net/tcp: Do cleanup on tcp_md5_key_copy() failure

If the kernel was short on (atomic) memory and failed to allocate it -
don't proceed to creation of request socket. Otherwise the socket would
be unsigned and userspace likely doesn't expect that the TCP is not
MD5-signed anymore.

Signed-off-by: Dmitry Safonov <dima@arista.com>
Acked-by: Jakub Kicinski <kuba@kernel.org>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

net/ipv4/tcp_ipv4.c

@@ -1619,13 +1619,8 @@ struct sock *tcp_v4_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
 	addr = (union tcp_md5_addr *)&newinet->inet_daddr;
 	key = tcp_md5_do_lookup(sk, l3index, addr, AF_INET);
 	if (key) {
-		/*
+		if (tcp_md5_key_copy(newsk, addr, AF_INET, 32, l3index, key))
-		 * We're using one, so create a matching key
+			goto put_and_exit;
-		 * on the newsk structure. If we fail to get
-		 * memory, then we end up not copying the key
-		 * across. Shucks.
-		 */
-		tcp_md5_key_copy(newsk, addr, AF_INET, 32, l3index, key);
 		sk_gso_disable(newsk);
 	}
 #endif

net/ipv6/tcp_ipv6.c

@@ -1364,13 +1364,14 @@ static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *
 	/* Copy over the MD5 key from the original socket */
 	key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr, l3index);
 	if (key) {
-		/* We're using one, so create a matching key
+		const union tcp_md5_addr *addr;
-		 * on the newsk structure. If we fail to get
+
-		 * memory, then we end up not copying the key
+		addr = (union tcp_md5_addr *)&newsk->sk_v6_daddr;
-		 * across. Shucks.
+		if (tcp_md5_key_copy(newsk, addr, AF_INET6, 128, l3index, key)) {
-		 */
+			inet_csk_prepare_forced_close(newsk);
-		tcp_md5_key_copy(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
+			tcp_done(newsk);
-				 AF_INET6, 128, l3index, key);
+			goto out;
+		}
 	}
 #endif