1. Patchew
  2. MPTCP
  3. View series

[PATCH mptcp-stable] mptcp: fix msk traversal in mptcp_nl_cmd_set_flags()

Mat Martineau posted 1 patch 2 years, 2 months ago
Failed in applying to current master (apply log)
There is a newer version of this series
net/mptcp/pm_netlink.c | 34 +++++++++++++++++++++++++---------
1 file changed, 25 insertions(+), 9 deletions(-)
[PATCH mptcp-stable] mptcp: fix msk traversal in mptcp_nl_cmd_set_flags()
Posted by Mat Martineau 2 years, 2 months ago 
commit 8e9eacad7ec7a9cbf262649ebf1fa6e6f6cc7d82 upstream.

The upstream commit had to handle a lookup_by_id variable that is only
present in 5.17. This version of the patch removes that variable, so the
__lookup_addr() function only handles the lookup as it is implemented in
5.15 and 5.16. It also removes one 'const' keyword to prevent a warning
due to differing const-ness in the 5.17 version of addresses_equal().

The MPTCP endpoint list is under RCU protection, guarded by the
pernet spinlock. mptcp_nl_cmd_set_flags() traverses the list
without acquiring the spin-lock nor under the RCU critical section.

This change addresses the issue performing the lookup and the endpoint
update under the pernet spinlock.

Fixes: 0f9f696a502e ("mptcp: add set_flags command in PM netlink")
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
---

Paolo, can I add an ack or signoff tag from you?

The upstream commit (8e9eacad7ec7) was queued for the 5.16 and 5.15
stable trees, which brought along a few extra patches that didn't belong
in stable. I asked Greg to drop those patches from his queue, and this
particular commit required manual changes as described above (related to
the lookup_by_id variable that's new in 5.16).

This patch will not apply to the export branch. I confirmed that it
applies, builds, and runs on both the 5.16.5 and 5.15.19 branches. Self
tests succeed too.

When I send to the stable list, I'll also include these tags:
Cc: <stable@vger.kernel.org> # 5.15.x
Cc: <stable@vger.kernel.org> # 5.16.x


---
 net/mptcp/pm_netlink.c | 34 +++++++++++++++++++++++++---------
 1 file changed, 25 insertions(+), 9 deletions(-)

diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index 65764c8171b3..5d305fafd0e9 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -459,6 +459,18 @@ static unsigned int fill_remote_addresses_vec(struct mptcp_sock *msk, bool fullm
 	return i;
 }
 
+static struct mptcp_pm_addr_entry *
+__lookup_addr(struct pm_nl_pernet *pernet, struct mptcp_addr_info *info)
+{
+	struct mptcp_pm_addr_entry *entry;
+
+	list_for_each_entry(entry, &pernet->local_addr_list, list) {
+		if (addresses_equal(&entry->addr, info, true))
+			return entry;
+	}
+	return NULL;
+}
+
 static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk)
 {
 	struct sock *sk = (struct sock *)msk;
@@ -1725,17 +1737,21 @@ static int mptcp_nl_cmd_set_flags(struct sk_buff *skb, struct genl_info *info)
 	if (addr.flags & MPTCP_PM_ADDR_FLAG_BACKUP)
 		bkup = 1;
 
-	list_for_each_entry(entry, &pernet->local_addr_list, list) {
-		if (addresses_equal(&entry->addr, &addr.addr, true)) {
-			mptcp_nl_addr_backup(net, &entry->addr, bkup);
-
-			if (bkup)
-				entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP;
-			else
-				entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP;
-		}
+	spin_lock_bh(&pernet->lock);
+	entry = __lookup_addr(pernet, &addr.addr);
+	if (!entry) {
+		spin_unlock_bh(&pernet->lock);
+		return -EINVAL;
 	}
 
+	if (bkup)
+		entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP;
+	else
+		entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP;
+	addr = *entry;
+	spin_unlock_bh(&pernet->lock);
+
+	mptcp_nl_addr_backup(net, &addr.addr, bkup);
 	return 0;
 }
 
-- 
2.35.1
Re: [PATCH mptcp-stable] mptcp: fix msk traversal in mptcp_nl_cmd_set_flags()
Posted by Mat Martineau 2 years, 2 months ago 
On Tue, 1 Feb 2022, Mat Martineau wrote:

