From nobody Mon Feb  9 13:35:36 2026
Delivered-To: wpasupplicant.patchew@gmail.com
Received: by 2002:a05:6638:bd2:0:0:0:0 with SMTP id g18csp482343jad;
        Thu, 17 Feb 2022 06:25:58 -0800 (PST)
X-Google-Smtp-Source: 
 ABdhPJzkp5xsJwJGOgIZMbiX3jtIIFVTyifSi74UXy2yLfd27fTZByPiYf+9Vdez0S9jE9Wo3zLP
X-Received: by 2002:a05:622a:138a:b0:2c9:efe8:72c7 with SMTP id
 o10-20020a05622a138a00b002c9efe872c7mr2619439qtk.546.1645107958045;
        Thu, 17 Feb 2022 06:25:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1645107958; cv=none;
        d=google.com; s=arc-20160816;
        b=Hkwp2dkokA15HiYybZAeKsqUrQL/Xq1BY7nyEdt1BCm1kMYtA1Bvi+dbavvxHY17xg
         /kP609ySVcYGA8zuReqExte61WAQCdQhvujNekMoW3ZBofM+mMzlIhjbqMTEKR3//RGu
         z/SHSEAiJp6V23DTLvaHP9vbmH+4R8OpxXVOiq73IZVx85XzzBSsFv3HKZ6RCqvy7bKo
         Pi7j9rLiM2GFRRNnTU2yQWQ/qoKYH20upKOyOfyD8ZYVmFkXfpb4opNRaNNmN9qBQ0z+
         S1y+XyVvBr+bT4b+17zdnFJeyFmmWH7cw0svurMB44kWmRgbHYTsy4Xdo5CPsV5LdSua
         osDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:references:in-reply-to:message-id
         :date:subject:cc:to:from;
        bh=jSwWObi4QeSowVuDkXAGzTWL8k32l6HECm7JsEHizwc=;
        b=i7+//aEYcpNdDunPFeFtg9oLSKlpRICnR6IN33HmqASEuioyoyEVfbZdhLQdYj5XG2
         bIcytObRccdTZ1r6RX4OryCKApVyFzH5wf7158kyyfGuj3UGX5cR0ZwXizcosmgaKbcO
         HbNpWA/dQkb4Su3HUGS415m2cFrYWI7p1LPrmZh60VmkL7mDjuAgUobD6+Iq5g7hneXN
         b5N+LN9fWC9TeVx0uOcWh6/n7gbL/49rAbIcgV0k9Lyox2vEFCLrOhyDAzf4UE+xsqpz
         qYkucmnOxNBy4kvbH/oPIZoGn1NWwrufRgYFFQOgp1OKdIMq5ihTPZrOxIQjp+Tk86KT
         s3Qw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of
 mptcp+bounces-3801-wpasupplicant.patchew=gmail.com@lists.linux.dev designates
 147.75.197.195 as permitted sender)
 smtp.mailfrom="mptcp+bounces-3801-wpasupplicant.patchew=gmail.com@lists.linux.dev"
Return-Path: 
 <mptcp+bounces-3801-wpasupplicant.patchew=gmail.com@lists.linux.dev>
Received: from ewr.edge.kernel.org (ewr.edge.kernel.org. [147.75.197.195])
        by mx.google.com with ESMTPS id o6si8178500qkj.287.2022.02.17.06.25.57
        for <wpasupplicant.patchew@gmail.com>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 17 Feb 2022 06:25:58 -0800 (PST)
Received-SPF: pass (google.com: domain of
 mptcp+bounces-3801-wpasupplicant.patchew=gmail.com@lists.linux.dev designates
 147.75.197.195 as permitted sender) client-ip=147.75.197.195;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of
 mptcp+bounces-3801-wpasupplicant.patchew=gmail.com@lists.linux.dev designates
 147.75.197.195 as permitted sender)
 smtp.mailfrom="mptcp+bounces-3801-wpasupplicant.patchew=gmail.com@lists.linux.dev"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
 [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ewr.edge.kernel.org (Postfix) with ESMTPS id CB4231C0BCE
	for <wpasupplicant.patchew@gmail.com>; Thu, 17 Feb 2022 14:25:57 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 9E6293D9E;
	Thu, 17 Feb 2022 14:25:56 +0000 (UTC)
X-Original-To: mptcp@lists.linux.dev
Received: from Chamillionaire.breakpoint.cc (Chamillionaire.breakpoint.cc
 [193.142.43.52])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5B443291C
	for <mptcp@lists.linux.dev>; Thu, 17 Feb 2022 14:25:55 +0000 (UTC)
Received: from fw by Chamillionaire.breakpoint.cc with local (Exim 4.92)
	(envelope-from <fw@breakpoint.cc>)
	id 1nKhj9-0004Da-Qv; Thu, 17 Feb 2022 15:25:47 +0100
From: Florian Westphal <fw@strlen.de>
To: <mptcp@lists.linux.dev>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH mptcp-next v2 1/5] mptcp: check netns in mptcp_token_exists
Date: Thu, 17 Feb 2022 15:25:34 +0100
Message-Id: <20220217142538.7849-2-fw@strlen.de>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20220217142538.7849-1-fw@strlen.de>
References: <20220217142538.7849-1-fw@strlen.de>
Precedence: bulk
X-Mailing-List: mptcp@lists.linux.dev
List-Id: <mptcp.lists.linux.dev>
List-Subscribe: <mailto:mptcp+subscribe@lists.linux.dev>
List-Unsubscribe: <mailto:mptcp+unsubscribe@lists.linux.dev>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

