06 Jan, 2021
1 commit
-
[ Upstream commit 0c14846032f2c0a3b63234e1fc2759f4155b6067 ]
Currently MPTCP is not propagating the security context
from the ingress request socket to newly created msk
at clone time.Address the issue invoking the missing security helper.
Fixes: cf7da0d66cc1 ("mptcp: Create SUBFLOW socket for incoming connections")
Signed-off-by: Paolo Abeni
Reviewed-by: Mat Martineau
Signed-off-by: Jakub Kicinski
Signed-off-by: Greg Kroah-Hartman
08 Dec, 2020
1 commit
-
When do cat /proc/net/netstat, the output isn't append with a new line, it looks like this:
[root@localhost ~]# cat /proc/net/netstat
...
MPTcpExt: 0 0 0 0 0 0 0 0 0 0 0 0 0[root@localhost ~]#This is because in mptcp_seq_show(), if mptcp isn't in use, net->mib.mptcp_statistics is NULL,
so it just puts all 0 after "MPTcpExt:", and return, forgot the '\n'.After this patch:
[root@localhost ~]# cat /proc/net/netstat
...
MPTcpExt: 0 0 0 0 0 0 0 0 0 0 0 0 0
[root@localhost ~]#Fixes: fc518953bc9c8d7d ("mptcp: add and use MIB counter infrastructure")
Signed-off-by: Jianguo Wu
Acked-by: Florian Westphal
Link: https://lore.kernel.org/r/142e2fd9-58d9-bb13-fb75-951cccc2331e@163.com
Signed-off-by: Jakub Kicinski
28 Nov, 2020
1 commit
-
If an msk listener receives an MPJ carrying an invalid token, it
will zero the request socket msk entry. That should later
cause fallback and subflow reset - as per RFC - at
subflow_syn_recv_sock() time due to failing hmac validation.Since commit 4cf8b7e48a09 ("subflow: introduce and use
mptcp_can_accept_new_subflow()"), we unconditionally dereference
- in mptcp_can_accept_new_subflow - the subflow request msk
before performing hmac validation. In the above scenario we
hit a NULL ptr dereference.Address the issue doing the hmac validation earlier.
Fixes: 4cf8b7e48a09 ("subflow: introduce and use mptcp_can_accept_new_subflow()")
Tested-by: Davide Caratti
Signed-off-by: Paolo Abeni
Reviewed-by: Matthieu Baerts
Link: https://lore.kernel.org/r/03b2cfa3ac80d8fc18272edc6442a9ddf0b1e34e.1606400227.git.pabeni@redhat.com
Signed-off-by: Jakub Kicinski
10 Nov, 2020
1 commit
-
The mptcp proto struct currently does not provide the
required limit for forward memory scheduling. Under
pressure sk_rmem_schedule() will unconditionally try
to use such field and will oops.Address the issue inheriting the tcp limit, as we already
do for the wmem one.Fixes: 9c3f94e1681b ("mptcp: add missing memory scheduling in the rx path")
Signed-off-by: Paolo Abeni
Reviewed-by: Matthieu Baerts
Link: https://lore.kernel.org/r/37af798bd46f402fb7c79f57ebbdd00614f5d7fa.1604861097.git.pabeni@redhat.com
Signed-off-by: Jakub Kicinski
04 Nov, 2020
1 commit
-
gcc complains about use of uninitialized 'num'. Fix it by doing the first
assignment of 'num' when the variable is declared.Fixes: 96d890daad05 ("mptcp: add msk interations helper")
Signed-off-by: Davide Caratti
Acked-by: Paolo Abeni
Link: https://lore.kernel.org/r/49e20da5d467a73414d4294a8bd35e2cb1befd49.1604308087.git.dcaratti@redhat.com
Signed-off-by: Jakub Kicinski
30 Oct, 2020
1 commit
-
When moving the skbs from the subflow into the msk receive
queue, we must schedule there the required amount of memory.Try to borrow the required memory from the subflow, if needed,
so that we leverage the existing TCP heuristic.Fixes: 6771bfd9ee24 ("mptcp: update mptcp ack sequence from work queue")
Signed-off-by: Paolo Abeni
Reviewed-by: Mat Martineau
Link: https://lore.kernel.org/r/f6143a6193a083574f11b00dbf7b5ad151bc4ff4.1603810630.git.pabeni@redhat.com
Signed-off-by: Jakub Kicinski
21 Oct, 2020
5 commits
-
Like TCP, MPTCP cannot be compiled as a module. Obviously, MPTCP IPv6'
support also depends on CONFIG_IPV6. But not all functions from IPv6