> commit 8e9eacad7ec7a9cbf262649ebf1fa6e6f6cc7d82 upstream.
>
> The upstream commit had to handle a lookup_by_id variable that is only
> present in 5.17. This version of the patch removes that variable, so the
> __lookup_addr() function only handles the lookup as it is implemented in
> 5.15 and 5.16. It also removes one 'const' keyword to prevent a warning
> due to differing const-ness in the 5.17 version of addresses_equal().
>
> The MPTCP endpoint list is under RCU protection, guarded by the
> pernet spinlock. mptcp_nl_cmd_set_flags() traverses the list
> without acquiring the spin-lock nor under the RCU critical section.
>
> This change addresses the issue performing the lookup and the endpoint
> update under the pernet spinlock.
>
> Fixes: 0f9f696a502e ("mptcp: add set_flags command in PM netlink")
> Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
> ---
>
> Paolo, can I add an ack or signoff tag from you?
>
> The upstream commit (8e9eacad7ec7) was queued for the 5.16 and 5.15
> stable trees, which brought along a few extra patches that didn't belong
> in stable. I asked Greg to drop those patches from his queue, and this
> particular commit required manual changes as described above (related to
> the lookup_by_id variable that's new in 5.16).
>
> This patch will not apply to the export branch. I confirmed that it
> applies, builds, and runs on both the 5.16.5 and 5.15.19 branches. Self
> tests succeed too.
>
> When I send to the stable list, I'll also include these tags:
> Cc: <stable@vger.kernel.org> # 5.15.x
> Cc: <stable@vger.kernel.org> # 5.16.x

So... this wasn't supposed to go to stable@vger.kernel.org yet. git 
send-email picked up the cc lines that I had moved out of the commit 
message. Sorry about that.

-Mat


>
>
> ---
> net/mptcp/pm_netlink.c | 34 +++++++++++++++++++++++++---------
> 1 file changed, 25 insertions(+), 9 deletions(-)
>
> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
> index 65764c8171b3..5d305fafd0e9 100644
> --- a/net/mptcp/pm_netlink.c
> +++ b/net/mptcp/pm_netlink.c
> @@ -459,6 +459,18 @@ static unsigned int fill_remote_addresses_vec(struct mptcp_sock *msk, bool fullm
> 	return i;
> }
>
> +static struct mptcp_pm_addr_entry *
> +__lookup_addr(struct pm_nl_pernet *pernet, struct mptcp_addr_info *info)
> +{
> +	struct mptcp_pm_addr_entry *entry;
> +
> +	list_for_each_entry(entry, &pernet->local_addr_list, list) {
> +		if (addresses_equal(&entry->addr, info, true))
> +			return entry;
> +	}
> +	return NULL;
> +}
> +
> static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk)
> {
> 	struct sock *sk = (struct sock *)msk;
> @@ -1725,17 +1737,21 @@ static int mptcp_nl_cmd_set_flags(struct sk_buff *skb, struct genl_info *info)
> 	if (addr.flags & MPTCP_PM_ADDR_FLAG_BACKUP)
> 		bkup = 1;
>
> -	list_for_each_entry(entry, &pernet->local_addr_list, list) {
> -		if (addresses_equal(&entry->addr, &addr.addr, true)) {
> -			mptcp_nl_addr_backup(net, &entry->addr, bkup);
> -
> -			if (bkup)
> -				entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP;
> -			else
> -				entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP;
> -		}
> +	spin_lock_bh(&pernet->lock);
> +	entry = __lookup_addr(pernet, &addr.addr);
> +	if (!entry) {
> +		spin_unlock_bh(&pernet->lock);
> +		return -EINVAL;
> 	}
>
> +	if (bkup)
> +		entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP;
> +	else
> +		entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP;
> +	addr = *entry;
> +	spin_unlock_bh(&pernet->lock);
> +
> +	mptcp_nl_addr_backup(net, &addr.addr, bkup);
> 	return 0;
> }
>
> -- 
> 2.35.1
>
>

--
Mat Martineau
Intel
Re: [PATCH mptcp-stable] mptcp: fix msk traversal in mptcp_nl_cmd_set_flags()
Posted by Greg KH 2 years, 2 months ago 
On Tue, Feb 01, 2022 at 05:09:36PM -0800, Mat Martineau wrote:
> On Tue, 1 Feb 2022, Mat Martineau wrote:
> 
> > commit 8e9eacad7ec7a9cbf262649ebf1fa6e6f6cc7d82 upstream.
> > 
> > The upstream commit had to handle a lookup_by_id variable that is only
> > present in 5.17. This version of the patch removes that variable, so the
> > __lookup_addr() function only handles the lookup as it is implemented in
> > 5.15 and 5.16. It also removes one 'const' keyword to prevent a warning
> > due to differing const-ness in the 5.17 version of addresses_equal().
> > 
> > The MPTCP endpoint list is under RCU protection, guarded by the
> > pernet spinlock. mptcp_nl_cmd_set_flags() traverses the list
> > without acquiring the spin-lock nor under the RCU critical section.
> > 
> > This change addresses the issue performing the lookup and the endpoint
> > update under the pernet spinlock.
> > 
> > Fixes: 0f9f696a502e ("mptcp: add set_flags command in PM netlink")
> > Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
> > ---
> > 
> > Paolo, can I add an ack or signoff tag from you?
> > 
> > The upstream commit (8e9eacad7ec7) was queued for the 5.16 and 5.15
> > stable trees, which brought along a few extra patches that didn't belong
> > in stable. I asked Greg to drop those patches from his queue, and this
> > particular commit required manual changes as described above (related to
> > the lookup_by_id variable that's new in 5.16).
> > 
> > This patch will not apply to the export branch. I confirmed that it
> > applies, builds, and runs on both the 5.16.5 and 5.15.19 branches. Self
> > tests succeed too.
> > 
> > When I send to the stable list, I'll also include these tags:
> > Cc: <stable@vger.kernel.org> # 5.15.x
> > Cc: <stable@vger.kernel.org> # 5.16.x
> 
> So... this wasn't supposed to go to stable@vger.kernel.org yet. git
> send-email picked up the cc lines that I had moved out of the commit
> message. Sorry about that.

