From nobody Thu Apr 25 10:22:31 2024 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6AC7310E5 for ; Sat, 7 Jan 2023 01:46:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1673056004; x=1704592004; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=tdUNtY26CU/G5cw+K8EYRXAPOyGgj13nrX+yMhWgTdE=; b=Jfl1dnvDpzgo2cbrdixxax173S9DYqGEsHZBg14ktA8RJHAqbJjpfvj5 Qk9+heRQEwTckNUAFT0rm/CN+yV1kD2bhh7ujaogKz2I9QIGFSIwpiM6y 1lWJSGIrQakbGVsthi6SlVbmpqucly2IPqVCNS5Ont53uJnVc9Eh6Or68 cjWA8ljFqJx/8qi+lFKNv2ifVuU657Rh7Lg1aE28+z0KkPMpzyDEpWHhE ldw55dcZJMb7WvSm/BJJ0JlGrN7Sv7jH+rUONbmLGJAqnoEIvi6+75Cu+ wFTOjaO6/iz5IVJfYQxQUMwOsRoT8k2y+VTa4IVfddA3TS8WDgGo7Bibz w==; X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="310393552" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="310393552" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="606066134" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="606066134" Received: from mechevar-mobl.amr.corp.intel.com (HELO mjmartin-desk2.intel.com) ([10.209.66.63]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 From: Mat Martineau To: stable@vger.kernel.org, gregkh@linuxfoundation.org Cc: Florian Westphal , matthieu.baerts@tessares.net, pabeni@redhat.com, mptcp@lists.linux.dev, Mat Martineau , Jakub Kicinski Subject: [PATCH 5.10 1/4] mptcp: mark ops structures as ro_after_init Date: Fri, 6 Jan 2023 17:46:28 -0800 Message-Id: <20230107014631.449550-2-mathew.j.martineau@linux.intel.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> References: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Florian Westphal commit 51fa7f8ebf0e25c7a9039fa3988a623d5f3855aa upstream. These structures are initialised from the init hooks, so we can't make them 'const'. But no writes occur afterwards, so we can use ro_after_init. Also, remove bogus EXPORT_SYMBOL, the only access comes from ip stack, not from kernel modules. Cc: stable@vger.kernel.org # 5.10 Signed-off-by: Florian Westphal Signed-off-by: Mat Martineau Signed-off-by: Jakub Kicinski --- net/mptcp/subflow.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 2e9238490924..61919e2499e7 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -360,8 +360,7 @@ static void subflow_finish_connect(struct sock *sk, con= st struct sk_buff *skb) } =20 struct request_sock_ops mptcp_subflow_request_sock_ops; -EXPORT_SYMBOL_GPL(mptcp_subflow_request_sock_ops); -static struct tcp_request_sock_ops subflow_request_sock_ipv4_ops; +static struct tcp_request_sock_ops subflow_request_sock_ipv4_ops __ro_afte= r_init; =20 static int subflow_v4_conn_request(struct sock *sk, struct sk_buff *skb) { @@ -382,9 +381,9 @@ static int subflow_v4_conn_request(struct sock *sk, str= uct sk_buff *skb) } =20 #if IS_ENABLED(CONFIG_MPTCP_IPV6) -static struct tcp_request_sock_ops subflow_request_sock_ipv6_ops; -static struct inet_connection_sock_af_ops subflow_v6_specific; -static struct inet_connection_sock_af_ops subflow_v6m_specific; +static struct tcp_request_sock_ops subflow_request_sock_ipv6_ops __ro_afte= r_init; +static struct inet_connection_sock_af_ops subflow_v6_specific __ro_after_i= nit; +static struct inet_connection_sock_af_ops subflow_v6m_specific __ro_after_= init; =20 static int subflow_v6_conn_request(struct sock *sk, struct sk_buff *skb) { @@ -636,7 +635,7 @@ static struct sock *subflow_syn_recv_sock(const struct = sock *sk, return child; } =20 -static struct inet_connection_sock_af_ops subflow_specific; +static struct inet_connection_sock_af_ops