From: Paolo Abeni <pabeni@redhat.com>
Date: Wed, 16 Dec 2020 11:48:32 +0000 (+0100)
Subject: mptcp: fix security context on server socket
X-Git-Tag: accepted/tizen/unified/20230118.172025~8226^2~5^2~3
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=0c14846032f2c0a3b63234e1fc2759f4155b6067;p=platform%2Fkernel%2Flinux-rpi.git

mptcp: fix security context on server socket

Currently MPTCP is not propagating the security context
from the ingress request socket to newly created msk
at clone time.

Address the issue invoking the missing security helper.

Fixes: cf7da0d66cc1 ("mptcp: Create SUBFLOW socket for incoming connections")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
---

diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index b812aaa..d24243a 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -2699,6 +2699,8 @@ struct sock *mptcp_sk_clone(const struct sock *sk,
 	sock_reset_flag(nsk, SOCK_RCU_FREE);
 	/* will be fully established after successful MPC subflow creation */
 	inet_sk_state_store(nsk, TCP_SYN_RECV);
+
+	security_inet_csk_clone(nsk, req);
 	bh_unlock_sock(nsk);
 
 	/* keep a single reference */