The initial subflow might have already been closed, but still in the
connection list. When the worker is instructed to close the subflows
that have been marked as closed, it might then try to close the initial
subflow again.

 A consequence of that is that the SUB_CLOSED event can be seen twice:

  # ip mptcp endpoint
  1.1.1.1 id 1 subflow dev eth0
  2.2.2.2 id 2 subflow dev eth1

  # ip mptcp monitor &
  [         CREATED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
  [     ESTABLISHED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
  [  SF_ESTABLISHED] remid=0 locid=2 saddr4=2.2.2.2 daddr4=9.9.9.9

  # ip mptcp endpoint delete id 1
  [       SF_CLOSED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
  [       SF_CLOSED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9

The first one is coming from mptcp_pm_nl_rm_subflow_received(), and the
second one from __mptcp_close_subflow().

To avoid doing the post-closed processing twice, the subflow is now
marked as closed the first time.

Note that it is not enough to check if we are dealing with the first
subflow and check its sk_state: the subflow might have been reset or
closed before calling mptcp_close_ssk().

Fixes: b911c97c7dc7 ("mptcp: add netlink event support")
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
---
 net/mptcp/protocol.c | 6 ++++++
 net/mptcp/protocol.h | 3 ++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 13777c35496c..9d6ef94ca6ee 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -2508,6 +2508,12 @@ static void __mptcp_close_ssk(struct sock *sk, struct sock *ssk,
 void mptcp_close_ssk(struct sock *sk, struct sock *ssk,
 		     struct mptcp_subflow_context *subflow)
 {
+	/* The first subflow can already be closed and still in the list */
+	if (subflow->closed)
+		return;
+
+	subflow->closed = true;
+
 	if (sk->sk_state == TCP_ESTABLISHED)
 		mptcp_event(MPTCP_EVENT_SUB_CLOSED, mptcp_sk(sk), ssk, GFP_KERNEL);
 
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 22b7eff311f5..ce15e7db464b 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -530,7 +530,8 @@ struct mptcp_subflow_context {
 		stale : 1,	    /* unable to snd/rcv data, do not use for xmit */
 		valid_csum_seen : 1,        /* at least one csum validated */
 		is_mptfo : 1,	    /* subflow is doing TFO */
-		__unused : 10;
+		closed : 1,	    /* has done the post-closed part */
+		__unused : 9;
 	bool	data_avail;
 	bool	scheduled;
 	u32	remote_nonce;

-- 
2.45.2

On Fri, 16 Aug 2024, Matthieu Baerts (NGI0) wrote:

> The initial subflow might have already been closed, but still in the
> connection list. When the worker is instructed to close the subflows
> that have been marked as closed, it might then try to close the initial
> subflow again.
>
> A consequence of that is that the SUB_CLOSED event can be seen twice:
>
>  # ip mptcp endpoint
>  1.1.1.1 id 1 subflow dev eth0
>  2.2.2.2 id 2 subflow dev eth1
>
>  # ip mptcp monitor &
>  [         CREATED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>  [     ESTABLISHED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>  [  SF_ESTABLISHED] remid=0 locid=2 saddr4=2.2.2.2 daddr4=9.9.9.9
>
>  # ip mptcp endpoint delete id 1
>  [       SF_CLOSED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>  [       SF_CLOSED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>
> The first one is coming from mptcp_pm_nl_rm_subflow_received(), and the
> second one from __mptcp_close_subflow().
>
> To avoid doing the post-closed processing twice, the subflow is now
> marked as closed the first time.
>
> Note that it is not enough to check if we are dealing with the first
> subflow and check its sk_state: the subflow might have been reset or
> closed before calling mptcp_close_ssk().
>
> Fixes: b911c97c7dc7 ("mptcp: add netlink event support")
> Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
> ---
> net/mptcp/protocol.c | 6 ++++++
> net/mptcp/protocol.h | 3 ++-
> 2 files changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
> index 13777c35496c..9d6ef94ca6ee 100644
> --- a/net/mptcp/protocol.c
> +++ b/net/mptcp/protocol.c
> @@ -2508,6 +2508,12 @@ static void __mptcp_close_ssk(struct sock *sk, struct sock *ssk,
> void mptcp_close_ssk(struct sock *sk, struct sock *ssk,
> 		     struct mptcp_subflow_context *subflow)
> {
> +	/* The first subflow can already be closed and still in the list */
> +	if (subflow->closed)
> +		return;
> +
> +	subflow->closed = true;
> +
> 	if (sk->sk_state == TCP_ESTABLISHED)
> 		mptcp_event(MPTCP_EVENT_SUB_CLOSED, mptcp_sk(sk), ssk, GFP_KERNEL);
>
> diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
> index 22b7eff311f5..ce15e7db464b 100644
> --- a/net/mptcp/protocol.h
> +++ b/net/mptcp/protocol.h
> @@ -530,7 +530,8 @@ struct mptcp_subflow_context {
> 		stale : 1,	    /* unable to snd/rcv data, do not use for xmit */
> 		valid_csum_seen : 1,        /* at least one csum validated */
> 		is_mptfo : 1,	    /* subflow is doing TFO */
> -		__unused : 10;
> +		closed : 1,	    /* has done the post-closed part */

Matthieu -

One small naming request, I think something like close_event_done would be 
better so this flag doesn't get misused in the future.

