diff options
Diffstat (limited to 'net')
| -rw-r--r-- | net/dccp/ipv4.c | 3 | ||||
| -rw-r--r-- | net/dccp/ipv6.c | 7 | ||||
| -rw-r--r-- | net/ipv4/inet_connection_sock.c | 4 | ||||
| -rw-r--r-- | net/ipv4/syncookies.c | 6 | ||||
| -rw-r--r-- | net/ipv4/tcp_ipv4.c | 3 | ||||
| -rw-r--r-- | net/ipv6/tcp_ipv6.c | 6 |
6 files changed, 23 insertions, 6 deletions
diff --git a/net/dccp/ipv4.c b/net/dccp/ipv4.c index 386498053b1c..171d363876ee 100644 --- a/net/dccp/ipv4.c +++ b/net/dccp/ipv4.c | |||
| @@ -501,6 +501,9 @@ int dccp_v4_conn_request(struct sock *sk, struct sk_buff *skb) | |||
| 501 | 501 | ||
| 502 | dccp_openreq_init(req, &dp, skb); | 502 | dccp_openreq_init(req, &dp, skb); |
| 503 | 503 | ||
| 504 | if (security_inet_conn_request(sk, skb, req)) | ||
| 505 | goto drop_and_free; | ||
| 506 | |||
| 504 | ireq = inet_rsk(req); | 507 | ireq = inet_rsk(req); |
| 505 | ireq->loc_addr = daddr; | 508 | ireq->loc_addr = daddr; |
| 506 | ireq->rmt_addr = saddr; | 509 | ireq->rmt_addr = saddr; |
diff --git a/net/dccp/ipv6.c b/net/dccp/ipv6.c index 53d255c01431..231bc7c7e749 100644 --- a/net/dccp/ipv6.c +++ b/net/dccp/ipv6.c | |||
| @@ -424,7 +424,7 @@ static int dccp_v6_send_response(struct sock *sk, struct request_sock *req, | |||
| 424 | fl.oif = ireq6->iif; | 424 | fl.oif = ireq6->iif; |
| 425 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; | 425 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; |
| 426 | fl.fl_ip_sport = inet_sk(sk)->sport; | 426 | fl.fl_ip_sport = inet_sk(sk)->sport; |
| 427 | security_sk_classify_flow(sk, &fl); | 427 | security_req_classify_flow(req, &fl); |
| 428 | 428 | ||
| 429 | if (dst == NULL) { | 429 | if (dst == NULL) { |
| 430 | opt = np->opt; | 430 | opt = np->opt; |
| @@ -626,7 +626,7 @@ static void dccp_v6_reqsk_send_ack(struct sk_buff *rxskb, | |||
| 626 | fl.oif = inet6_iif(rxskb); | 626 | fl.oif = inet6_iif(rxskb); |
| 627 | fl.fl_ip_dport = dh->dccph_dport; | 627 | fl.fl_ip_dport = dh->dccph_dport; |
| 628 | fl.fl_ip_sport = dh->dccph_sport; | 628 | fl.fl_ip_sport = dh->dccph_sport; |
| 629 | security_skb_classify_flow(rxskb, &fl); | 629 | security_req_classify_flow(req, &fl); |
| 630 | 630 | ||
| 631 | if (!ip6_dst_lookup(NULL, &skb->dst, &fl)) { | 631 | if (!ip6_dst_lookup(NULL, &skb->dst, &fl)) { |
| 632 | if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) { | 632 | if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) { |
| @@ -709,6 +709,9 @@ static int dccp_v6_conn_request(struct sock *sk, struct sk_buff *skb) | |||
| 709 | 709 | ||
| 710 | dccp_openreq_init(req, &dp, skb); | 710 | dccp_openreq_init(req, &dp, skb); |
| 711 | 711 | ||
| 712 | if (security_inet_conn_request(sk, skb, req)) | ||
| 713 | goto drop_and_free; | ||
| 714 | |||
| 712 | ireq6 = inet6_rsk(req); | 715 | ireq6 = inet6_rsk(req); |
| 713 | ireq = inet_rsk(req); | 716 | ireq = inet_rsk(req); |
| 714 | ipv6_addr_copy(&ireq6->rmt_addr, &skb->nh.ipv6h->saddr); | 717 | ipv6_addr_copy(&ireq6->rmt_addr, &skb->nh.ipv6h->saddr); |
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c index 772b4eac78bc..07204391d083 100644 --- a/net/ipv4/inet_connection_sock.c +++ b/net/ipv4/inet_connection_sock.c | |||
| @@ -327,7 +327,7 @@ struct dst_entry* inet_csk_route_req(struct sock *sk, | |||
| 327 | { .sport = inet_sk(sk)->sport, | 327 | { .sport = inet_sk(sk)->sport, |
| 328 | .dport = ireq->rmt_port } } }; | 328 | .dport = ireq->rmt_port } } }; |
| 329 | 329 | ||
| 330 | security_sk_classify_flow(sk, &fl); | 330 | security_req_classify_flow(req, &fl); |
| 331 | if (ip_route_output_flow(&rt, &fl, sk, 0)) { | 331 | if (ip_route_output_flow(&rt, &fl, sk, 0)) { |
| 332 | IP_INC_STATS_BH(IPSTATS_MIB_OUTNOROUTES); | 332 | IP_INC_STATS_BH(IPSTATS_MIB_OUTNOROUTES); |
| 333 | return NULL; | 333 | return NULL; |
| @@ -510,6 +510,8 @@ struct sock *inet_csk_clone(struct sock *sk, const struct request_sock *req, | |||
| 510 | 510 | ||
| 511 | /* Deinitialize accept_queue to trap illegal accesses. */ | 511 | /* Deinitialize accept_queue to trap illegal accesses. */ |
