Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp994889ybt; Fri, 19 Jun 2020 20:58:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxCZD+qjLfSJ2It8U2cpqedEHnNBXUQH4+7hXZW90EBZlNa2ui7CZal0jUyasia7/oAgLuH X-Received: by 2002:a05:6402:221b:: with SMTP id cq27mr6235233edb.302.1592625490271; Fri, 19 Jun 2020 20:58:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592625490; cv=none; d=google.com; s=arc-20160816; b=bwZ+ZFCSin2THttkoJ6AfjSaGqxgjawMSb9Q6vedY18Pnj+K46lgFUBZviJ6WXp7Y8 PcRerL5SH3mrIiRxKyyDRLs9eptNA0j2n+bBsR0yLV8MkGNNNckWNrMho6KFxyzF+2Pi nj73627NGx80ZrhpR78V1TRka8YtLoKT+kgduF/8zWGrT/rxWWf8tMraNsEOGMNe8Ozc BzHNwmhWYCbmoMqSRzyazZf7XZ88pBBQRP2BHE/2asRiHTlkIivUMOqyMWaZLPLKIWSH TsBOOxu+7EZ1EqgIFLGjx4jRn2gRiK2oy3kjZW6qsY7ZetSmK5FdIRkaCFv7ddgqn5BB TgTw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=AI2f8cXNZI6Z4RGbxlmLANHreBSC0YjhoGyXgsxF63I=; b=zptKoEMEXN8pyJ+6g/8OibHb7FllRTm1lvaSkro7/RCIVA2apOAKP08ylzRcKxA2Kz 9RkG+xSZPJyugH5FMZH3gLzMoRn2aAOriU9Zhr6Bkawc8xAAi4WGXlR2/zxS53ZkshOs uazeYAVaKqcGEQKanEJ+PwBju1DTPCHKOagfdlQC5xsYug7+oTpYtu9tXl9tVrpp6eg+ OMelXM4hGCtaR5DG5m/7BttLzVpWNNTq+bAXzTy0wrItXddFSn4K9UpSzILJ7U4TCrs8 lp/vg7yWQ1BTz3YDQwW7FvNKfk/vUTcitgLJk1TMQ//qxolO+WBR5PLJsk0G4IWB+L3f 1a6A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=WmDS5LBF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z3si4185476ejx.584.2020.06.19.20.57.48; Fri, 19 Jun 2020 20:58:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=WmDS5LBF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2395025AbgFSQaq (ORCPT + 99 others); Fri, 19 Jun 2020 12:30:46 -0400 Received: from mail.kernel.org ([198.145.29.99]:47708 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389689AbgFSOxW (ORCPT ); Fri, 19 Jun 2020 10:53:22 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 0BA00218AC; Fri, 19 Jun 2020 14:53:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1592578402; bh=8K0DiG5m3/Kac9wy/hVtWgjJWdFjzTJoSPEQSyGP45k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=WmDS5LBFjA0KlJuuKzj2kx/s01dV8yg5p8aMWsSitg1TZw5zn1c+EXawlG3OfQjVQ qhC6AJ5vq2p/2nQ/Ce3l4s/4R3donM9O+wax1wc3a7GV/n303KoO6Yw8ilDfK5/g32 8p22gUwo6YUL9mIboi2J2dCFSQnWjhMNMJxqDZ4A= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Hangbin Liu , "David S. Miller" Subject: [PATCH 4.19 001/267] ipv6: fix IPV6_ADDRFORM operation logic Date: Fri, 19 Jun 2020 16:29:46 +0200 Message-Id: <20200619141648.919524762@linuxfoundation.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619141648.840376470@linuxfoundation.org> References: <20200619141648.840376470@linuxfoundation.org> User-Agent: quilt/0.66 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Hangbin Liu [ Upstream commit 79a1f0ccdbb4ad700590f61b00525b390cb53905 ] Socket option IPV6_ADDRFORM supports UDP/UDPLITE and TCP at present. Previously the checking logic looks like: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; else if (sk->sk_protocol != IPPROTO_TCP) break; After commit b6f6118901d1 ("ipv6: restrict IPV6_ADDRFORM operation"), TCP was blocked as the logic changed to: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; else if (sk->sk_protocol == IPPROTO_TCP) do_some_check; break; else break; Then after commit 82c9ae440857 ("ipv6: fix restrict IPV6_ADDRFORM operation") UDP/UDPLITE were blocked as the logic changed to: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; if (sk->sk_protocol == IPPROTO_TCP) do_some_check; if (sk->sk_protocol != IPPROTO_TCP) break; Fix it by using Eric's code and simply remove the break in TCP check, which looks like: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; else if (sk->sk_protocol == IPPROTO_TCP) do_some_check; else break; Fixes: 82c9ae440857 ("ipv6: fix restrict IPV6_ADDRFORM operation") Signed-off-by: Hangbin Liu Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv6/ipv6_sockglue.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -185,14 +185,15 @@ static int do_ipv6_setsockopt(struct soc retv = -EBUSY; break; } - } - if (sk->sk_protocol == IPPROTO_TCP && - sk->sk_prot != &tcpv6_prot) { - retv = -EBUSY; + } else if (sk->sk_protocol == IPPROTO_TCP) { + if (sk->sk_prot != &tcpv6_prot) { + retv = -EBUSY; + break; + } + } else { break; } - if (sk->sk_protocol != IPPROTO_TCP) - break; + if (sk->sk_state != TCP_ESTABLISHED) { retv = -ENOTCONN; break;