From nobody Thu Dec 26 22:41:28 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2DA6540BE9 for ; Mon, 5 Feb 2024 15:51:57 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.129.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148319; cv=none; b=N7j0F8I/VesHNvvfUoHuvupM6fjy2mguEy/t3yJtvGf9+aarxvQqbxS+rDFboY9Gr6tWWGBz39+bcgZTmJ62ssN+2RO7+ZibXYU3ZEd11KYIO8HtJFoFxeBMhpRY2vBPQphjE7KeU+JsrymnIAqOYQh5i6GhRaZQbaRGnmZMfUo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148319; c=relaxed/simple; bh=G3CKvM8wlK6AvhNlAFOQSSpGyZ9LdXN0sN141Ge73kE=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=uM1YoZGiwOugs+u0ehsVtty6XQ7ZqQUmSIRkMAltF7uw3XU8vq3j0fp9dsvB0IiI7nicP9JDoQVWnbW41yy+0vOwbX+rwUq2XAVe4jMZPeAg8Z/IvuPfrC1N7ZIBv1nWBcDJs+rFBkC0MtV6BW4LncNVnvSJsZ8X/Z72HDXgKCM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=DL3HLsfM; arc=none smtp.client-ip=170.10.129.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="DL3HLsfM" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707148316; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TUZIjyARMdM26P2VsgyKnw0h+VT5+V8rFaL40RPG22s=; b=DL3HLsfMk8ppb80BMW8aBf0TqRurYO/cE9R3blmtmmcZbZ3Tr7t0qwFooBdzxuNe71Ardc 3JzfiNB2Cgnj+pFi2XeQofapbIpukg4FXaUWLCokSLhCR/mFwMCFkUp8iX12z/xpCrzz5O XOtIsgUs7AV2FEmQOcudE7dqZXEiJzk= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-91-Jvw5a_5dMoOdwlJWdNMWmA-1; Mon, 05 Feb 2024 10:51:55 -0500 X-MC-Unique: Jvw5a_5dMoOdwlJWdNMWmA-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id EFDCF88F2EC for ; Mon, 5 Feb 2024 15:51:54 +0000 (UTC) Received: from gerbillo.redhat.com (unknown [10.45.225.229]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7F9933C2E for ; Mon, 5 Feb 2024 15:51:54 +0000 (UTC) From: Paolo Abeni To: mptcp@lists.linux.dev Subject: [PATCH mptcp-net 1/4] mptcp: fix lockless access in subflow ULP diag Date: Mon, 5 Feb 2024 16:51:39 +0100 Message-ID: <96f99278110c7ebd0ac401094b367f9bbdf5240f.1707144963.git.pabeni@redhat.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; x-default="true" Since the introduction of the subflow ULP diag interface, the dump callback accessed all the subflow data with lockless. We need either to annotate all the read and write operation accordingly, or acquire the subflow socket lock. Let's do latter, even if slower, to avoid a diffstat havoc. Fixes: 5147dfb50832 ("mptcp: allow dumping subflow context to userspace") Signed-off-by: Paolo Abeni --- note: tls ulp diag has likely the same issue. --- include/net/tcp.h | 2 +- net/mptcp/diag.c | 6 +++++- net/tls/tls_main.c | 2 +- 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/include/net/tcp.h b/include/net/tcp.h index 58e65af74ad1..33bf92dff0af 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -2551,7 +2551,7 @@ struct tcp_ulp_ops { /* cleanup ulp */ void (*release)(struct sock *sk); /* diagnostic */ - int (*get_info)(const struct sock *sk, struct sk_buff *skb); + int (*get_info)(struct sock *sk, struct sk_buff *skb); size_t (*get_info_size)(const struct sock *sk); /* clone ulp */ void (*clone)(const struct request_sock *req, struct sock *newsk, diff --git a/net/mptcp/diag.c b/net/mptcp/diag.c index a536586742f2..e57c5f47f035 100644 --- a/net/mptcp/diag.c +++ b/net/mptcp/diag.c @@ -13,17 +13,19 @@ #include #include "protocol.h" =20 -static int subflow_get_info(const struct sock *sk, struct sk_buff *skb) +static int subflow_get_info(struct sock *sk, struct sk_buff *skb) { struct mptcp_subflow_context *sf; struct nlattr *start; u32 flags =3D 0; + bool slow; int err; =20 start =3D nla_nest_start_noflag(skb, INET_ULP_INFO_MPTCP); if (!start) return -EMSGSIZE; =20 + slow =3D lock_sock_fast(sk); rcu_read_lock(); sf =3D rcu_dereference(inet_csk(sk)->icsk_ulp_data); if (!sf) { @@ -69,11 +71,13 @@ static int subflow_get_info(const struct sock *sk, stru= ct sk_buff *skb) } =20 rcu_read_unlock(); + unlock_sock_fast(sk, slow); nla_nest_end(skb, start); return 0; =20 nla_failure: rcu_read_unlock(); + unlock_sock_fast(sk, slow); nla_nest_cancel(skb, start); return err; } diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 1c2c6800949d..b4674f03d71a 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -1003,7 +1003,7 @@ static u16 tls_user_config(struct tls_context *ctx, b= ool tx) return 0; } =20 -static int tls_get_info(const struct sock *sk, struct sk_buff *skb) +static int tls_get_info(struct sock *sk, struct sk_buff *skb) { u16 version, cipher_type; struct tls_context *ctx; --=20 2.43.0 From nobody Thu Dec 26 22:41:28 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2DAD940BF4 for ; Mon, 5 Feb 2024 15:51:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148321; cv=none; b=TyC2mvQ3U+nbJyegGLlqRQx+IRulrW3HHgl0wzFdfWpI0kY48C4ObrEZgPTY4cto94ZSwG06/Fdapmx95Ijxq2jtFRUobSOvHxTeAAzLjtNqNazBtN6riHmAePL0FLxBbMfv9zHouDkqE3r1ETpASmujlsSW5WhcYf8QcD9FYMc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148321; c=relaxed/simple; bh=t7bRzGw8v9zjSo+6pymOrtk3Z7hKulBLXIt6KxoXE2k=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=pBUoNk2ZD58vVyxbOYDmUi72D5Zp4xDTwFhWIDNYW/DPPbV4VDYhcNCTR1qZ/IQMN21USFh+LxgiDWOUETwcaZM+DNNW4NSVYeDerFy0UBmJCCvOJAq15e1wHq9y4he7DniLAmVPA9KGbFbzWcnxabyBUFayyMTKHLhWd9zLkX4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=LkTyz60u; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="LkTyz60u" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707148317; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=jCZWWVpYMu8sxWHH5MJaVEICzHIhmk4cs70pZyJPklE=; b=LkTyz60u8NGW/FwZIUkbnDB6+igpF559ru7SLkeDJsR4mt8vTwl6ScXbFud5l8TGGtC1oe axZipCG87P4LQtGI0VHWWDRHl8qcziaWj35Wa0E42XGjNRHBoUFP+d02skEaAy1h1Kedvz 5e/fm3DkZU7vfdcQkbNbwT2U4rCYifs= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-602-ptZrIWgbMCSMneJRqGZlZQ-1; Mon, 05 Feb 2024 10:51:55 -0500 X-MC-Unique: ptZrIWgbMCSMneJRqGZlZQ-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B0E101C04332 for ; Mon, 5 Feb 2024 15:51:55 +0000 (UTC) Received: from gerbillo.redhat.com (unknown [10.45.225.229]) by smtp.corp.redhat.com (Postfix) with ESMTP id 409EF3C2E for ; Mon, 5 Feb 2024 15:51:55 +0000 (UTC) From: Paolo Abeni To: mptcp@lists.linux.dev Subject: [PATCH mptcp-net 2/4] mptcp: fix data races on local_id Date: Mon, 5 Feb 2024 16:51:40 +0100 Message-ID: <34c617cdc777aa32b1fa4ecc5c23784255f5fa56.1707144963.git.pabeni@redhat.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; x-default="true" The local address id is accessed lockless by the NL PM, add all the required ONCE annotation. There is a caveat: the local id can be initialized late in the subflow life-cycle, and its validity is controlled by the local_id_valid flag. Remove such flag and encode the validity in the local_id field itself with negative value before initialization. That allows accessing the field consistently with a single read operation. Fixes: 0ee4261a3681 ("mptcp: implement mptcp_pm_remove_subflow") Signed-off-by: Paolo Abeni --- net/mptcp/pm_netlink.c | 4 ++-- net/mptcp/protocol.c | 2 +- net/mptcp/protocol.h | 15 ++++++++++++--- net/mptcp/subflow.c | 9 +++++---- 4 files changed, 20 insertions(+), 10 deletions(-) diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index d9ad45959219..d1b984c9dc25 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -800,7 +800,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp= _sock *msk, mptcp_for_each_subflow_safe(msk, subflow, tmp) { struct sock *ssk =3D mptcp_subflow_tcp_sock(subflow); int how =3D RCV_SHUTDOWN | SEND_SHUTDOWN; - u8 id =3D subflow->local_id; + u8 id =3D subflow_get_local_id(subflow); =20 if (rm_type =3D=3D MPTCP_MIB_RMADDR && subflow->remote_id !