code are exported.To simplify the code and reduce modifications outside MPTCP, it was
decided from the beginning to support MPTCP with IPv6 only if
CONFIG_IPV6 was built inlined. That's also why CONFIG_MPTCP_IPV6 was
created. More modifications are needed to support CONFIG_IPV6=m.Even if it was not explicit, until recently, we were forcing CONFIG_IPV6
to be built-in because we had "select IPV6" in Kconfig. Now that we have
"depends on IPV6", we have to explicitly set "IPV6=y" to force
CONFIG_IPV6 not to be built as a module.In other words, we can now only have CONFIG_MPTCP_IPV6=y if
CONFIG_IPV6=y.Note that the new dependency might hide the fact IPv6 is not supported
in MPTCP even if we have CONFIG_IPV6=m. But selecting IPV6 like we did
before was forcing it to be built-in while it was maybe not what the
user wants.Reported-by: Geert Uytterhoeven
Fixes: 010b430d5df5 ("mptcp: MPTCP_IPV6 should depend on IPV6 instead of selecting it")
Signed-off-by: Matthieu Baerts
Link: https://lore.kernel.org/r/20201021105154.628257-1-matthieu.baerts@tessares.net
Signed-off-by: Jakub Kicinski -
MPTCP_IPV6 selects IPV6, thus enabling an optional feature the user may
not want to enable. Fix this by making MPTCP_IPV6 depend on IPV6, like
is done for all other IPv6 features.Fixes: f870fa0b5768842c ("mptcp: Add MPTCP socket stubs")
Signed-off-by: Geert Uytterhoeven
Reviewed-by: Matthieu Baerts
Link: https://lore.kernel.org/r/20201020073839.29226-1-geert@linux-m68k.org
Signed-off-by: Jakub Kicinski -
MPTCP_KUNIT_TESTS selects MPTCP, thus enabling an optional feature the
user may not want to enable. Fix this by making the test depend on
MPTCP instead.Fixes: a00a582203dbc43e ("mptcp: move crypto test to KUNIT")
Signed-off-by: Geert Uytterhoeven
Reviewed-by: Matthieu Baerts
Link: https://lore.kernel.org/r/20201019113240.11516-1-geert@linux-m68k.org
Signed-off-by: Jakub Kicinski -
Move mptcp_options_received's port initialization from
mptcp_parse_option to mptcp_get_options, put it together with
the other fields initializations of mptcp_options_received.Signed-off-by: Geliang Tang
Reviewed-by: Matthieu Baerts
Signed-off-by: Jakub Kicinski -
Initialize mptcp_options_received's ahmac to zero, otherwise it
will be a random number when receiving ADD_ADDR suboption with echo-flag=1.Fixes: 3df523ab582c5 ("mptcp: Add ADD_ADDR handling")
Signed-off-by: Geliang Tang
Reviewed-by: Matthieu Baerts
Signed-off-by: Jakub Kicinski
16 Oct, 2020
1 commit
-
Minor conflicts in net/mptcp/protocol.h and
tools/testing/selftests/net/Makefile.In both cases code was added on both sides in the same place
so just keep both.Signed-off-by: Jakub Kicinski
11 Oct, 2020
2 commits
-
The msk can close MP_JOIN subflows if the initial handshake
fails. Currently such subflows are kept alive in the
conn_list until the msk itself is closed.Beyond the wasted memory, we could end-up sending the
DATA_FIN and the DATA_FIN ack on such socket, even after a
reset.Fixes: 43b54c6ee382 ("mptcp: Use full MPTCP-level disconnect state machine")
Reviewed-by: Mat Martineau
Signed-off-by: Paolo Abeni
Signed-off-by: Jakub Kicinski -
Additional/MP_JOIN subflows that do not pass some initial handshake
tests currently causes fallback to TCP. That is an RFC violation:
we should instead reset the subflow and leave the the msk untouched.Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/91
Fixes: f296234c98a8 ("mptcp: Add handling of incoming MP_JOIN requests")
Reviewed-by: Mat Martineau
Signed-off-by: Paolo Abeni
Signed-off-by: Jakub Kicinski
09 Oct, 2020
3 commits
-
using packetdrill it's possible to observe the same MPTCP DSN being acked
by different subflows with DACK4 and DACK8. This is in contrast with what
specified in RFC8684 §3.3.2: if an MPTCP endpoint transmits a 64-bit wide
