mirror of https://github.com/OpenIPC/firmware.git
89 lines
2.8 KiB
Diff
89 lines
2.8 KiB
Diff
diff -drupN a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
|
|
--- a/net/ipv4/tcp_ipv4.c 2018-08-06 17:23:04.000000000 +0300
|
|
+++ b/net/ipv4/tcp_ipv4.c 2022-06-12 05:28:14.000000000 +0300
|
|
@@ -232,6 +232,7 @@ int tcp_v4_connect(struct sock *sk, stru
|
|
/* OK, now commit destination to socket. */
|
|
sk->sk_gso_type = SKB_GSO_TCPV4;
|
|
sk_setup_caps(sk, &rt->dst);
|
|
+ rt = NULL;
|
|
|
|
if (!tp->write_seq && likely(!tp->repair))
|
|
tp->write_seq = secure_tcp_sequence_number(inet->inet_saddr,
|
|
@@ -241,9 +242,13 @@ int tcp_v4_connect(struct sock *sk, stru
|
|
|
|
inet->inet_id = tp->write_seq ^ jiffies;
|
|
|
|
+ if (tcp_fastopen_defer_connect(sk, &err))
|
|
+ return err;
|
|
+ if (err)
|
|
+ goto failure;
|
|
+
|
|
err = tcp_connect(sk);
|
|
|
|
- rt = NULL;
|
|
if (err)
|
|
goto failure;
|
|
|
|
@@ -695,6 +700,7 @@ static void tcp_v4_send_reset(const stru
|
|
offsetof(struct inet_timewait_sock, tw_bound_dev_if));
|
|
|
|
arg.tos = ip_hdr(skb)->tos;
|
|
+ arg.uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
|
|
local_bh_disable();
|
|
ip_send_unicast_reply(*this_cpu_ptr(net->ipv4.tcp_sk),
|
|
skb, &TCP_SKB_CB(skb)->header.h4.opt,
|
|
@@ -715,7 +721,7 @@ out:
|
|
outside socket context is ugly, certainly. What can I do?
|
|
*/
|
|
|
|
-static void tcp_v4_send_ack(struct net *net,
|
|
+static void tcp_v4_send_ack(const struct sock *sk,
|
|
struct sk_buff *skb, u32 seq, u32 ack,
|
|
u32 win, u32 tsval, u32 tsecr, int oif,
|
|
struct tcp_md5sig_key *key,
|
|
@@ -730,6 +736,7 @@ static void tcp_v4_send_ack(struct net *
|
|
#endif
|
|
];
|
|
} rep;
|
|
+ struct net *net = sock_net(sk);
|
|
struct ip_reply_arg arg;
|
|
|
|
memset(&rep.th, 0, sizeof(struct tcphdr));
|
|
@@ -779,6 +786,7 @@ static void tcp_v4_send_ack(struct net *
|
|
if (oif)
|
|
arg.bound_dev_if = oif;
|
|
arg.tos = tos;
|
|
+ arg.uid = sock_net_uid(net, sk_fullsock(sk) ? sk : NULL);
|
|
local_bh_disable();
|
|
ip_send_unicast_reply(*this_cpu_ptr(net->ipv4.tcp_sk),
|
|
skb, &TCP_SKB_CB(skb)->header.h4.opt,
|
|
@@ -794,7 +802,7 @@ static void tcp_v4_timewait_ack(struct s
|
|
struct inet_timewait_sock *tw = inet_twsk(sk);
|
|
struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
|
|
|
|
- tcp_v4_send_ack(sock_net(sk), skb,
|
|
+ tcp_v4_send_ack(sk, skb,
|
|
tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
|
|
tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
|
|
tcp_time_stamp + tcptw->tw_ts_offset,
|
|
@@ -822,7 +830,7 @@ static void tcp_v4_reqsk_send_ack(const
|
|
* exception of <SYN> segments, MUST be right-shifted by
|
|
* Rcv.Wind.Shift bits:
|
|
*/
|
|
- tcp_v4_send_ack(sock_net(sk), skb, seq,
|
|
+ tcp_v4_send_ack(sk, skb, seq,
|
|
tcp_rsk(req)->rcv_nxt,
|
|
req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
|
|
tcp_time_stamp,
|
|
@@ -1674,7 +1682,9 @@ process:
|
|
*/
|
|
sock_hold(sk);
|
|
refcounted = true;
|
|
- nsk = tcp_check_req(sk, skb, req, false);
|
|
+ nsk = NULL;
|
|
+ if (!tcp_filter(sk, skb))
|
|
+ nsk = tcp_check_req(sk, skb, req, false);
|
|
if (!nsk) {
|
|
reqsk_put(req);
|
|
goto discard_and_relse;
|