=3D rm_id) continue; @@ -809,7 +809,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp= _sock *msk, =20 pr_debug(" -> %s rm_list_ids[%d]=3D%u local_id=3D%u remote_id=3D%u mpc_= id=3D%u", rm_type =3D=3D MPTCP_MIB_RMADDR ? "address" : "subflow", - i, rm_id, subflow->local_id, subflow->remote_id, + i, rm_id, id, subflow->remote_id, msk->mpc_endpoint_id); spin_unlock_bh(&msk->pm.lock); mptcp_subflow_shutdown(sk, ssk, how); diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index a8a94b34a51e..626fb4907381 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -85,7 +85,7 @@ static int __mptcp_socket_create(struct mptcp_sock *msk) subflow->subflow_id =3D msk->subflow_id++; =20 /* This is the first subflow, always with id 0 */ - subflow->local_id_valid =3D 1; + WRITE_ONCE(subflow->local_id, 0); mptcp_sock_graft(msk->first, sk->sk_socket); iput(SOCK_INODE(ssock)); =20 diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index de04b97e8dd1..9813de82bab8 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -493,10 +493,9 @@ struct mptcp_subflow_context { remote_key_valid : 1, /* received the peer key from */ disposable : 1, /* ctx can be free at ulp release time */ stale : 1, /* unable to snd/rcv data, do not use for xmit */ - local_id_valid : 1, /* local_id is correctly initialized */ valid_csum_seen : 1, /* at least one csum validated */ is_mptfo : 1, /* subflow is doing TFO */ - __unused : 9; + __unused : 10; bool data_avail; bool scheduled; u32 remote_nonce; @@ -507,7 +506,7 @@ struct mptcp_subflow_context { u8 hmac[MPTCPOPT_HMAC_LEN]; /* MPJ subflow only */ u64 iasn; /* initial ack sequence number, MPC subflows only */ }; - u8 local_id; + s16 local_id; /* if negative not initialized yet */ u8 remote_id; u8 reset_seen:1; u8 reset_transient:1; @@ -558,6 +557,7 @@ mptcp_subflow_ctx_reset(struct mptcp_subflow_context *s= ubflow) { memset(&subflow->reset, 0, sizeof(subflow->reset)); subflow->request_mptcp =3D 1; + WRITE_ONCE(subflow->local_id, -1); } =20 static inline u64 @@ -1064,6 +1064,15 @@ int mptcp_pm_get_local_id(struct mptcp_sock *msk, st= ruct sock_common *skc); int mptcp_pm_nl_get_local_id(struct mptcp_sock *msk, struct mptcp_addr_inf= o *skc); int mptcp_userspace_pm_get_local_id(struct mptcp_sock *msk, struct mptcp_a= ddr_info *skc); =20 +static inline int subflow_get_local_id(struct mptcp_subflow_context *subfl= ow) +{ + int local_id =3D READ_ONCE(subflow->local_id); + + if (local_id < 0) + return 0; + return local_id; +} + void __init mptcp_pm_nl_init(void); void mptcp_pm_nl_work(struct mptcp_sock *msk); void mptcp_pm_nl_rm_subflow_received(struct mptcp_sock *msk, diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 02dab0669cfc..068784d3e748 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -578,8 +578,8 @@ static void subflow_finish_connect(struct sock *sk, con= st struct sk_buff *skb) =20 static void subflow_set_local_id(struct mptcp_subflow_context *subflow, in= t local_id) { - subflow->local_id =3D local_id; - subflow->local_id_valid =3D 1; + WARN_ON_ONCE(local_id < 0 || local_id > 255); + WRITE_ONCE(subflow->local_id, local_id); } =20 static int