ipv6: invert flowlabel sharing check in process and user mode

commit 95c169251bf734aa555a1e8043e4d88ec97a04ec upstream. A request for a flowlabel fails in process or user exclusive mode must fail if the caller pid or uid does not match. Invert the test. Previously, the test was unsafe wrt PID recycling, but indeed tested for inequality: fl1->owner != fl->owner Fixes: 4f82f45730c68 ("net ip6 flowlabel: Make owner a union of struct pid* and kuid_t") Signed-off-by: Willem de Bruijn <willemb@google.com> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
author: Willem de Bruijn <willemb@google.com> 2019-04-25 12:06:54 -0400
committer: Ben Hutchings <ben@decadent.org.uk> 2019-08-13 12:39:18 +0100
commit: 9fd1512321314137f0e7c1366a1041ac6774fb8e (patch)
tree: aa3cfed9079280b89fd6c6fbb171fe2b3834f34e
parent: 5a95f35b57aed9e4c550c0b17d6c61afd089ad48 (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/net/ipv6/ip6_flowlabel.c b/net/ipv6/ip6_flowlabel.c
index f40ba684d69b2..7144773a67d9d 100644
--- a/net/ipv6/ip6_flowlabel.c
+++ b/net/ipv6/ip6_flowlabel.c
@@ -630,9 +630,9 @@ recheck:
 				if (fl1->share == IPV6_FL_S_EXCL ||
 				    fl1->share != fl->share ||
 				    ((fl1->share == IPV6_FL_S_PROCESS) &&
-				     (fl1->owner.pid == fl->owner.pid)) ||
+				     (fl1->owner.pid != fl->owner.pid)) ||
 				    ((fl1->share == IPV6_FL_S_USER) &&
-				     uid_eq(fl1->owner.uid, fl->owner.uid)))
+				     !uid_eq(fl1->owner.uid, fl->owner.uid)))
 					goto release;
 
 				err = -ENOMEM;
author	Willem de Bruijn <willemb@google.com>	2019-04-25 12:06:54 -0400
committer	Ben Hutchings <ben@decadent.org.uk>	2019-08-13 12:39:18 +0100
commit	9fd1512321314137f0e7c1366a1041ac6774fb8e (patch)
tree	aa3cfed9079280b89fd6c6fbb171fe2b3834f34e
parent	5a95f35b57aed9e4c550c0b17d6c61afd089ad48 (diff)