• Paolo Abeni's avatar
    udp: preserve head state for IP_CMSG_PASSSEC · dce4551c
    Paolo Abeni authored
    Paul Moore reported a SELinux/IP_PASSSEC regression
    caused by missing skb->sp at recvmsg() time. We need to
    preserve the skb head state to process the IP_CMSG_PASSSEC
    cmsg.
    
    With this commit we avoid releasing the skb head state in the
    BH even if a secpath is attached to the current skb, and stores
    the skb status (with/without head states) in the scratch area,
    so that we can access it at skb deallocation time, without
    incurring in cache-miss penalties.
    
    This also avoids misusing the skb CB for ipv6 packets,
    as introduced by the commit 0ddf3fb2 ("udp: preserve
    skb->dst if required for IP options processing").
    
    Clean a bit the scratch area helpers implementation, to
    reduce the code differences between 32 and 64 bits build.
    Reported-by: default avatarPaul Moore <paul@paul-moore.com>
    Fixes: 0a463c78 ("udp: avoid a cache miss on dequeue")
    Fixes: 0ddf3fb2 ("udp: preserve skb->dst if required for IP options processing")
    Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
    Tested-by: default avatarPaul Moore <paul@paul-moore.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    dce4551c
udp.h 12.6 KB