subflow_specific __ro_after_init; =20 enum mapping_status { MAPPING_OK, @@ -1017,7 +1016,7 @@ static void subflow_write_space(struct sock *sk) } } =20 -static struct inet_connection_sock_af_ops * +static const struct inet_connection_sock_af_ops * subflow_default_af_ops(struct sock *sk) { #if IS_ENABLED(CONFIG_MPTCP_IPV6) @@ -1032,7 +1031,7 @@ void mptcpv6_handle_mapped(struct sock *sk, bool mapp= ed) { struct mptcp_subflow_context *subflow =3D mptcp_subflow_ctx(sk); struct inet_connection_sock *icsk =3D inet_csk(sk); - struct inet_connection_sock_af_ops *target; + const struct inet_connection_sock_af_ops *target; =20 target =3D mapped ? &subflow_v6m_specific : subflow_default_af_ops(sk); =20 --=20 2.39.0 From nobody Thu Apr 25 10:22:31 2024 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8803710F1 for ; Sat, 7 Jan 2023 01:46:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1673056004; x=1704592004; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=LaWSAGD1LoOBS5f/EQBtGcxsZ/H1Mi/K5mfqwVKmmaU=; b=g8Ittf4RpBSVZdPJHu9pfksJxmh3xJelNRx7witIEgEprYGlEeoUHv0H 5JP3qNUD5kAscyyp++rEEtOEjgbW7yjW08+J9kTx5b3saZocVXMng6Sih vT3Ww6uPwrttlI8zmWJI37p/+4yOrOYgzu7xiaPWwDHLh0TrhW8AgPVZU WlZr+pj3OfZGbJyXAs9UOS0g4ZoM24jqL/e/UVlUp9h9+gEAF123gDU8G sW+8lsceXUsbem8hcZTjK1XahRRjfT4sJZ8z94dwgvb7Fd+lgUFFLhORG 4tWoogck+ZVq20PbbV+bjAaD6Go8DQf5sD+9lxZ8CrSmpIeSsUI7tvfuU g==; X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="310393559" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="310393559" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="606066135" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="606066135" Received: from mechevar-mobl.amr.corp.intel.com (HELO mjmartin-desk2.intel.com) ([10.209.66.63]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 From: Mat Martineau To: stable@vger.kernel.org, gregkh@linuxfoundation.org Cc: Matthieu Baerts , pabeni@redhat.com, mptcp@lists.linux.dev, Mat Martineau , Jakub Kicinski Subject: [PATCH 5.10 2/4] mptcp: remove MPTCP 'ifdef' in TCP SYN cookies Date: Fri, 6 Jan 2023 17:46:29 -0800 Message-Id: <20230107014631.449550-3-mathew.j.martineau@linux.intel.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> References: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Matthieu Baerts commit 3fff88186f047627bb128d65155f42517f8e448f upstream. To ease the maintenance, it is often recommended to avoid having #ifdef preprocessor conditions. Here the section related to CONFIG_MPTCP was quite short but the next commit needs to add more code around. It is then cleaner to move specific MPTCP code to functions located in net/mptcp directory. Now that mptcp_subflow_request_sock_ops structure can be static, it can also be marked as "read only after init". Suggested-by: Paolo Abeni Reviewed-by: Mat Martineau Cc: stable@vger.kernel.org # 5.10 Signed-off-by: Matthieu Baerts Signed-off-by: Mat Martineau Signed-off-by: Jakub Kicinski --- include/net/mptcp.h | 12 ++++++++++-- net/ipv4/syncookies.c | 7 +++---- net/mptcp/subflow.c | 12 +++++++++++- 3 files changed, 24 insertions(+), 7 deletions(-) diff --git a/include/net/mptcp.h b/include/net/mptcp.h index 753ba7e755d6..3e529d8fce73 100644 --- a/include/net/mptcp.h +++ b/include/net/mptcp.h @@ -58,8 +58,6 @@ struct mptcp_out_options { }; =20 #ifdef CONFIG_MPTCP -extern struct request_sock_ops mptcp_subflow_request_sock_ops; - void mptcp_init(void); =20 static inline bool sk_is_mptcp(const struct sock *sk) @@ -133,6 +131,9 @@ void mptcp_seq_show(struct