| 512 | memset(&newicsk->icsk_accept_queue, 0, sizeof(newicsk->icsk_accept_queue)); | 512 | memset(&newicsk->icsk_accept_queue, 0, sizeof(newicsk->icsk_accept_queue)); |
| 513 | |||
| 514 | security_inet_csk_clone(newsk, req); | ||
| 513 | } | 515 | } |
| 514 | return newsk; | 516 | return newsk; |
| 515 | } | 517 | } |
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index 307dc3c0d635..661e0a4bca72 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c | |||
| @@ -214,6 +214,10 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
| 214 | if (!req) | 214 | if (!req) |
| 215 | goto out; | 215 | goto out; |
| 216 | 216 | ||
| 217 | if (security_inet_conn_request(sk, skb, req)) { | ||
| 218 | reqsk_free(req); | ||
| 219 | goto out; | ||
| 220 | } | ||
| 217 | ireq = inet_rsk(req); | 221 | ireq = inet_rsk(req); |
| 218 | treq = tcp_rsk(req); | 222 | treq = tcp_rsk(req); |
| 219 | treq->rcv_isn = htonl(skb->h.th->seq) - 1; | 223 | treq->rcv_isn = htonl(skb->h.th->seq) - 1; |
| @@ -259,7 +263,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
| 259 | .uli_u = { .ports = | 263 | .uli_u = { .ports = |
| 260 | { .sport = skb->h.th->dest, | 264 | { .sport = skb->h.th->dest, |
| 261 | .dport = skb->h.th->source } } }; | 265 | .dport = skb->h.th->source } } }; |
| 262 | security_sk_classify_flow(sk, &fl); | 266 | security_req_classify_flow(req, &fl); |
| 263 | if (ip_route_output_key(&rt, &fl)) { | 267 | if (ip_route_output_key(&rt, &fl)) { |
| 264 | reqsk_free(req); | 268 | reqsk_free(req); |
| 265 | goto out; | 269 | goto out; |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 4b04c3edd4a9..43f6740244f8 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c | |||
| @@ -798,6 +798,9 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) | |||
| 798 | 798 | ||
| 799 | tcp_openreq_init(req, &tmp_opt, skb); | 799 | tcp_openreq_init(req, &tmp_opt, skb); |
| 800 | 800 | ||
| 801 | if (security_inet_conn_request(sk, skb, req)) | ||
| 802 | goto drop_and_free; | ||
| 803 | |||
| 801 | ireq = inet_rsk(req); | 804 | ireq = inet_rsk(req); |
| 802 | ireq->loc_addr = daddr; | 805 | ireq->loc_addr = daddr; |
| 803 | ireq->rmt_addr = saddr; | 806 | ireq->rmt_addr = saddr; |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 46922e57e311..302786a11cd6 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
| @@ -470,7 +470,7 @@ static int tcp_v6_send_synack(struct sock *sk, struct request_sock *req, | |||
| 470 | fl.oif = treq->iif; | 470 | fl.oif = treq->iif; |
| 471 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; | 471 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; |
| 472 | fl.fl_ip_sport = inet_sk(sk)->sport; | 472 | fl.fl_ip_sport = inet_sk(sk)->sport; |
| 473 | security_sk_classify_flow(sk, &fl); | 473 | security_req_classify_flow(req, &fl); |
| 474 | 474 | ||
| 475 | if (dst == NULL) { | 475 | if (dst == NULL) { |
| 476 | opt = np->opt; | 476 | opt = np->opt; |
| @@ -826,6 +826,8 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) | |||
| 826 | 826 | ||
| 827 | tcp_rsk(req)->snt_isn = isn; | 827 | tcp_rsk(req)->snt_isn = isn; |
| 828 | 828 | ||
| 829 | security_inet_conn_request(sk, skb, req); | ||
| 830 | |||
| 829 | if (tcp_v6_send_synack(sk, req, NULL)) | 831 | if (tcp_v6_send_synack(sk, req, NULL)) |
| 830 | goto drop; | 832 | goto drop; |
| 831 | 833 | ||
| @@ -929,7 +931,7 @@ static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, | |||
| 929 | fl.oif = sk->sk_bound_dev_if; | 931 | fl.oif = sk->sk_bound_dev_if; |
| 930 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; | 932 | fl.fl_ip_dport = inet_rsk(req)->rmt_port; |
| 931 | fl.fl_ip_sport = inet_sk(sk)->sport; | 933 | fl.fl_ip_sport = inet_sk(sk)->sport; |
| 932 | security_sk_classify_flow(sk, &fl); | 934 | security_req_classify_flow(req, &fl); |
| 933 | 935 | ||
| 934 | if (ip6_dst_lookup(sk, &dst, &fl)) | 936 | if (ip6_dst_lookup(sk, &dst, &fl)) |
| 935 | goto out; | 937 | goto out; |