subflow_chk_local_id(struct sock *sk) @@ -588,7 +588,7 @@ static int subflow_chk_local_id(struct sock *sk) struct mptcp_sock *msk =3D mptcp_sk(subflow->conn); int err; =20 - if (likely(subflow->local_id_valid)) + if (likely(subflow->local_id >=3D 0)) return 0; =20 err =3D mptcp_pm_get_local_id(msk, (struct sock_common *)sk); @@ -1733,6 +1733,7 @@ static struct mptcp_subflow_context *subflow_create_c= tx(struct sock *sk, pr_debug("subflow=3D%p", ctx); =20 ctx->tcp_sock =3D sk; + WRITE_ONCE(ctx->local_id, -1); =20 return ctx; } @@ -1968,7 +1969,7 @@ static void subflow_ulp_clone(const struct request_so= ck *req, new_ctx->idsn =3D subflow_req->idsn; =20 /* this is the first subflow, id is always 0 */ - new_ctx->local_id_valid =3D 1; + subflow_set_local_id(new_ctx, 0); } else if (subflow_req->mp_join) { new_ctx->ssn_offset =3D subflow_req->ssn_offset; new_ctx->mp_join =3D 1; --=20 2.43.0 From nobody Thu Dec 26 22:41:28 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 48FC940BE5 for ; Mon, 5 Feb 2024 15:51:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148320; cv=none; b=GNGwtg0MSbeQPiPWXhhSFbvcCFu2qUOJGP/8lQcfym1ZjLB27hrPFEtvfgaLU3zd1+FAu8D78tfN99j9auRqa0P5AcAHlNgQD98+vGbF9DMsPDZMTlXxt05u1MdXRwaNNEkKzhG4fdhi+5RGJ/2848J2TLkfgCHDKeos7NJnqVk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148320; c=relaxed/simple; bh=ulcqp5t2whr0QNpKFvWoYHxr8/PU3NxAxfWKa57rkYo=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=oeiYx5SO3rpMI3MVCMydpZQy7ocqdENgk9rjxCM7hfGmHwqg4UTlx+qJkvtpr0slGHAyhVqECbUahJ2P9h3iii1i0524R+o6v8IF6JX+dweFQYVI1nXChNd5PDuOxF02DzA/7d7ma1mBTU7NYB5zem75iSLRPY+lKxZ9Ja7aFg0= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=Zp6BdJFY; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="Zp6BdJFY" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707148318; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=liaJYtvApVInMCvwL6I+QC/u0NAnvPf9shC8ahwhmNE=; b=Zp6BdJFYAQK7IE8L7xj5Ss1Z3abfJs8OUptsMpmOoGBRPWs0TqVWUWIJgGUIY+fThwxAaO LFArJgzsZBwQVgTyucSnwboHuXveqhP/sa5xAoJTyO01JHCvAIGX88Y8bsgcUrZluUAtuX MmEPYFn5fVRKwf1Xy5ve70tWK17Gr6Q= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-576-PtIS33_dPEKjaX7pEAhm7w-1; Mon, 05 Feb 2024 10:51:56 -0500 X-MC-Unique: PtIS33_dPEKjaX7pEAhm7w-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 7207D881C80 for ; Mon, 5 Feb 2024 15:51:56 +0000 (UTC) Received: from gerbillo.redhat.com (unknown [10.45.225.229]) by smtp.corp.redhat.com (Postfix) with ESMTP id 018113C2E for ; Mon, 5 Feb 2024 15:51:55 +0000 (UTC) From: Paolo Abeni To: mptcp@lists.linux.dev Subject: [PATCH mptcp-net 3/4] mptcp: fix data races on remote_id Date: Mon, 5 Feb 2024 16:51:41 +0100 Message-ID: <7487c3a37301428f088edb73cab6d01e55049353.1707144963.git.pabeni@redhat.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; x-default="true" Similar to the previous patch, address the data race on remote_id, adding the suitable ONCE annotations. Fixes: bedee0b56113 ("mptcp: address lookup improvements") Signed-off-by: Paolo Abeni --- net/mptcp/pm_netlink.c | 8 ++++---- net/mptcp/subflow.c | 6 +++--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index d1b984c9dc25..066bc855365c 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -443,7 +443,7 @@ static unsigned int fill_remote_addresses_vec(struct mp= tcp_sock *msk, mptcp_for_each_subflow(msk, subflow) { ssk =3D mptcp_subflow_tcp_sock(subflow); remote_address((struct sock_common *)ssk, &addrs[i]); - addrs[i].id =3D subflow->remote_id; + addrs[i].id =3D READ_ONCE(subflow->remote_id); if (deny_id0 && !addrs[i].id) continue; =20 @@ -800,17 +800,17 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mpt= cp_sock *msk, mptcp_for_each_subflow_safe(msk, subflow, tmp) { struct sock *ssk =3D mptcp_subflow_tcp_sock(subflow); int how =3D RCV_SHUTDOWN | SEND_SHUTDOWN; + u8 srm_id =3D READ_ONCE(subflow->remote_id); u8 id =3D subflow_get_local_id(subflow); =20 - if (rm_type =3D=3D MPTCP_MIB_RMADDR && subflow->remote_id !=3D rm_id) + if (rm_type =3D=3D MPTCP_MIB_RMADDR && srm_id !=3D rm_id) continue; if (rm_type =3D=3D MPTCP_MIB_RMSUBFLOW && !mptcp_local_id_match(msk, id= , rm_id)) continue; =20 pr_debug(" -> %s rm_list_ids[%d]=3D%u local_id=3D%u remote_id=3D%u mpc_= id=3D%u", rm_type =3D=3D MPTCP_MIB_RMADDR ? "address" : "subflow", - i, rm_id, id, subflow->remote_id, - msk->mpc_endpoint_id); + i, rm_id, id, srm_id, msk->mpc_endpoint_id); spin_unlock_bh(&msk->pm.lock); mptcp_subflow_shutdown(sk, ssk, how); =20 diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 068784d3e748..6403c56f2902 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -536,7 +536,7 @@ static void subflow_finish_connect(struct sock *sk, con= st struct sk_buff *skb) subflow->backup =3D mp_opt.backup; subflow->thmac =3D mp_opt.thmac; subflow->remote_nonce =3D mp_opt.nonce; - subflow->remote_id =3D mp_opt.join_id; + WRITE_ONCE(subflow->remote_id, mp_opt.join_id); pr_debug("subflow=3D%p, thmac=3D%llu, remote_nonce=3D%u backup=3D%d", subflow, subflow->thmac, subflow->remote_nonce, subflow->backup); @@ -1569,7 +1569,7 @@ int __mptcp_subflow_connect(struct sock *sk, const st= ruct mptcp_addr_info *loc, pr_debug("msk=3D%p remote_token=3D%u local_id=3D%d remote_id=3D%d", msk, remote_token, local_id, remote_id); subflow->remote_token =3D remote_token; - subflow->remote_id =3D remote_id; + WRITE_ONCE(subflow->remote_id, remote_id); subflow->request_join =3D 1; subflow->request_bkup =3D !!(flags & MPTCP_PM_ADDR_FLAG_BACKUP); subflow->subflow_id =3D msk->subflow_id++; @@ -1976,7 +1976,7 @@ static void subflow_ulp_clone(const struct request_so= ck *req, new_ctx->fully_established =3D 1; new_ctx->remote_key_valid =3D 1; new_ctx->backup =3D subflow_req->backup; - new_ctx->remote_id =3D subflow_req->remote_id; + WRITE_ONCE(new_ctx->remote_id, subflow_req->remote_id); new_ctx->token =3D subflow_req->token; new_ctx->thmac =3D subflow_req->thmac; =20 --=20 2.43.0 From nobody Thu Dec 26 22:41:28 2024 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8D7072C1B6 for ; Mon, 5 Feb 2024 15:51:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148321; cv=none; b=Tvj7UeAVQNka5JTHg8h+GmuJfnfCeDbSkMBPeGb9eF/v2h8YpcF0YpW5caI9OUYjrTekfsq9g5P8ZnUJjpCXL/z874q+2RZ12oNUFhCgxw5gZYk2HYITbjasY5A3b1F++I3tY8H/NIeCkb/5lHeBdBHAVA/JsVjUoXFOP+gVX6Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1707148321; c=relaxed/simple; bh=nE7aOXyZh1gpXHJ7XAQl2Gp+YmOseIYvTlKUC1ZCH8U=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VSHVJxS+mVzZs1AxHEL/OWlWJRGinweeK9USkXwTVOPRl9FzxmxjuRjBChBXKAQwGkt+PxL8HiEUC88CD66PDyFhAwNpl176kIa4DRqbN214gH4gkxd+jjlmBKxRhuDHSctK0tslKQp3gLGvQF885E3Hbw8HgTZn7tGHhIbKIWA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com; spf=pass smtp.mailfrom=redhat.com; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b=F+lhx8t/; arc=none smtp.client-ip=170.10.133.124 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=redhat.