Files
linux-stable-mirror/include/trace/events
David Howells 98a2046d15 rxrpc: Fix conn-level packet handling to unshare RESPONSE packets
commit 24481a7f57 upstream.

The security operations that verify the RESPONSE packets decrypt bits of it
in place - however, the sk_buff may be shared with a packet sniffer, which
would lead to the sniffer seeing an apparently corrupt packet (actually
decrypted).

Fix this by handing a copy of the packet off to the specific security
handler if the packet was cloned.

Fixes: 17926a7932 ("[AF_RXRPC]: Provide secure RxRPC sockets for use by userspace and kernel both")
Closes: https://sashiko.dev/#/patchset/20260408121252.2249051-1-dhowells%40redhat.com
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: Jeffrey Altman <jaltman@auristor.com>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
cc: stable@kernel.org
Link: https://patch.msgid.link/20260422161438.2593376-5-dhowells@redhat.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
[Readd rxrpc_skb_put_response_copy which missed in bf20f46d94 in v6.12.86]
Stable-dep-of: aa54b1d27f ("rxrpc: Also unshare DATA/RESPONSE packets when
paged frags are present")
Signed-off-by: Wentao Guan <guanwentao@uniontech.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2026-05-14 15:29:18 +02:00
..
2025-07-17 18:37:18 +02:00
2024-04-25 20:56:20 -07:00
2024-05-08 10:39:26 +01:00
2024-05-14 07:22:35 -06:00
2024-09-11 20:44:31 -07:00
2024-06-20 15:19:17 -06:00
2024-06-19 12:44:22 +01:00