There's nothing wrong with us seeing it as kernel development should be
done in public :)

thanks,

greg k-h
Re: [PATCH mptcp-stable] mptcp: fix msk traversal in mptcp_nl_cmd_set_flags()
Posted by Paolo Abeni 2 years, 2 months ago 
On Tue, 2022-02-01 at 16:40 -0800, Mat Martineau wrote:
> commit 8e9eacad7ec7a9cbf262649ebf1fa6e6f6cc7d82 upstream.
> 
> The upstream commit had to handle a lookup_by_id variable that is only
> present in 5.17. This version of the patch removes that variable, so the
> __lookup_addr() function only handles the lookup as it is implemented in
> 5.15 and 5.16. It also removes one 'const' keyword to prevent a warning
> due to differing const-ness in the 5.17 version of addresses_equal().
> 
> The MPTCP endpoint list is under RCU protection, guarded by the
> pernet spinlock. mptcp_nl_cmd_set_flags() traverses the list
> without acquiring the spin-lock nor under the RCU critical section.
> 
> This change addresses the issue performing the lookup and the endpoint
> update under the pernet spinlock.
> 
> Fixes: 0f9f696a502e ("mptcp: add set_flags command in PM netlink")
> Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
> ---
> 
> Paolo, can I add an ack or signoff tag from you?
> 
> The upstream commit (8e9eacad7ec7) was queued for the 5.16 and 5.15
> stable trees, which brought along a few extra patches that didn't belong
> in stable. I asked Greg to drop those patches from his queue, and this
> particular commit required manual changes as described above (related to
> the lookup_by_id variable that's new in 5.16).


The patches LGTM. Since you did all the good work, I think is better if
you preserve your SoB and just add:

Acked-by: Paolo Abeni <pabeni@redhat.com>

> 
> This patch will not apply to the export branch. I confirmed that it
> applies, builds, and runs on both the 5.16.5 and 5.15.19 branches. Self
> tests succeed too.
> 
> When I send to the stable list, I'll also include these tags:
> Cc: <stable@vger.kernel.org> # 5.15.x
> Cc: <stable@vger.kernel.org> # 5.16.x
> 
> 
> ---
>  net/mptcp/pm_netlink.c | 34 +++++++++++++++++++++++++---------
>  1 file changed, 25 insertions(+), 9 deletions(-)
> 
> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
> index 65764c8171b3..5d305fafd0e9 100644
> --- a/net/mptcp/pm_netlink.c
> +++ b/net/mptcp/pm_netlink.c
> @@ -459,6 +459,18 @@ static unsigned int fill_remote_addresses_vec(struct mptcp_sock *msk, bool fullm
>  	return i;
>  }
>  
> +static struct mptcp_pm_addr_entry *
> +__lookup_addr(struct pm_nl_pernet *pernet, struct mptcp_addr_info *info)
> +{
> +	struct mptcp_pm_addr_entry *entry;
> +
> +	list_for_each_entry(entry, &pernet->local_addr_list, list) {
> +		if (addresses_equal(&entry->addr, info, true))
> +			return entry;
> +	}
> +	return NULL;
> +}
> +
>  static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk)
>  {
>  	struct sock *sk = (struct sock *)msk;
> @@ -1725,17 +1737,21 @@ static int mptcp_nl_cmd_set_flags(struct sk_buff *skb, struct genl_info *info)
>  	if (addr.flags & MPTCP_PM_ADDR_FLAG_BACKUP)
>  		bkup = 1;
>  
> -	list_for_each_entry(entry, &pernet->local_addr_list, list) {
> -		if (addresses_equal(&entry->addr, &addr.addr, true)) {
> -			mptcp_nl_addr_backup(net, &entry->addr, bkup);
> -
> -			if (bkup)
> -				entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP;
> -			else
> -				entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP;
> -		}
> +	spin_lock_bh(&pernet->lock);
> +	entry = __lookup_addr(pernet, &addr.addr);
> +	if (!entry) {
> +		spin_unlock_bh(&pernet->lock);
> +		return -EINVAL;
>  	}
>  
> +	if (bkup)
> +		entry->flags |= MPTCP_PM_ADDR_FLAG_BACKUP;
> +	else
> +		entry->flags &= ~MPTCP_PM_ADDR_FLAG_BACKUP;
> +	addr = *entry;
> +	spin_unlock_bh(&pernet->lock);
> +
> +	mptcp_nl_addr_backup(net, &addr.addr, bkup);
>  	return 0;
>  }
>

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.