BACKPORT: FROMGIT: ANDROID: xt_qtaguid: fix UAF race

Make sure to hold the sock_tag_list_lock while accessing the tag to
avoid a race between getting the tag and free'ing the tag.

Bug: 184018316
Disallow-Recycled-Builds: test-failures
Fixes: c7ca0ac69702 ("ANDROID: netfilter: xt_qtaguid: add qtaguid matching module")
Signed-off-by: Will McVicker <willmcvicker@google.com>

(cherry picked from commit 2398e650c58a6f4877dafce649188290f6e3b4f5
 https://android.googlesource.com/kernel/common android-4.14-p)

Conflicts:
   net/netfilter/xt_qtaguid.c
   Locking in ChromeOS is per network namespace.

BUG=chromium:1195431
TEST=Run PoC

Change-Id: If50e33958b982c41f0fa9e9bbb02ba33f673b83a
Signed-off-by: Guenter Roeck <groeck@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/2884362
Reviewed-by: Zubin Mithra <zsm@chromium.org>
Commit-Queue: Guenter Roeck <groeck@chromium.org>
Tested-by: Guenter Roeck <groeck@chromium.org>
(cherry picked from commit a5966bd58466c4292297c81d75bcbb3a9e690474)
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/kernel/+/2889675
Reviewed-by: Guenter Roeck <groeck@chromium.org>
1 file changed