main/linux-grsec: backport ip gre fix

from http://www.spinics.net/lists/netdev/msg261705.html
ref #2530

2 files changed, 65 insertions, 1 deletions

diff --git a/main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch b/main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch
new file mode 100644
index 0000000000..ca86acacf9
--- /dev/null
+++ b/main/linux-grsec/0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch
@@ -0,0 +1,60 @@
+From 08dd44d9ba398ecd23975603aa05ab9b8a9a8f94 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
+Date: Mon, 16 Dec 2013 11:02:09 +0200
+Subject: [PATCH] ip_gre: fix msg_name parsing for recvfrom/recvmsg
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+ipgre_header_parse() needs to parse the tunnel's ip header and it
+uses mac_header to locate the iphdr. This got broken when gre tunneling
+was refactored as mac_header is no longer updated to point to iphdr.
+Introduce skb_pop_mac_header() helper to do the mac_header assignment
+and use it in ipgre_rcv() to fix msg_name parsing.
+
+Bug introduced in commit c54419321455 (GRE: Refactor GRE tunneling code.)
+
+Cc: Pravin B Shelar <pshelar@nicira.com>
+Signed-off-by: Timo Teräs <timo.teras@iki.fi>
+Signed-off-by: David S. Miller <davem@davemloft.net>
+
+Conflicts:
+	include/linux/skbuff.h
+	net/ipv4/ip_gre.c
+---
+ include/linux/skbuff.h | 5 +++++
+ net/ipv4/ip_gre.c      | 1 +
+ 2 files changed, 6 insertions(+)
+
+diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h
+index c42c51d..d3500f8 100644
+--- a/include/linux/skbuff.h
++++ b/include/linux/skbuff.h
+@@ -1519,6 +1519,11 @@ static inline void skb_reset_inner_headers(struct sk_buff *skb)
+ 	skb->inner_transport_header = skb->transport_header;
+ }
+ 
++static inline void skb_pop_mac_header(struct sk_buff *skb)
++{
++	skb->mac_header = skb->network_header;
++}
++
+ static inline void skb_reset_mac_len(struct sk_buff *skb)
+ {
+ 	skb->mac_len = skb->network_header - skb->mac_header;
+diff --git a/net/ipv4/ip_gre.c b/net/ipv4/ip_gre.c
+index db77052..79f1e8d 100644
+--- a/net/ipv4/ip_gre.c
++++ b/net/ipv4/ip_gre.c
+@@ -335,6 +335,7 @@ static int ipgre_rcv(struct sk_buff *skb)
+ 				  iph->saddr, iph->daddr, tpi.key);
+ 
+ 	if (tunnel) {
++		skb_pop_mac_header(skb);
+ 		ip_tunnel_rcv(tunnel, skb, &tpi, hdr_len, log_ecn_error);
+ 		return 0;
+ 	}
+-- 
+1.8.5.2
+
+
diff --git a/main/linux-grsec/APKBUILD b/main/linux-grsec/APKBUILD
index 8c5006016f..aa56d40670 100644
--- a/main/linux-grsec/APKBUILD
+++ b/main/linux-grsec/APKBUILD
@@ -7,7 +7,7 @@ case $pkgver in
 *.*.*)	_kernver=${pkgver%.*};;
 *.*)	_kernver=${pkgver};;
 esac
-pkgrel=1
+pkgrel=2
 pkgdesc="Linux kernel with grsecurity"
 url=http://grsecurity.net
 depends="mkinitfs linux-firmware"
@@ -26,6 +26,7 @@ source="http://ftp.kernel.org/pub/linux/kernel/v3.x/linux-$_kernver.tar.xz
 	0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch
 	0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch
 	net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch
+	0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch
 	fix-memory-map-for-PIE-applications.patch
 
 	kernelconfig.x86
@@ -160,6 +161,7 @@ aa454ffb96428586447775c21449e284  0003-ipv4-properly-refresh-rtable-entries-on-p
 6ce5fed63aad3f1a1ff1b9ba7b741822  0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch
 1a5800a2122ba0cc0d06733cb3bb8b8f  0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch
 ae36fdf685dd97f51bce3a5124f7dff6  net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch
+c5f660933430a03f3346c66fbfb26100  0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch
 c6a4ae7e8ca6159e1631545515805216  fix-memory-map-for-PIE-applications.patch
 866e6c4daed45d563829804f8ad50ed9  kernelconfig.x86
 272aaddd0a19a5052208bc25551995a3  kernelconfig.x86_64"
@@ -173,6 +175,7 @@ dc8e82108615657f1fb9d641efd42255a5761c06edde1b00a41ae0d314d548f0  0002-arp-flush
 ae32bb72afa170e6c3788c564b342763aba5945afacc1e2ebfc096adf50d77a3  0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch
 fc613ac466610b866b721c41836fd5bfb2d4b75bceb67972dc6369d7f62ff47e  0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch
 b130be723743442140637b74da6065061aabb0a0ce6ce6f5cf784f6e5776ae14  net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch
+dcdef241ddd315c6c8296f122fc94f77792fde0304aff07f72afe11333b7ebfb  0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch
 500f3577310be52e87b9fecdc2e9c4ca43210fd97d69089f9005d484563f74c7  fix-memory-map-for-PIE-applications.patch
 7fd28634998ef1fddafed5f2516e902924245d2464b9e86476bfaa55ccfc3bc3  kernelconfig.x86
 f2843ae4f9b3e3c27f3138ce4b740c2803bdab0c7a910c662d951843803b9554  kernelconfig.x86_64"
@@ -186,6 +189,7 @@ d2f578ad1d6e1fe52b55863e5bf338ae8201b828a498ec3e42e549c55295d3d1c6c3adfa9e226d71
 28a33e644bf2faf99c8dd6dbccfe14e140dfdd8824a8fb2d58aa7deb9e572f130d92b6b35ee181084050d82166bdf2e498a451a2a538a67b7ab84204405d2d87  0005-ipv4-use-separate-genid-for-next-hop-exceptions.patch
 249140374c19a5599876268ff5b3cda2e136681aee103b4a9fff5d7d346f8e3295a907fb43db0701b8a9fece64c299ad2abac0434259cce6631307ce84090205  0006-ipv4-use-next-hop-exceptions-also-for-input-routes.patch
 100fddcb0311d01bed68831287805921afd6a788a81ac6aa1c71823eb10b83c906bc38b0607fdbe71515aef43e628a9863b3fd53953698fe91326c70918c9bd9  net-loosen-constraints-for-recalculating-checksum-in-skb_segment.patch
+ccb0695d96521d27e318a9936037a9cf9705dade1feeed271b65f0199653e8817c1696fcc1c2c83a9328ca23354213e1bed513212056e636d780a49fa7791d82  0001-ip_gre-fix-msg_name-parsing-for-recvfrom-recvmsg.patch
 4665c56ae1bbac311f9205d64918e84ee8b01d47d6e2396ff6b8adfb10aada7f7254531ce62e31edbb65c2a54a830f09ad05d314dfcd75d6272f4068945ad7c7  fix-memory-map-for-PIE-applications.patch
 1721542ff111c8ec550323dae6f6174131db180668cbf14f01dc4c76ffbbb479715919a80c35d8c8ac22a6479dd3b42700be6ddc5ef2a8b6a62de811c7ae86df  kernelconfig.x86
 d49bf57bd0aae17d762d87d5bf983e48219d71ca44bc0c3120db94d357192c07146a8938cef9d435218e4bb748691ec426387545837be637d47e45cdc4482d71  kernelconfig.x86_64"