DSN, it MUST be acknowledged with a 64-bit wide DACK. Fix 'use_64bit_ack'
variable to make it a property of MPTCP sockets, not TCP subflows.Fixes: a0c1d0eafd1e ("mptcp: Use 32-bit DATA_ACK when possible")
Acked-by: Paolo Abeni
Signed-off-by: Davide Caratti
Reviewed-by: Mat Martineau
Signed-off-by: Jakub Kicinski -
If recvmsg() and the workqueue race to dequeue the data
pending on some subflow, the current mapping for such
subflow covers several skbs and some of them have not
reached yet the received, either the worker or recvmsg()
can find a subflow with the data_avail flag set - since
the current mapping is valid and in sequence - but no
skbs in the receive queue - since the other entity just
processed them.The above will lead to an unbounded loop in __mptcp_move_skbs()
and a subsequent hang of any task trying to acquiring the msk
socket lock.This change addresses the issue stopping the __mptcp_move_skbs()
loop as soon as we detect the above race (empty receive queue
with data_avail set).Reported-and-tested-by: syzbot+fcf8ca5817d6e92c6567@syzkaller.appspotmail.com
Fixes: ab174ad8ef76 ("mptcp: move ooo skbs into msk out of order queue.")
Signed-off-by: Paolo Abeni
Reviewed-by: Mat Martineau
Signed-off-by: Jakub Kicinski -
Small conflict around locking in rxrpc_process_event() -
channel_lock moved to bundle in next, while state lock
needs _bh() from net.Signed-off-by: Jakub Kicinski
06 Oct, 2020
3 commits
-
Currently we skip calling tcp_cleanup_rbuf() when packets
are moved into the OoO queue or simply dropped. In both
cases we still increment tp->copied_seq, and we should
ask the TCP stack to check for ack.Fixes: c76c6956566f ("mptcp: call tcp_cleanup_rbuf on subflows")
Signed-off-by: Paolo Abeni
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
Currently data fin on data packet are not handled properly:
the 'rcv_data_fin_seq' field is interpreted as the last
sequence number carrying a valid data, but for data fin
packet with valid maps we currently store map_seq + map_len,
that is, the next value.The 'write_seq' fields carries instead the value subseguent
to the last valid byte, so in mptcp_write_data_fin() we
never detect correctly the last DSS map.Fixes: 7279da6145bb ("mptcp: Use MPTCP-level flag for sending DATA_FIN")
Fixes: 1a49b2c2a501 ("mptcp: Handle incoming 32-bit DATA_FIN values")
Reviewed-by: Mat Martineau
Signed-off-by: Paolo Abeni
Signed-off-by: David S. Miller -
Rejecting non-native endian BTF overlapped with the addition
of support for it.The rest were more simple overlapping changes, except the
renesas ravb binding update, which had to follow a file
move as well as a YAML conversion.Signed-off-by: David S. Miller
05 Oct, 2020
1 commit
-
The only usages of mptcp_pm_ops is to assign its address to the small_ops
field of the genl_family struct, which is a const pointer, and applying
ARRAY_SIZE() on it. Make it const to allow the compiler to put it in
read-only memory.Signed-off-by: Rikard Falkeborn
Signed-off-by: David S. Miller
04 Oct, 2020
1 commit
-
The MPTCP ADD_ADDR suboption with echo-flag=1 has no HMAC, the size is
smaller than the one initially sent without echo-flag=1. We then need to
use the correct size everywhere when we need this echo bit.Before this patch, the wrong size was reserved but the correct amount of
bytes were written (and read): the remaining bytes contained garbage.Fixes: 6a6c05a8b016 ("mptcp: send out ADD_ADDR with echo flag")
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/95
Reported-and-tested-by: Davide Caratti
Acked-by: Geliang Tang
Signed-off-by: Matthieu Baerts
Signed-off-by: David S. Miller
03 Oct, 2020
1 commit
-
Bulk of the genetlink users can use smaller ops, move them.
