diff options
| author | Richard Haines <richard_c_haines@btinternet.com> | 2017-11-13 20:54:22 +0000 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-05-30 07:50:51 +0200 |
| commit | f806ed5cfac6bbd23bd223b4b6e3d8dd1f71838a (patch) | |
| tree | 9b9eaca8ab5892ee644e9369af20b502d197671e /net/netlabel | |
| parent | 66380cb5b98fd7ec5a4e774f755156d8d88fc33b (diff) | |
| download | linux-stable-f806ed5cfac6bbd23bd223b4b6e3d8dd1f71838a.tar.gz linux-stable-f806ed5cfac6bbd23bd223b4b6e3d8dd1f71838a.tar.bz2 linux-stable-f806ed5cfac6bbd23bd223b4b6e3d8dd1f71838a.zip | |
netlabel: If PF_INET6, check sk_buff ip header version
[ Upstream commit 213d7f94775322ba44e0bbb55ec6946e9de88cea ]
When resolving a fallback label, check the sk_buff version as it
is possible (e.g. SCTP) to have family = PF_INET6 while
receiving ip_hdr(skb)->version = 4.
Signed-off-by: Richard Haines <richard_c_haines@btinternet.com>
Acked-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'net/netlabel')
| -rw-r--r-- | net/netlabel/netlabel_unlabeled.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 4528cff9138b..a123d0dc1ef9 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1469,6 +1469,16 @@ int netlbl_unlabel_getattr(const struct sk_buff *skb, iface = rcu_dereference(netlbl_unlhsh_def); if (iface == NULL || !iface->valid) goto unlabel_getattr_nolabel; + +#if IS_ENABLED(CONFIG_IPV6) + /* When resolving a fallback label, check the sk_buff version as + * it is possible (e.g. SCTP) to have family = PF_INET6 while + * receiving ip_hdr(skb)->version = 4. + */ + if (family == PF_INET6 && ip_hdr(skb)->version == 4) + family = PF_INET; +#endif /* IPv6 */ + switch (family) { case PF_INET: { struct iphdr *hdr4; |