3.16.7-ckt25 -stable review patch. If anyone has any objections, please let me know.
---8<------------------------------------------------------------ From: Marcelo Ricardo Leitner <[email protected]> commit 27f7ed2b11d42ab6d796e96533c2076ec220affc upstream. This patch extends commit b93d6471748d ("sctp: implement the sender side for SACK-IMMEDIATELY extension") as it didn't white list SCTP_SACK_IMMEDIATELY on sctp_msghdr_parse(), causing it to be understood as an invalid flag and returning -EINVAL to the application. Note that the actual handling of the flag is already there in sctp_datamsg_from_user(). https://tools.ietf.org/html/rfc7053#section-7 Fixes: b93d6471748d ("sctp: implement the sender side for SACK-IMMEDIATELY extension") Signed-off-by: Marcelo Ricardo Leitner <[email protected]> Acked-by: Vlad Yasevich <[email protected]> Signed-off-by: David S. Miller <[email protected]> [ luis: backported to 3.16: - dropped changes to SCTP_SNDINFO case ] Signed-off-by: Luis Henriques <[email protected]> --- net/sctp/socket.c | 1 + 1 file changed, 1 insertion(+) diff --git a/net/sctp/socket.c b/net/sctp/socket.c index 88c5befcb569..70bac7a75b9c 100644 --- a/net/sctp/socket.c +++ b/net/sctp/socket.c @@ -6464,6 +6464,7 @@ static int sctp_msghdr_parse(const struct msghdr *msg, sctp_cmsgs_t *cmsgs) /* Minimally, validate the sinfo_flags. */ if (cmsgs->info->sinfo_flags & ~(SCTP_UNORDERED | SCTP_ADDR_OVER | + SCTP_SACK_IMMEDIATELY | SCTP_ABORT | SCTP_EOF)) return -EINVAL; break;