This will be used by a followup patch to check if the token
specified in mp_join option exists in the current netns.

At this time, tokens are unique across all namespaces, but
we need to treat a token that exists in netns x as 'does not exist'
when doing existence check from netns y.

Signed-off-by: Florian Westphal <fw@strlen.de>
---
 net/mptcp/protocol.h | 2 +-
 net/mptcp/subflow.c  | 4 +++-
 net/mptcp/token.c    | 5 +++--
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 18ca0248c084..c43ca46dbc27 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -725,7 +725,7 @@ void mptcp_token_destroy_request(struct request_sock *r=
eq);
 int mptcp_token_new_connect(struct sock *sk);
 void mptcp_token_accept(struct mptcp_subflow_request_sock *r,
 			struct mptcp_sock *msk);
-bool mptcp_token_exists(u32 token);
+bool mptcp_token_exists(const struct net *net, u32 token);
 struct mptcp_sock *mptcp_token_get_sock(struct net *net, u32 token);
 struct mptcp_sock *mptcp_token_iter_next(const struct net *net, long *s_sl=
ot,
 					 long *s_num);
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index e727d838da0e..be43077fe76e 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -176,10 +176,12 @@ static int subflow_check_req(struct request_sock *req,
 		} while (subflow_req->local_key =3D=3D 0);
=20
 		if (unlikely(req->syncookie)) {
+			const struct net *net =3D read_pnet(&inet_rsk(req)->ireq_net);
+
 			mptcp_crypto_key_sha(subflow_req->local_key,
 					     &subflow_req->token,
 					     &subflow_req->idsn);
-			if (mptcp_token_exists(subflow_req->token)) {
+			if (mptcp_token_exists(net, subflow_req->token)) {
 				if (retries-- > 0)
 					goto again;
 				SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_TOKENFALLBACKINIT);
diff --git a/net/mptcp/token.c b/net/mptcp/token.c
index f52ee7b26aed..0593c83385e0 100644
--- a/net/mptcp/token.c
+++ b/net/mptcp/token.c
@@ -203,7 +203,7 @@ void mptcp_token_accept(struct mptcp_subflow_request_so=
ck *req,
 	spin_unlock_bh(&bucket->lock);
 }
=20
-bool mptcp_token_exists(u32 token)
+bool mptcp_token_exists(const struct net *net, u32 token)
 {
 	struct hlist_nulls_node *pos;
 	struct token_bucket *bucket;
@@ -216,7 +216,8 @@ bool mptcp_token_exists(u32 token)
 again:
 	sk_nulls_for_each_rcu(sk, pos, &bucket->msk_chain) {
 		msk =3D mptcp_sk(sk);
-		if (READ_ONCE(msk->token) =3D=3D token)
+		if (READ_ONCE(msk->token) =3D=3D token &&
+		    net_eq(sock_net(sk), net))
 			goto found;
 	}
 	if (get_nulls_value(pos) !=3D (token & token_mask))
--=20
2.34.1