Received: by 2002:a05:6902:102b:0:0:0:0 with SMTP id x11csp998818ybt; Fri, 19 Jun 2020 21:06:07 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwu2cbi9HAyhjsq5gKC71ttl3Wgz1cO5LLa7MZQUD2xWg2hkH7J04AN8LcM2NH1LLydpfvF X-Received: by 2002:a05:6402:54d:: with SMTP id i13mr6468272edx.330.1592625966906; Fri, 19 Jun 2020 21:06:06 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1592625966; cv=none; d=google.com; s=arc-20160816; b=X77SBk/W8s43MZWugQ1gEK0wKXur+3og8aW6W/1z6u/x4s+tHmURq3pGc2zXdsJCLu RQ+C7phedyceadqhiQI0gbXVhor4r9E3ImhwKUSTBwUnh/mNzxT8ahpkQp6NdiGfIhI4 /jhnPZAETCQDbkWJrXdH2rJaswiNmShb0ltzGrDu7EgSJYKray5tpkBHquUQYdwj4W3n QtHnpGdZXsQUSAfmyuYKUw4i9sDlrF7dqZlm4y672DI144dGjJw2NPvGBlHZjY5Zr7AD R3TEMFIf900kNa2wSjclCSpcUdlNT51TPmsQs518eceRVklqjG7GOtMKbCzLCbc/Ki5L UyqA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=AI2f8cXNZI6Z4RGbxlmLANHreBSC0YjhoGyXgsxF63I=; b=O6oH+fnlAWDCr/UXZsv7hJiQa5nLEAqs6uMolLm9BHAZiEQ4G39Tt5uf3SAnsQKT4I SK8EGJI02iTRXGrYyhnCsUB2Gl+HRLzBIr5bQNBqPQ9sSeAiEsg0GeNC26/ibK4jb2lO pVvUqS/+fva+cPFPc2FfryYySdu0ZQUBduNfwZVvy1PFi5KcnKEU6IRkORE0uEUqObUH yeU6ns/MOgIhth5Ik5/brsnlZ35C5ekKueeujMlw3A1o5ZpsQrMG4L6RrKD2JICuhqOe b1Ui2JPHrIx2vRdZ1P61c3DS3sU/Sh+0lVBjiozU1DMc9N/BO0ZYps1/gk98sr88Nt+/ kFvQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=IXH5KRov; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id n24si4891934ejd.648.2020.06.19.21.05.44; Fri, 19 Jun 2020 21:06:06 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=IXH5KRov; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388634AbgFSQl2 (ORCPT + 99 others); Fri, 19 Jun 2020 12:41:28 -0400 Received: from mail.kernel.org ([198.145.29.99]:36516 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388653AbgFSOpH (ORCPT ); Fri, 19 Jun 2020 10:45:07 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 94E0620A8B; Fri, 19 Jun 2020 14:45:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1592577907; bh=8K0DiG5m3/Kac9wy/hVtWgjJWdFjzTJoSPEQSyGP45k=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IXH5KRovbWMORMjiudY+ec7fIAnFmLCsiJLea3edysyPKSgHHKOO5dpCyUokckIcq Du81kK7h2NYYXh1UGlBBXK/miu5VgAmP9nNGY9loYdudQWls35DhrLCiGQFmcfpdbp 3uqnw3CH5tLyWxBwvjS0JRkLEPP1gmQjlTfZ1NZ8= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Hangbin Liu , "David S. Miller" Subject: [PATCH 4.14 001/190] ipv6: fix IPV6_ADDRFORM operation logic Date: Fri, 19 Jun 2020 16:30:46 +0200 Message-Id: <20200619141633.537399378@linuxfoundation.org> X-Mailer: git-send-email 2.27.0 In-Reply-To: <20200619141633.446429600@linuxfoundation.org> References: <20200619141633.446429600@linuxfoundation.org> User-Agent: quilt/0.66 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Hangbin Liu [ Upstream commit 79a1f0ccdbb4ad700590f61b00525b390cb53905 ] Socket option IPV6_ADDRFORM supports UDP/UDPLITE and TCP at present. Previously the checking logic looks like: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; else if (sk->sk_protocol != IPPROTO_TCP) break; After commit b6f6118901d1 ("ipv6: restrict IPV6_ADDRFORM operation"), TCP was blocked as the logic changed to: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; else if (sk->sk_protocol == IPPROTO_TCP) do_some_check; break; else break; Then after commit 82c9ae440857 ("ipv6: fix restrict IPV6_ADDRFORM operation") UDP/UDPLITE were blocked as the logic changed to: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; if (sk->sk_protocol == IPPROTO_TCP) do_some_check; if (sk->sk_protocol != IPPROTO_TCP) break; Fix it by using Eric's code and simply remove the break in TCP check, which looks like: if (sk->sk_protocol == IPPROTO_UDP || sk->sk_protocol == IPPROTO_UDPLITE) do_some_check; else if (sk->sk_protocol == IPPROTO_TCP) do_some_check; else break; Fixes: 82c9ae440857 ("ipv6: fix restrict IPV6_ADDRFORM operation") Signed-off-by: Hangbin Liu Signed-off-by: David S. Miller Signed-off-by: Greg Kroah-Hartman --- net/ipv6/ipv6_sockglue.c | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) --- a/net/ipv6/ipv6_sockglue.c +++ b/net/ipv6/ipv6_sockglue.c @@ -185,14 +185,15 @@ static int do_ipv6_setsockopt(struct soc retv = -EBUSY; break; } - } - if (sk->sk_protocol == IPPROTO_TCP && - sk->sk_prot != &tcpv6_prot) { - retv = -EBUSY; + } else if (sk->sk_protocol == IPPROTO_TCP) { + if (sk->sk_prot != &tcpv6_prot) { + retv = -EBUSY; + break; + } + } else { break; } - if (sk->sk_protocol != IPPROTO_TCP) - break; + if (sk->sk_state != TCP_ESTABLISHED) { retv = -ENOTCONN; break;