mptcp: fix security context on server socket

[linux-2.6-microblaze.git] / net / netfilter / nf_conntrack_proto_dccp.c

diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index b3f4a33..db7479d 100644 (file)
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -589,7 +589,7 @@ static void dccp_print_conntrack(struct seq_file *s, struct nf_conn *ct)
 
 #if IS_ENABLED(CONFIG_NF_CT_NETLINK)
 static int dccp_to_nlattr(struct sk_buff *skb, struct nlattr *nla,
-                         struct nf_conn *ct)
+                         struct nf_conn *ct, bool destroy)
 {
        struct nlattr *nest_parms;
 
@@ -597,15 +597,22 @@ static int dccp_to_nlattr(struct sk_buff *skb, struct nlattr *nla,
        nest_parms = nla_nest_start(skb, CTA_PROTOINFO_DCCP);
        if (!nest_parms)
                goto nla_put_failure;
-       if (nla_put_u8(skb, CTA_PROTOINFO_DCCP_STATE, ct->proto.dccp.state) ||
-           nla_put_u8(skb, CTA_PROTOINFO_DCCP_ROLE,
+       if (nla_put_u8(skb, CTA_PROTOINFO_DCCP_STATE, ct->proto.dccp.state))
+               goto nla_put_failure;
+
+       if (destroy)
+               goto skip_state;
+
+       if (nla_put_u8(skb, CTA_PROTOINFO_DCCP_ROLE,
                       ct->proto.dccp.role[IP_CT_DIR_ORIGINAL]) ||
            nla_put_be64(skb, CTA_PROTOINFO_DCCP_HANDSHAKE_SEQ,
                         cpu_to_be64(ct->proto.dccp.handshake_seq),
                         CTA_PROTOINFO_DCCP_PAD))
                goto nla_put_failure;
+skip_state:
        nla_nest_end(skb, nest_parms);
        spin_unlock_bh(&ct->lock);
+
        return 0;
 
 nla_put_failure: