diff options
| -rw-r--r-- | net/netfilter/xt_qtaguid.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/net/netfilter/xt_qtaguid.c b/net/netfilter/xt_qtaguid.c index e82524b21d07..604f812c5e25 100644 --- a/net/netfilter/xt_qtaguid.c +++ b/net/netfilter/xt_qtaguid.c @@ -2412,15 +2412,20 @@ int qtaguid_untag(struct socket *el_socket, bool kernel) * At first, we want to catch user-space code that is not * opening the /dev/xt_qtaguid. */ - if (IS_ERR_OR_NULL(pqd_entry) || !sock_tag_entry->list.next) { + if (IS_ERR_OR_NULL(pqd_entry)) pr_warn_once("qtaguid: %s(): " "User space forgot to open /dev/xt_qtaguid? " "pid=%u tgid=%u sk_pid=%u, uid=%u\n", __func__, current->pid, current->tgid, sock_tag_entry->pid, from_kuid(&init_user_ns, current_fsuid())); - } else { + /* + * This check is needed because tagging from a process that + * didn’t open /dev/xt_qtaguid still adds the sock_tag_entry + * to sock_tag_tree. + */ + if (sock_tag_entry->list.next) list_del(&sock_tag_entry->list); - } + spin_unlock_bh(&uid_tag_data_tree_lock); /* * We don't free tag_ref from the utd_entry here, |