mptcp: fix security context on server socket

Currently MPTCP is not propagating the security context from the ingress request socket to newly created msk at clone time. Address the issue invoking the missing security helper. Fixes: cf7da0d6 ("mptcp: Create SUBFLOW socket for incoming connections") Signed-off-by: Paolo Abeni <pabeni@redhat.com> Reviewed-by: Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>

mptcp: fix security context on server socket
Currently MPTCP is not propagating the security context from the ingress request socket to newly created msk at clone time. Address the issue invoking the missing security helper. Fixes: cf7da0d6 ("mptcp: Create SUBFLOW socket for incoming connections") Signed-off-by: Paolo Abeni <pabeni@redhat.com> Reviewed-by: Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
0c148460 · Paolo Abeni · Jakub Kicinski · 49e27134 · 0c148460
Commit 0c148460 authored Dec 16, 2020 by Paolo Abeni Committed by Jakub Kicinski Dec 17, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

net/mptcp/protocol.c net/mptcp/protocol.c +2 -0

No files found.
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -2699,6 +2699,8 @@ struct sock *mptcp_sk_clone(const struct sock *sk,
 	sock_reset_flag(nsk, SOCK_RCU_FREE);
 	/* will be fully established after successful MPC subflow creation */
 	inet_sk_state_store(nsk, TCP_SYN_RECV);
+	security_inet_csk_clone(nsk, req);
 	bh_unlock_sock(nsk);
 	/* keep a single reference */