Thanks,

Mat


> +		__unused : 9;
> 	bool	data_avail;
> 	bool	scheduled;
> 	u32	remote_nonce;
>
> -- 
> 2.45.2
>
>
>

Hi Mat,

On 24/08/2024 02:44, Mat Martineau wrote:
> On Fri, 16 Aug 2024, Matthieu Baerts (NGI0) wrote:
> 
>> The initial subflow might have already been closed, but still in the
>> connection list. When the worker is instructed to close the subflows
>> that have been marked as closed, it might then try to close the initial
>> subflow again.

(...)

>> diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
>> index 22b7eff311f5..ce15e7db464b 100644
>> --- a/net/mptcp/protocol.h
>> +++ b/net/mptcp/protocol.h
>> @@ -530,7 +530,8 @@ struct mptcp_subflow_context {
>>         stale : 1,        /* unable to snd/rcv data, do not use for
>> xmit */
>>         valid_csum_seen : 1,        /* at least one csum validated */
>>         is_mptfo : 1,        /* subflow is doing TFO */
>> -        __unused : 10;
>> +        closed : 1,        /* has done the post-closed part */
> 
> One small naming request, I think something like close_event_done would
> be better so this flag doesn't get misused in the future.

Good idea, I'm going to change that when applying the series.

Cheers,
Matt
-- 
Sponsored by the NGI0 Core fund.

On 24/08/2024 13:44, Matthieu Baerts wrote:
> On 24/08/2024 02:44, Mat Martineau wrote:
>> On Fri, 16 Aug 2024, Matthieu Baerts (NGI0) wrote:
>>
>>> The initial subflow might have already been closed, but still in the
>>> connection list. When the worker is instructed to close the subflows
>>> that have been marked as closed, it might then try to close the initial
>>> subflow again.
> 
> (...)
> 
>>> diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
>>> index 22b7eff311f5..ce15e7db464b 100644
>>> --- a/net/mptcp/protocol.h
>>> +++ b/net/mptcp/protocol.h
>>> @@ -530,7 +530,8 @@ struct mptcp_subflow_context {
>>>         stale : 1,        /* unable to snd/rcv data, do not use for
>>> xmit */
>>>         valid_csum_seen : 1,        /* at least one csum validated */
>>>         is_mptfo : 1,        /* subflow is doing TFO */
>>> -        __unused : 10;
>>> +        closed : 1,        /* has done the post-closed part */
>>
>> One small naming request, I think something like close_event_done would
>> be better so this flag doesn't get misused in the future.
> 
> Good idea, I'm going to change that when applying the series.

Or just after :)

New patches for t/upstream-net and t/upstream:
- 3138fa0a53c0: Squash to "mptcp: avoid duplicated SUB_CLOSED events"
- Results: bbc47d79e5c3..77bc31f37f6d (export-net)
- Results: 07b49b0ab9d5..07b49b0ab9d5 (export)

Tests are now in progress:

- export-net:
https://github.com/multipath-tcp/mptcp_net-next/commit/e5ce71220ca9cd3ae413de9bf6b0f587fce9e94f/checks
- export:
https://github.com/multipath-tcp/mptcp_net-next/commit/d11a08bb27165964dbd97048bfad3b89f47fb355/checks

Cheers,
Matt
-- 
Sponsored by the NGI0 Core fund.

On 16/08/2024 14:02, Matthieu Baerts (NGI0) wrote:
> The initial subflow might have already been closed, but still in the
> connection list. When the worker is instructed to close the subflows
> that have been marked as closed, it might then try to close the initial
> subflow again.
> 
>   A consequence of that is that the SUB_CLOSED event can be seen twice:
> 
>    # ip mptcp endpoint
>    1.1.1.1 id 1 subflow dev eth0
>    2.2.2.2 id 2 subflow dev eth1
> 
>    # ip mptcp monitor &
>    [         CREATED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>    [     ESTABLISHED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>    [  SF_ESTABLISHED] remid=0 locid=2 saddr4=2.2.2.2 daddr4=9.9.9.9
> 
>    # ip mptcp endpoint delete id 1
>    [       SF_CLOSED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
>    [       SF_CLOSED] remid=0 locid=0 saddr4=1.1.1.1 daddr4=9.9.9.9
> 
> The first one is coming from mptcp_pm_nl_rm_subflow_received(), and the
> second one from __mptcp_close_subflow().
> 
> To avoid doing the post-closed processing twice, the subflow is now
> marked as closed the first time.
> 
> Note that it is not enough to check if we are dealing with the first
> subflow and check its sk_state: the subflow might have been reset or
> closed before calling mptcp_close_ssk().
> 
> Fixes: b911c97c7dc7 ("mptcp: add netlink event support")
> Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>

Tested-by: Arınç ÜNAL <arinc.unal@arinc9.com>

Arınç