ipv4: add missing initialization for flowi4_uid

[ Upstream commit 8bcfd0925ef15f072ba1e7bee2c25e9e1b5fd6ca ]

Avoid matching of random stack value for uid when rules
are looked up on input route or when RP filter is used.
Problem should affect only setups that use ip rules with
uid range.

Fixes: 622ec2c9d524 ("net: core: add UID to flows, rules, and routes")
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/net/ipv4/fib_frontend.c b/net/ipv4/fib_frontend.c
index 7db2ad2e82d3193ff1748bf393f536ba3a5a3eb9..b39a791f6756fc831857774b984febc71e37fae3 100644 (file)
--- a/net/ipv4/fib_frontend.c
+++ b/net/ipv4/fib_frontend.c
@@ -319,7 +319,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
        int ret, no_addr;
        struct fib_result res;
        struct flowi4 fl4;
-       struct net *net;
+       struct net *net = dev_net(dev);
        bool dev_match;
 
        fl4.flowi4_oif = 0;
@@ -332,6 +332,7 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
        fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
        fl4.flowi4_tun_key.tun_id = 0;
        fl4.flowi4_flags = 0;
+       fl4.flowi4_uid = sock_net_uid(net, NULL);
 
        no_addr = idev->ifa_list == NULL;
 
@@ -339,13 +340,12 @@ static int __fib_validate_source(struct sk_buff *skb, __be32 src, __be32 dst,
 
        trace_fib_validate_source(dev, &fl4);
 
-       net = dev_net(dev);
        if (fib_lookup(net, &fl4, &res, 0))
                goto last_resort;
        if (res.type != RTN_UNICAST &&
            (res.type != RTN_LOCAL || !IN_DEV_ACCEPT_LOCAL(idev)))
                goto e_inval;
-       if (!rpf && !fib_num_tclassid_users(dev_net(dev)) &&
+       if (!rpf && !fib_num_tclassid_users(net) &&
            (dev->ifindex != oif || !IN_DEV_TX_REDIRECTS(idev)))
                goto last_resort;
        fib_combine_itag(itag, &res);

diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 709ffe67d1de1609be7d3e4a98d9314b01e5f265..25fc88cd58cfb586e9986f5ade9828b2cf14e6cd 100644 (file)
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -1858,6 +1858,7 @@ static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
        fl4.flowi4_flags = 0;
        fl4.daddr = daddr;
        fl4.saddr = saddr;
+       fl4.flowi4_uid = sock_net_uid(net, NULL);
        err = fib_lookup(net, &fl4, &res, 0);
        if (err != 0) {
                if (!IN_DEV_FORWARD(in_dev))