seq_file *seq); int mptcp_subflow_init_cookie_req(struct request_sock *req, const struct sock *sk_listener, struct sk_buff *skb); +struct request_sock *mptcp_subflow_reqsk_alloc(const struct request_sock_o= ps *ops, + struct sock *sk_listener, + bool attach_listener); #else =20 static inline void mptcp_init(void) @@ -208,6 +209,13 @@ static inline int mptcp_subflow_init_cookie_req(struct= request_sock *req, { return 0; /* TCP fallback */ } + +static inline struct request_sock *mptcp_subflow_reqsk_alloc(const struct = request_sock_ops *ops, + struct sock *sk_listener, + bool attach_listener) +{ + return NULL; +} #endif /* CONFIG_MPTCP */ =20 #if IS_ENABLED(CONFIG_MPTCP_IPV6) diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index 41afc9155f31..542b66783493 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c @@ -290,12 +290,11 @@ struct request_sock *cookie_tcp_reqsk_alloc(const str= uct request_sock_ops *ops, struct tcp_request_sock *treq; struct request_sock *req; =20 -#ifdef CONFIG_MPTCP if (sk_is_mptcp(sk)) - ops =3D &mptcp_subflow_request_sock_ops; -#endif + req =3D mptcp_subflow_reqsk_alloc(ops, sk, false); + else + req =3D inet_reqsk_alloc(ops, sk, false); =20 - req =3D inet_reqsk_alloc(ops, sk, false); if (!req) return NULL; =20 diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 61919e2499e7..6a149da3a4d9 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -359,7 +359,7 @@ static void subflow_finish_connect(struct sock *sk, con= st struct sk_buff *skb) mptcp_subflow_reset(sk); } =20 -struct request_sock_ops mptcp_subflow_request_sock_ops; +static struct request_sock_ops mptcp_subflow_request_sock_ops __ro_after_i= nit; static struct tcp_request_sock_ops subflow_request_sock_ipv4_ops __ro_afte= r_init; =20 static int subflow_v4_conn_request(struct sock *sk, struct sk_buff *skb) @@ -411,6 +411,16 @@ static int subflow_v6_conn_request(struct sock *sk, st= ruct sk_buff *skb) } #endif =20 +struct request_sock *mptcp_subflow_reqsk_alloc(const struct request_sock_o= ps *ops, + struct sock *sk_listener, + bool attach_listener) +{ + ops =3D &mptcp_subflow_request_sock_ops; + + return inet_reqsk_alloc(ops, sk_listener, attach_listener); +} +EXPORT_SYMBOL(mptcp_subflow_reqsk_alloc); + /* validate hmac received in third ACK */ static bool subflow_hmac_valid(const struct request_sock *req, const struct mptcp_options_received *mp_opt) --=20 2.39.0 From nobody Thu Apr 25 10:22:31 2024 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA41110E5 for ; Sat, 7 Jan 2023 01:46:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1673056005; x=1704592005; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=vULxWwVRDgnvzYBZ2L11ip8/FVYRgdfua/ajv/Vehgg=; b=GoGQau9BsJPOhYNM/9fKbzYmaxopzJazM8ivPaw363ybB0oFh2VhsKAd johvx3cQ+RDCS4LqC97BjyqH/4hIESuF0Faa5/xhMScVRylVqYkSWw2FS e0hmHjXn9zwhcxBlR5IzecSChqQb7b8mHHXqetGzn2cEpmWDmw6f/r3J2 UxUbm3skD31+iA7fh4yWLViLBq/ae15V2JwdFywUNhq3FKWDsvOZXUWNs 9G69LBHH2hbRVTpOW5Cpn6Dv7isqHamDV5eYLiV+IVbzP30/FD9PvoscE JmHlR7FiGoT33TDT7vEZP8Bm+hcif8oscJHQOLnhBXW/q+nQhGP86f+OG A==; X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="310393565" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="310393565" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="606066136" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="606066136" Received: from mechevar-mobl.amr.corp.intel.com (HELO mjmartin-desk2.intel.com) ([10.209.66.63]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 From: Mat Martineau To: stable@vger.kernel.org, gregkh@linuxfoundation.org Cc: Matthieu Baerts , pabeni@redhat.com, mptcp@lists.linux.dev, Mat Martineau , Jakub Kicinski Subject: [PATCH 5.10 3/4] mptcp: dedicated request sock for subflow in v6 Date: Fri, 6 Jan 2023 17:46:30 -0800 Message-Id: <20230107014631.449550-4-mathew.j.martineau@linux.intel.