 1881 | if (!IN_DEV_FORWARD(in_dev)) | 1882 | if (!IN_DEV_FORWARD(in_dev)) |