-----Original Message----- From: Iwashima, Kuniyuki [mailto:kuniyu@amazon.co.jp] Sent: Saturday, March 4, 2023 9:13 AM To: liujian (CE) liujian56@huawei.com Cc: Paolo Abeni pabeni@redhat.com; Greg KH gregkh@linuxfoundation.org; stable@vger.kernel.org; Network Development netdev@vger.kernel.org; Iwashima, Kuniyuki kuniyu@amazon.co.jp; Jakub Kicinski kuba@kernel.org Subject: Re: [Qestion] abort backport commit ("net/ulp: prevent ULP without clone op from entering the LISTEN status") in stable-4.19.x
From: Jakub Kicinski kuba@kernel.org Date: Fri, 3 Mar 2023 17:06:08 -0800
On Fri, 3 Mar 2023 10:52:15 +0000 liujian (CE) wrote:
When I was working on CVE-2023-0461, I found the below backport
commit in stable-4.19.x maybe something wrong?
755193f2523c ("net/ulp: prevent ULP without clone op from entering the LISTEN status")
- err = -EADDRINUSE in inet_csk_listen_start() was removed. But it is the error code when get_port() fails.
I think you're right, we should add setting the err back.
Yes, the same issue happened on 5.15.88, but I forgot to check other stable branches. I'll check them and post fixes later. https://lore.kernel.org/stable/20230220133555.140865685@linuxfoundation. org/
Thanks Iwashima.
- The change in __tcp_set_ulp() should not be discarded?
That part should be fine, all ULPs in 4.19 (i.e. TLS) should fail the ->init() call if sk_state != ESTABLISHED.
Got it. Thanks Jakub.