From: Michal Koutný <mkoutny@suse.com>
Subject: KABI fix for sock_cgroup_data
References: bsc#1175213 CVE-2020-14356
Patch-mainline: Never, KABI fix


The commit ad0f75e5f57 ("cgroup: fix cgroup_sk_alloc() for sk_clone_lock()")
uses new bit of the u8 member in sock_cgroup_data. This new bit is placed to a
previously unused bit offset (within u8) and the boolean is_data member is
preserved.

The struct sock_cgroup_data is supposed to be used directly only by the cgroup
core and net_cls or net_prio controllers. So we hide the layout change with
__GENKSYMS__.

The issue is with no_refcnt,is_data = 0x2 and some users only checking val == 0
or is_data (not a bitfield) == 0 should be mitigated in any 3rd party code by
proper usage of sock_cgroup_{classid,prioidx,ptr} accessors (who applied
bitmask even before the changes).

---
 include/linux/cgroup-defs.h |    8 ++++++++
 1 file changed, 8 insertions(+)

--- a/include/linux/cgroup-defs.h
+++ b/include/linux/cgroup-defs.h
@@ -797,9 +797,13 @@ struct sock_cgroup_data {
 	union {
 #ifdef __LITTLE_ENDIAN
 		struct {
+#ifdef __GENKSYMS__
+			u8	is_data;
+#else
 			u8	is_data : 1;
 			u8	no_refcnt : 1;
 			u8	unused : 6;
+#endif
 			u8	padding;
 			u16	prioidx;
 			u32	classid;
@@ -809,9 +813,13 @@ struct sock_cgroup_data {
 			u32	classid;
 			u16	prioidx;
 			u8	padding;
+#ifdef __GENKSYMS__
+			u8	is_data;
+#else
 			u8	unused : 6;
 			u8	no_refcnt : 1;
 			u8	is_data : 1;
+#endif
 		} __packed;
 #endif
 		u64		val;