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.b="F+lhx8t/" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1707148318; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=LXQUu/QHs7IQNezPJaehmHTvz7QOWaNQAMcwYRZPVsY=; b=F+lhx8t/BOolSdfAc6CfECD9oI1rpD4fduqZUFdtmony6UW7E/2bV/+IfTgyMIJJtOzFue v75A+TC+M/Ic96tSO468PjZyHVaKzEFmt44mndDrGpmuv9/Xw3AoKaxRLUgZdLznavXngH fSuqS2dLF4QYmfpiHyofreJ09XtBqk0= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-664-6AnHfQjeNs6UZm5OjmkuMw-1; Mon, 05 Feb 2024 10:51:57 -0500 X-MC-Unique: 6AnHfQjeNs6UZm5OjmkuMw-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 33A5E1013664 for ; Mon, 5 Feb 2024 15:51:57 +0000 (UTC) Received: from gerbillo.redhat.com (unknown [10.45.225.229]) by smtp.corp.redhat.com (Postfix) with ESMTP id B6BA43C2E for ; Mon, 5 Feb 2024 15:51:56 +0000 (UTC) From: Paolo Abeni To: mptcp@lists.linux.dev Subject: [PATCH mptcp-net 4/4] mptcp: fix duplicate subflow creation Date: Mon, 5 Feb 2024 16:51:42 +0100 Message-ID: <1392a4ef6a8a45ca3a920f933a12766283a828c6.1707144963.git.pabeni@redhat.com> In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8"; x-default="true" Fullmesh endpoints could end-up unexpectedly generating duplicate subflows - same local and remote addresses - when multiple incoming ADD_ADDR are processed before the PM creates the subflow for the local endpoints. Address the issue explicitly checking for duplicates at subflow creation time. To avoid a quadratic computational complexity, track the unavailable remote address ids in a temporary bitmap and initialize such bitmap with the remote ids of all the existing subflows matching the local address currently processed. The above allows additionally replacing the existing code checking for duplicate entry in the current set with a simple bit test operation. Fixes: 2843ff6f36db ("mptcp: remote addresses fullmesh") Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/435 Signed-off-by: Paolo Abeni --- Note that there is no problem for the opposite event sequence. --- net/mptcp/pm_netlink.c | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index 066bc855365c..617aad83eb87 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -396,19 +396,6 @@ void mptcp_pm_free_anno_list(struct mptcp_sock *msk) } } =20 -static bool lookup_address_in_vec(const struct mptcp_addr_info *addrs, uns= igned int nr, - const struct mptcp_addr_info *addr) -{ - int i; - - for (i =3D 0; i < nr; i++) { - if (addrs[i].id =3D=3D addr->id) - return true; - } - - return false; -} - /* Fill all the remote addresses into the array addrs[], * and return the array size. */ @@ -440,6 +427,16 @@ static unsigned int fill_remote_addresses_vec(struct m= ptcp_sock *msk, msk->pm.subflows++; addrs[i++] =3D remote; } else { + DECLARE_BITMAP(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1); + + /* Forbit creation of new subflows matching existing + * ones, possibly already created by incoming ADD_ADDR + */ + bitmap_zero(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1); + mptcp_for_each_subflow(msk, subflow) + if (READ_ONCE(subflow->local_id) =3D=3D local->id) + __set_bit(subflow->remote_id, unavail_id); + mptcp_for_each_subflow(msk, subflow) { ssk =3D mptcp_subflow_tcp_sock(subflow); remote_address((struct sock_common *)ssk, &addrs[i]); @@ -447,11 +444,17 @@ static unsigned int fill_remote_addresses_vec(struct = mptcp_sock *msk, if (deny_id0 && !addrs[i].id) continue; =20 + if (test_bit(addrs[i].id, unavail_id)) + continue; + if (!mptcp_pm_addr_families_match(sk, local, &addrs[i])) continue; =20 - if (!lookup_address_in_vec(addrs, i, &addrs[i]) && - msk->pm.subflows < subflows_max) { + if (msk->pm.subflows < subflows_max) { + /* forbit creating multiple address towards + * this id + */ + __set_bit(addrs[i].id, unavail_id); msk->pm.subflows++; i++; } --=20 2.43.0