From: Phil Oester <kernel@linuxace.com>
Date: Tue, 27 Aug 2013 23:41:40 +0000 (-0700)
Subject: tcp: tcp_make_synack() should use sock_wmalloc
X-Git-Tag: firefly_0821_release~6453^2~877
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=b70a23ab4ab5a95ab9be1bf77b73c1ad9f4e15a4;p=firefly-linux-kernel-4.4.55.git

tcp: tcp_make_synack() should use sock_wmalloc

[ Upstream commit eb8895debe1baba41fcb62c78a16f0c63c21662a ]

In commit 90ba9b19 (tcp: tcp_make_synack() can use alloc_skb()), Eric changed
the call to sock_wmalloc in tcp_make_synack to alloc_skb.  In doing so,
the netfilter owner match lost its ability to block the SYNACK packet on
outbound listening sockets.  Revert the change, restoring the owner match
functionality.

This closes netfilter bugzilla #847.

Signed-off-by: Phil Oester <kernel@linuxace.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 2c48d51f47a0..0145ce7e6098 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -2664,7 +2664,7 @@ struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
 	int tcp_header_size;
 	int mss;
 
-	skb = alloc_skb(MAX_TCP_HEADER + 15, sk_gfp_atomic(sk, GFP_ATOMIC));
+	skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15, 1, GFP_ATOMIC);
 	if (unlikely(!skb)) {
 		dst_release(dst);
 		return NULL;