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> References: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Matthieu Baerts commit 34b21d1ddc8ace77a8fa35c1b1e06377209e0dae upstream. tcp_request_sock_ops structure is specific to IPv4. It should then not be used with MPTCP subflows on top of IPv6. For example, it contains the 'family' field, initialised to AF_INET. This 'family' field is used by TCP FastOpen code to generate the cookie but also by TCP Metrics, SELinux and SYN Cookies. Using the wrong family will not lead to crashes but displaying/using/checking wrong things. Note that 'send_reset' callback from request_sock_ops structure is used in some error paths. It is then also important to use the correct one for IPv4 or IPv6. The slab name can also be different in IPv4 and IPv6, it will be used when printing some log messages. The slab pointer will anyway be the same because the object size is the same for both v4 and v6. A BUILD_BUG_ON() has also been added to make sure this size is the same. Fixes: cec37a6e41aa ("mptcp: Handle MP_CAPABLE options for outgoing connect= ions") Reviewed-by: Mat Martineau Cc: stable@vger.kernel.org # 5.10 Signed-off-by: Matthieu Baerts Signed-off-by: Mat Martineau Signed-off-by: Jakub Kicinski --- net/mptcp/subflow.c | 34 ++++++++++++++++++++++++++-------- 1 file changed, 26 insertions(+), 8 deletions(-) diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 6a149da3a4d9..aeb723b38ced 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -359,7 +359,7 @@ static void subflow_finish_connect(struct sock *sk, con= st struct sk_buff *skb) mptcp_subflow_reset(sk); } =20 -static struct request_sock_ops mptcp_subflow_request_sock_ops __ro_after_i= nit; +static struct request_sock_ops mptcp_subflow_v4_request_sock_ops __ro_afte= r_init; static struct tcp_request_sock_ops subflow_request_sock_ipv4_ops __ro_afte= r_init; =20 static int subflow_v4_conn_request(struct sock *sk, struct sk_buff *skb) @@ -372,7 +372,7 @@ static int subflow_v4_conn_request(struct sock *sk, str= uct sk_buff *skb) if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) goto drop; =20 - return tcp_conn_request(&mptcp_subflow_request_sock_ops, + return tcp_conn_request(&mptcp_subflow_v4_request_sock_ops, &subflow_request_sock_ipv4_ops, sk, skb); drop: @@ -381,6 +381,7 @@ static int subflow_v4_conn_request(struct sock *sk, str= uct sk_buff *skb) } =20 #if IS_ENABLED(CONFIG_MPTCP_IPV6) +static struct request_sock_ops mptcp_subflow_v6_request_sock_ops __ro_afte= r_init; static struct tcp_request_sock_ops subflow_request_sock_ipv6_ops __ro_afte= r_init; static struct inet_connection_sock_af_ops subflow_v6_specific __ro_after_i= nit; static struct inet_connection_sock_af_ops subflow_v6m_specific __ro_after_= init; @@ -402,7 +403,7 @@ static int subflow_v6_conn_request(struct sock *sk, str= uct sk_buff *skb) return 0; } =20 - return tcp_conn_request(&mptcp_subflow_request_sock_ops, + return tcp_conn_request(&mptcp_subflow_v6_request_sock_ops, &subflow_request_sock_ipv6_ops, sk, skb); =20 drop: @@ -415,7 +416,12 @@ struct request_sock *mptcp_subflow_reqsk_alloc(const s= truct request_sock_ops *op struct sock *sk_listener, bool attach_listener) { - ops =3D &mptcp_subflow_request_sock_ops; + if (ops->family =3D=3D AF_INET) + ops =3D &mptcp_subflow_v4_request_sock_ops; +#if IS_ENABLED(CONFIG_MPTCP_IPV6) + else if (ops->family =3D=3D AF_INET6) + ops =3D &mptcp_subflow_v6_request_sock_ops; +#endif =20 return inet_reqsk_alloc(ops, sk_listener, attach_listener); } @@ -1386,7 +1392,6 @@ static struct tcp_ulp_ops subflow_ulp_ops __read_most= ly =3D { static int subflow_ops_init(struct request_sock_ops *subflow_ops) { subflow_ops->obj_size =3D sizeof(struct mptcp_subflow_request_sock); - subflow_ops->slab_name =3D "request_sock_subflow"; =20 subflow_ops->slab =3D kmem_cache_create(subflow_ops->slab_name, subflow_ops->obj_size, 0, @@ -1403,9 +1408,10 @@ static int subflow_ops_init(struct request_sock_ops = *subflow_ops) =20 void __init mptcp_subflow_init(void) { - mptcp_subflow_request_sock_ops =3D tcp_request_sock_ops; - if (subflow_ops_init(&mptcp_subflow_request_sock_ops) !=3D 0) - panic("MPTCP: failed to init subflow request sock ops\n"); + mptcp_subflow_v4_request_sock_ops =3D tcp_request_sock_ops; + mptcp_subflow_v4_request_sock_ops.slab_name =3D "request_sock_subflow_v4"; + if (subflow_ops_init(&mptcp_subflow_v4_request_sock_ops) !=3D 0) + panic("MPTCP: failed to init subflow v4 request sock ops\n"); =20 subflow_request_sock_ipv4_ops =3D tcp_request_sock_ipv4_ops; subflow_request_sock_ipv4_ops.init_req =3D subflow_v4_init_req; @@ -1416,6 +1422,18 @@ void __init mptcp_subflow_init(void) subflow_specific.sk_rx_dst_set =3D subflow_finish_connect; =20 #if IS_ENABLED(CONFIG_MPTCP_IPV6) + /* In struct mptcp_subflow_request_sock, we assume the TCP request sock + * structures for v4 and v6 have the same size. It should not changed in + * the future but better to make sure to be warned if it is no longer + * the case. + */ + BUILD_BUG_ON(sizeof(struct tcp_request_sock) !=3D sizeof(struct tcp6_requ= est_sock)); + + mptcp_subflow_v6_request_sock_ops =3D tcp6_request_sock_ops; + mptcp_subflow_v6_request_sock_ops.slab_name =3D "request_sock_subflow_v6"; + if (subflow_ops_init(&mptcp_subflow_v6_request_sock_ops) !=3D 0) + panic("MPTCP: failed to init subflow v6 request sock ops\n"); + subflow_request_sock_ipv6_ops =3D tcp_request_sock_ipv6_ops; subflow_request_sock_ipv6_ops.init_req =3D subflow_v6_init_req; =20 --=20 2.39.0 From nobody Thu Apr 25 10:22:31 2024 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 28E7B10F7 for ; Sat, 7 Jan 2023 01:46:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1673056006; x=1704592006; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=rRK4qVuzy0Id0xZgzO8hfEU1b1UXL/05oFAKMiQXlsU=; b=bRRSQZ7KscVn9iTNSdNfECggCe0mkOFW4cgGDWotDFKw8RxcnZk2S3Nu yd7TBcBBsA4RBzMUIljYnSx0mk/snSBkUtPa+tfmDiE97mnI5MWAc9PAw CBli7XEBLjH4c1YhSvuJdj17wc7W1wihLiL8Th5nOBTtGSJ40lUWUtAnr 2cXw7Q83EOUoeRzLGyhyxSC0cZWD97NU3/F7vnV3FBCRSx3JfcSF5WXZi xGjmOJwVd5ksqCKMvVNesTNM13ZdgNHE2yW8ODt0MGUt63Yct7qfpg6hq 7OTuRBzidJX2RIQtWQoB1DeBHrCNONyshrWzwUKRuff8JFjSeaqh1nJj8 w==; X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="310393571" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="310393571" Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 X-IronPort-AV: E=McAfee;i="6500,9779,10582"; a="606066137" X-IronPort-AV: E=Sophos;i="5.96,307,1665471600"; d="scan'208";a="606066137" Received: from mechevar-mobl.amr.corp.intel.com (HELO mjmartin-desk2.intel.com) ([10.209.66.63]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Jan 