From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Guillaume Nault <gnault@redhat.com>,
Jakub Kicinski <kuba@kernel.org>,
Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Subject: [PATCH 4.19 19/58] xfrm: Dont accidentally set RTO_ONLINK in decode_session4()
Date: Mon, 21 Feb 2022 09:49:12 +0100 [thread overview]
Message-ID: <20220221084912.507636200@linuxfoundation.org> (raw)
In-Reply-To: <20220221084911.895146879@linuxfoundation.org>
From: Guillaume Nault <gnault@redhat.com>
commit 23e7b1bfed61e301853b5e35472820d919498278 upstream.
Similar to commit 94e2238969e8 ("xfrm4: strip ECN bits from tos field"),
clear the ECN bits from iph->tos when setting ->flowi4_tos.
This ensures that the last bit of ->flowi4_tos is cleared, so
ip_route_output_key_hash() isn't going to restrict the scope of the
route lookup.
Use ~INET_ECN_MASK instead of IPTOS_RT_MASK, because we have no reason
to clear the high order bits.
Found by code inspection, compile tested only.
Fixes: 4da3089f2b58 ("[IPSEC]: Use TOS when doing tunnel lookups")
Signed-off-by: Guillaume Nault <gnault@redhat.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
[sudip: manually backport to previous location]
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/ipv4/xfrm4_policy.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -17,6 +17,7 @@
#include <net/xfrm.h>
#include <net/ip.h>
#include <net/l3mdev.h>
+#include <net/inet_ecn.h>
static struct dst_entry *__xfrm4_dst_lookup(struct net *net, struct flowi4 *fl4,
int tos, int oif,
@@ -126,7 +127,7 @@ _decode_session4(struct sk_buff *skb, st
fl4->flowi4_proto = iph->protocol;
fl4->daddr = reverse ? iph->saddr : iph->daddr;
fl4->saddr = reverse ? iph->daddr : iph->saddr;
- fl4->flowi4_tos = iph->tos;
+ fl4->flowi4_tos = iph->tos & ~INET_ECN_MASK;
if (!ip_is_fragment(iph)) {
switch (iph->protocol) {
next prev parent reply other threads:[~2022-02-21 9:04 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-21 8:48 [PATCH 4.19 00/58] 4.19.231-rc1 review Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 4.19 01/58] Makefile.extrawarn: Move -Wunaligned-access to W=1 Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 4.19 02/58] net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 4.19 03/58] serial: parisc: GSC: fix build when IOSAPIC is not set Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 4.19 04/58] parisc: Fix data TLB miss in sba_unmap_sg Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 4.19 05/58] parisc: Fix sglist access in ccio-dma.c Greg Kroah-Hartman
2022-02-21 8:48 ` [PATCH 4.19 06/58] btrfs: send: in case of IO error log it Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 07/58] net: ieee802154: at86rf230: Stop leaking skbs Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 08/58] selftests/zram: Skip max_comp_streams interface on newer kernel Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 09/58] selftests/zram01.sh: Fix compression ratio calculation Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 10/58] selftests/zram: Adapt the situation that /dev/zram0 is being used Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 11/58] ax25: improve the incomplete fix to avoid UAF and NPD bugs Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 12/58] vfs: make freeze_super abort when sync_filesystem returns error Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 13/58] quota: make dquot_quota_sync return errors from ->sync_fs Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 14/58] nvme: fix a possible use-after-free in controller reset during load Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 15/58] nvme-rdma: fix possible use-after-free in transport error_recovery work Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 16/58] Revert "module, async: async_synchronize_full() on module init iff async is used" Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 17/58] iwlwifi: fix use-after-free Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 18/58] drm/radeon: Fix backlight control on iMac 12,1 Greg Kroah-Hartman
2022-02-21 8:49 ` Greg Kroah-Hartman [this message]
2022-02-21 8:49 ` [PATCH 4.19 20/58] taskstats: Cleanup the use of task->exit_code Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 21/58] mmc: block: fix read single on recovery logic Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 22/58] vsock: remove vsock from connected table when connect is interrupted by a signal Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 23/58] iwlwifi: pcie: fix locking when "HW not ready" Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 24/58] iwlwifi: pcie: gen2: " Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 25/58] net: dsa: lan9303: fix reset on probe Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 26/58] net: ieee802154: ca8210: Fix lifs/sifs periods Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 27/58] ping: fix the dif and sdif check in ping_lookup Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 28/58] drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 29/58] bonding: fix data-races around agg_select_timer Greg Kroah-Hartman
2022-02-22 15:35 ` Pavel Machek
2022-02-22 16:27 ` Eric Dumazet
2022-02-21 8:49 ` [PATCH 4.19 30/58] libsubcmd: Fix use-after-free for realloc(..., 0) Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 31/58] ALSA: hda: Fix regression on forced probe mask option Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 32/58] ALSA: hda: Fix missing codec probe on Shenker Dock 15 Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 33/58] ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 34/58] ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 35/58] powerpc/lib/sstep: fix ptesync build error Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 36/58] ext4: check for out-of-order index extents in ext4_valid_extent_entries() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 37/58] block/wbt: fix negative inflight counter when remove scsi device Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 38/58] NFS: LOOKUP_DIRECTORY is also ok with symlinks Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 39/58] NFS: Do not report writeback errors in nfs_getattr() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 40/58] mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 41/58] EDAC: Fix calculation of returned address and next offset in edac_align_ptr() Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 42/58] net: sched: limit TC_ACT_REPEAT loops Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 43/58] dmaengine: sh: rcar-dmac: Check for error num after setting mask Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 44/58] i2c: brcmstb: fix support for DSL and CM variants Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 45/58] mtd: rawnand: brcmnand: Refactored code to introduce helper functions Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 46/58] mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 47/58] Drivers: hv: vmbus: Expose monitor data only when monitor pages are used Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 48/58] Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 49/58] KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW Greg Kroah-Hartman
2022-02-22 15:37 ` Pavel Machek
2022-02-21 8:49 ` [PATCH 4.19 50/58] ARM: OMAP2+: hwmod: Add of_node_put() before break Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 51/58] irqchip/sifive-plic: Add missing thead,c900-plic match string Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 52/58] netfilter: conntrack: dont refresh sctp entries in closed state Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 53/58] arm64: dts: meson-gx: add ATF BL32 reserved-memory region Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 54/58] kconfig: let shell return enough output for deep path names Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 55/58] ata: libata-core: Disable TRIM on M88V29 Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 56/58] tracing: Fix tp_printk option related with tp_printk_stop_on_boot Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 57/58] net: usb: qmi_wwan: Add support for Dell DW5829e Greg Kroah-Hartman
2022-02-21 8:49 ` [PATCH 4.19 58/58] net: macb: Align the dma and coherent dma masks Greg Kroah-Hartman
2022-02-21 12:17 ` [PATCH 4.19 00/58] 4.19.231-rc1 review Samuel Zou
2022-02-21 12:23 ` Pavel Machek
2022-02-21 14:16 ` Greg Kroah-Hartman
2022-02-21 17:44 ` Pavel Machek
2022-02-21 20:32 ` Slade Watkins
2022-02-21 21:18 ` Guenter Roeck
2022-02-21 21:38 ` Shuah Khan
2022-02-22 10:09 ` Naresh Kamboju
2022-02-22 12:02 ` Sudip Mukherjee
2022-02-22 14:34 ` Jeffrin Thalakkottoor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220221084912.507636200@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=gnault@redhat.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=sudipm.mukherjee@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox