From patchwork Mon Nov 13 20:54:22 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Haines X-Patchwork-Id: 837547 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=btinternet.com header.i=@btinternet.com header.b="hXFpeXbU"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3ybNF048VQz9s8J for ; Tue, 14 Nov 2017 07:55:00 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755518AbdKMUy6 (ORCPT ); Mon, 13 Nov 2017 15:54:58 -0500 Received: from rgout0105.bt.lon5.cpcloud.co.uk ([65.20.0.125]:38456 "EHLO rgout01.bt.lon5.cpcloud.co.uk" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1755170AbdKMUy5 (ORCPT ); Mon, 13 Nov 2017 15:54:57 -0500 X-OWM-Source-IP: 86.144.146.83 (GB) X-OWM-Env-Sender: richard_c_haines@btinternet.com X-RazorGate-Suspect: true Received: from localhost.localdomain (86.144.146.83) by rgout01.bt.lon5.cpcloud.co.uk (9.0.019.13-1) (authenticated as richard_c_haines@btinternet.com) id 597450640BD10C4E; Mon, 13 Nov 2017 20:54:30 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=btinternet.com; s=btcpcloud; t=1510606497; bh=+U55e05DNE0i2XYViTO9FltZ2gKLQGJgI55JWCODuRY=; h=From:To:Cc:Subject:Date:Message-Id:X-Mailer; b=hXFpeXbUr1ecLPgqYZNKKsi62iAxHdCzAH/qGobuvFORRuQNvN5nnQ5G5/G537K+wPPEyfZ/Id7obv5Z2C15wkKVxr7DCMvfmkfnGk7BAEdhYIEcgjfZIHk24zCxWQfdKkvdCcmBLjb4U6fH0BOiKEnjxJcGqRjj8mvPqvIH5DI= From: Richard Haines To: paul@paul-moore.com, selinux@tycho.nsa.gov, netdev@vger.kernel.org Cc: Richard Haines Subject: [PATCH] netlabel: If PF_INET6, check sk_buff ip header version Date: Mon, 13 Nov 2017 20:54:22 +0000 Message-Id: <20171113205422.2918-1-richard_c_haines@btinternet.com> X-Mailer: git-send-email 2.13.6 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org When resolving a fallback label, check the sk_buff version as it is possible (e.g. SCTP) to have family = PF_INET6 while receiving ip_hdr(skb)->version = 4. Signed-off-by: Richard Haines Acked-by: Paul Moore --- net/netlabel/netlabel_unlabeled.c | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/net/netlabel/netlabel_unlabeled.c b/net/netlabel/netlabel_unlabeled.c index 22dc1b9..c070dfc 100644 --- a/net/netlabel/netlabel_unlabeled.c +++ b/net/netlabel/netlabel_unlabeled.c @@ -1472,6 +1472,16 @@ int netlbl_unlabel_getattr(const struct sk_buff *skb, iface = rcu_dereference(netlbl_unlhsh_def); if (iface == NULL || !iface->valid) goto unlabel_getattr_nolabel; + +#if IS_ENABLED(CONFIG_IPV6) + /* When resolving a fallback label, check the sk_buff version as + * it is possible (e.g. SCTP) to have family = PF_INET6 while + * receiving ip_hdr(skb)->version = 4. + */ + if (family == PF_INET6 && ip_hdr(skb)->version == 4) + family = PF_INET; +#endif /* IPv6 */ + switch (family) { case PF_INET: { struct iphdr *hdr4;