2023 17:46:42 -0800 From: Mat Martineau To: stable@vger.kernel.org, gregkh@linuxfoundation.org Cc: Matthieu Baerts , pabeni@redhat.com, mptcp@lists.linux.dev, Mat Martineau , Jakub Kicinski Subject: [PATCH 5.10 4/4] mptcp: use proper req destructor for IPv6 Date: Fri, 6 Jan 2023 17:46:31 -0800 Message-Id: <20230107014631.449550-5-mathew.j.martineau@linux.intel.com> X-Mailer: git-send-email 2.39.0 In-Reply-To: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> References: <20230107014631.449550-1-mathew.j.martineau@linux.intel.com> Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Matthieu Baerts commit d3295fee3c756ece33ac0d935e172e68c0a4161b upstream. Before, only the destructor from TCP request sock in IPv4 was called even if the subflow was IPv6. It is important to use the right destructor to avoid memory leaks with some advanced IPv6 features, e.g. when the request socks contain specific IPv6 options. Fixes: 79c0949e9a09 ("mptcp: Add key generation and token tree") Reviewed-by: Mat Martineau Cc: stable@vger.kernel.org # 5.10 Signed-off-by: Matthieu Baerts Signed-off-by: Mat Martineau Signed-off-by: Jakub Kicinski --- net/mptcp/subflow.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index aeb723b38ced..3b154ad4945c 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -40,7 +40,6 @@ static void subflow_req_destructor(struct request_sock *r= eq) sock_put((struct sock *)subflow_req->msk); =20 mptcp_token_destroy_request(req); - tcp_request_sock_ops.destructor(req); } =20 static void subflow_generate_hmac(u64 key1, u64 key2, u32 nonce1, u32 nonc= e2, @@ -380,6 +379,12 @@ static int subflow_v4_conn_request(struct sock *sk, st= ruct sk_buff *skb) return 0; } =20 +static void subflow_v4_req_destructor(struct request_sock *req) +{ + subflow_req_destructor(req); + tcp_request_sock_ops.destructor(req); +} + #if IS_ENABLED(CONFIG_MPTCP_IPV6) static struct request_sock_ops mptcp_subflow_v6_request_sock_ops __ro_afte= r_init; static struct tcp_request_sock_ops subflow_request_sock_ipv6_ops __ro_afte= r_init; @@ -410,6 +415,12 @@ static int subflow_v6_conn_request(struct sock *sk, st= ruct sk_buff *skb) tcp_listendrop(sk); return 0; /* don't send reset */ } + +static void subflow_v6_req_destructor(struct request_sock *req) +{ + subflow_req_destructor(req); + tcp6_request_sock_ops.destructor(req); +} #endif =20 struct request_sock *mptcp_subflow_reqsk_alloc(const struct request_sock_o= ps *ops, @@ -1401,8 +1412,6 @@ static int subflow_ops_init(struct request_sock_ops *= subflow_ops) if (!subflow_ops->slab) return -ENOMEM; =20 - subflow_ops->destructor =3D subflow_req_destructor; - return 0; } =20 @@ -1410,6 +1419,8 @@ void __init mptcp_subflow_init(void) { mptcp_subflow_v4_request_sock_ops =3D tcp_request_sock_ops; mptcp_subflow_v4_request_sock_ops.slab_name =3D "request_sock_subflow_v4"; + mptcp_subflow_v4_request_sock_ops.destructor =3D subflow_v4_req_destructo= r; + if (subflow_ops_init(&mptcp_subflow_v4_request_sock_ops) !=3D 0) panic("MPTCP: failed to init subflow v4 request sock ops\n"); =20 @@ -1431,6 +1442,8 @@ void __init mptcp_subflow_init(void) =20 mptcp_subflow_v6_request_sock_ops =3D tcp6_request_sock_ops; mptcp_subflow_v6_request_sock_ops.slab_name =3D "request_sock_subflow_v6"; + mptcp_subflow_v6_request_sock_ops.destructor =3D subflow_v6_req_destructo= r; + if (subflow_ops_init(&mptcp_subflow_v6_request_sock_ops) !=3D 0) panic("MPTCP: failed to init subflow v6 request sock ops\n"); =20 --=20 2.39.0