From nobody Sun May 5 05:58:06 2024 Delivered-To: wpasupplicant.patchew@gmail.com Received: by 2002:ab0:35eb:0:0:0:0:0 with SMTP id w11csp1807238uau; Mon, 27 Jun 2022 02:59:01 -0700 (PDT) X-Google-Smtp-Source: AGRyM1vtwuvrv7f8Pqd29RMXyreA9s0TvbaWguVjeB+nXQ/gNogiG19T3NuHwWA3qXRwyzt1zc4j X-Received: by 2002:a05:6a00:14c5:b0:525:3797:fd3b with SMTP id w5-20020a056a0014c500b005253797fd3bmr13531981pfu.27.1656323940870; Mon, 27 Jun 2022 02:59:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656323940; cv=none; d=google.com; s=arc-20160816; b=LSr5UlfO8CNqN8eEeNmdVjbxMIdumh6MrKqS2qNQuFxITXHJlHO4HN+DuTdEYeSBdj eM2XLQSxcGZC3b0JR6veyon5hiRmNgCkezQu42zDwbLhbTosmNedct8Qx5WOXdetnXBQ qRpncplQsRNOuEyY78/hFjxFACD5FWDBuweNGoC55s8oyozlpkXHBHOYyQSroWUQjB83 O88af+tFLVbWYdgj1dGxEdKnJcHm4rC5tLbsf2/Fqo8GuhnS+yS0zYHR+jnc5No+nHzd 44juP5y7sMmhVu4l5DWUZOpw4hewDvzF3P5R5504TqS0I3z1bhYRCb2Tl0+9NRPmsn2e cWuw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=QJIHIDe8qvUxSDwvrXVxSuiQfQ9jc6019RPqRJmD/iM=; b=YNQR7CCyKFLHKdlQGz5oMTw1Z1pN0AQwTEEZ1AhMDE5eMsRVkoti/YD42awfDijZsx qkkXCs02IQ9GFn6g8Wx7emAGfgSaUdlku8WQBWdhlMWGzFzCRRo+ZpPpNQMTlTxI1+lO eov6tYIe50z7yRAKYXD23VU9ihw6ftXvbBqw0nhbulJPhytWa4HVWw14rDIkWZ/oL+rZ XK0uBCm5wWLGHuinxOCskZQC+5XCzgs1a+tIycZ56t1IjCGV98jCgXtrdq40UNHjMVmM taoVZEh66YsWsloL2te5LBM1JlupLvnbjKKeM4DylMzJkMoAx7qSWz31Mb/gCwWDbzGz vZIg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=azY9wAEP; spf=pass (google.com: domain of mptcp+bounces-5828-wpasupplicant.patchew=gmail.com@lists.linux.dev designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="mptcp+bounces-5828-wpasupplicant.patchew=gmail.com@lists.linux.dev"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id p20-20020a1709028a9400b0016a613012a4si13184307plo.418.2022.06.27.02.59.00 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Mon, 27 Jun 2022 02:59:00 -0700 (PDT) Received-SPF: pass (google.com: domain of mptcp+bounces-5828-wpasupplicant.patchew=gmail.com@lists.linux.dev designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=azY9wAEP; spf=pass (google.com: domain of mptcp+bounces-5828-wpasupplicant.patchew=gmail.com@lists.linux.dev designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="mptcp+bounces-5828-wpasupplicant.patchew=gmail.com@lists.linux.dev"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id 2C1EC280C43 for ; Mon, 27 Jun 2022 09:59:00 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id DA4202598; Mon, 27 Jun 2022 09:58:58 +0000 (UTC) X-Original-To: mptcp@lists.linux.dev Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A9DAA2586 for ; Mon, 27 Jun 2022 09:58:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656323936; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=QJIHIDe8qvUxSDwvrXVxSuiQfQ9jc6019RPqRJmD/iM=; b=azY9wAEPqHdeYfYf9vrfMZqmlW7iL1mlrXnsyUe4ASNIcHUNqzDOnBOGu/+af1Vnl8yV6Y Z+pQpduSV8c+r8jff/hV4hwhIJQOhyfWGswiwKIKW57zFtbWLnuvpuWtlnX4n1BWYbebF/ abw8iQUIFz2rXEPcCg289E+KttRNfeU= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-42-h_SiL52QMuWrBWsExHUDsQ-1; Mon, 27 Jun 2022 05:58:55 -0400 X-MC-Unique: h_SiL52QMuWrBWsExHUDsQ-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B780C3815D3C; Mon, 27 Jun 2022 09:58:54 +0000 (UTC) Received: from gerbillo.redhat.com (unknown [10.39.193.148]) by smtp.corp.redhat.com (Postfix) with ESMTP id E5CA140F06D; Mon, 27 Jun 2022 09:58:53 +0000 (UTC) From: Paolo Abeni To: mptcp@lists.linux.dev Cc: Florian Westphal Subject: [PATCH mptcp-net] mptcp: fix locking in mptcp_nl_cmd_sf_destroy() Date: Mon, 27 Jun 2022 11:58:14 +0200 Message-Id: <886e059dc9096dcc9e1daa1eb1a07ec34d72aa74.1656323519.git.pabeni@redhat.com> Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.85 on 10.11.54.10 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=pabeni@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; x-default="true" The user-space PM subflow removal path uses a couple of helpers that must be called under the msk socket lock and the current code lacks such requirement. Change the existing lock scope so that the relevant code is under its protection. Fixes: d9a4594edabf ("mptcp: netlink: Add MPTCP_PM_CMD_REMOVE") Signed-off-by: Paolo Abeni Reviewed-by: Mat Martineau --- It should close issues/287, let's see what the CI says --- net/mptcp/pm_userspace.c | 19 ++++++------------- 1 file changed, 6 insertions(+), 13 deletions(-) diff --git a/net/mptcp/pm_userspace.c b/net/mptcp/pm_userspace.c index 3d1d365e9c6f..33be79f0e9c2 100644 --- a/net/mptcp/pm_userspace.c +++ b/net/mptcp/pm_userspace.c @@ -307,15 +307,11 @@ static struct sock *mptcp_nl_find_ssk(struct mptcp_so= ck *msk, const struct mptcp_addr_info *local, const struct mptcp_addr_info *remote) { - struct sock *sk =3D &msk->sk.icsk_inet.sk; struct mptcp_subflow_context *subflow; - struct sock *found =3D NULL; =20 if (local->family !=3D remote->family) return NULL; =20 - lock_sock(sk); - mptcp_for_each_subflow(msk, subflow) { const struct inet_sock *issk; struct sock *ssk; @@ -348,16 +344,11 @@ static struct sock *mptcp_nl_find_ssk(struct mptcp_so= ck *msk, } =20 if (issk->inet_sport =3D=3D local->port && - issk->inet_dport =3D=3D remote->port) { - found =3D ssk; - goto found; - } + issk->inet_dport =3D=3D remote->port) + return ssk; } =20 -found: - release_sock(sk); - - return found; + return NULL; } =20 int mptcp_nl_cmd_sf_destroy(struct sk_buff *skb, struct genl_info *info) @@ -413,6 +404,7 @@ int mptcp_nl_cmd_sf_destroy(struct sk_buff *skb, struct= genl_info *info) } =20 sk =3D &msk->sk.icsk_inet.sk; + lock_sock(sk); ssk =3D mptcp_nl_find_ssk(msk, &addr_l, &addr_r); if (ssk) { struct mptcp_subflow_context *subflow =3D mptcp_subflow_ctx(ssk); @@ -424,8 +416,9 @@ int mptcp_nl_cmd_sf_destroy(struct sk_buff *skb, struct= genl_info *info) } else { err =3D -ESRCH; } + release_sock(sk); =20 - destroy_err: +destroy_err: sock_put((struct sock *)msk); return err; } --=20 2.35.3