tcp: fix possible sk_priority leak in tcp_v4_send_reset()

author Eric Dumazet <edumazet@google.com>

Thu, 11 May 2023 11:47:49 +0000 (11:47 +0000)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Wed, 24 May 2023 16:36:50 +0000 (17:36 +0100)
author Eric Dumazet <edumazet@google.com>
Thu, 11 May 2023 11:47:49 +0000 (11:47 +0000)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 24 May 2023 16:36:50 +0000 (17:36 +0100)
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c

index 63472c9b39ae46a778cfd47d86a431c254876723..db05ab4287e30c776229a8487b5d2cf1fd89a8c6 100644 (file)
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -820,6 +820,9 @@ static void tcp_v4_send_reset(const struct sock *sk, struct sk_buff *skb)
                                    inet_twsk(sk)->tw_priority : sk->sk_priority;
                 transmit_time = tcp_transmit_time(sk);
                 xfrm_sk_clone_policy(ctl_sk, sk);
+       } else {
+               ctl_sk->sk_mark = 0;
+               ctl_sk->sk_priority = 0;
         }
         ip_send_unicast_reply(ctl_sk,
                               skb, &TCP_SKB_CB(skb)->header.h4.opt,
@@ -827,7 +830,6 @@ static void tcp_v4_send_reset(const struct sock *sk, struct sk_buff *skb)
                               &arg, arg.iov[0].iov_len,
                               transmit_time);
  
-       ctl_sk->sk_mark = 0;
         xfrm_sk_free_policy(ctl_sk);
         sock_net_set(ctl_sk, &init_net);
         __TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
@@ -926,7 +928,6 @@ static void tcp_v4_send_ack(const struct sock *sk,
                               &arg, arg.iov[0].iov_len,
                               transmit_time);
  
-       ctl_sk->sk_mark = 0;
         sock_net_set(ctl_sk, &init_net);
         __TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
         local_bh_enable();
author	Eric Dumazet <edumazet@google.com>
	Thu, 11 May 2023 11:47:49 +0000 (11:47 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Wed, 24 May 2023 16:36:50 +0000 (17:36 +0100)