Signed-off-by: Jakub Kicinski
Reviewed-by: Johannes Berg
Signed-off-by: David S. Miller
30 Sep, 2020
2 commits
-
The peer may send a DATA_FIN mapping with either a 32-bit or 64-bit
sequence number. When a 32-bit sequence number is received for the
DATA_FIN, it must be expanded to 64 bits before comparing it to the
last acked sequence number. This expansion was missing.Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/93
Fixes: 3721b9b64676 ("mptcp: Track received DATA_FIN sequence number and add related helpers")
Signed-off-by: Mat Martineau
Signed-off-by: David S. Miller -
The msk->ack_seq value is sometimes read without the msk lock held, so
make proper use of READ_ONCE and WRITE_ONCE.Signed-off-by: Mat Martineau
Signed-off-by: David S. Miller
25 Sep, 2020
13 commits
-
Since commit cfde141ea3faa30e ("mptcp: move option parsing into
mptcp_incoming_options()"), the 3rd function argument is no longer used.Signed-off-by: Florian Westphal
Signed-off-by: David S. Miller -
This patch implemented the retransmition of ADD_ADDR when no ADD_ADDR echo
is received. It added a timer with the announced address. When timeout
occurs, ADD_ADDR will be retransmitted.Suggested-by: Mat Martineau
Suggested-by: Paolo Abeni
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
Add a new struct mptcp_pm_add_entry to describe add_addr's entry.
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
This patch added a new helper named mptcp_destroy_common containing the
shared code between mptcp_destroy() and mptcp_sock_destruct().Suggested-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
This patch added two new mibs for RM_ADDR, named MPTCP_MIB_RMADDR and
MPTCP_MIB_RMSUBFLOW, when the RM_ADDR suboption is received, increase
the first mib counter, when the local subflow is removed, increase the
second mib counter.Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
This patch implemented the local subflow removing function,
mptcp_pm_remove_subflow, it simply called mptcp_pm_nl_rm_subflow_received
under the PM spin lock.We use mptcp_pm_remove_subflow to remove a local subflow, so change it's
argument from remote_id to local_id.We check subflow->local_id in mptcp_pm_nl_rm_subflow_received to remove
a subflow.Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
This patch implements the remove announced addr and subflow logic in PM
netlink.When the PM netlink removes an address, we traverse all the existing msk
sockets to find the relevant sockets.We add a new list named anno_list in mptcp_pm_data, to record all the
announced addrs. In the traversing, we check if it has been recorded.
If it has been, we trigger the RM_ADDR signal.We also check if this address is in conn_list. If it is, we remove the
subflow which using this local address.Since we call mptcp_pm_free_anno_list in mptcp_destroy, we need to move
__mptcp_init_sock before the mptcp_is_enabled check in mptcp_init_sock.Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Acked-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
The re-check of pm->accept_subflow with pm->lock held was missing, this
patch fixed it.Suggested-by: Mat Martineau
Reviewed-by: Mat Martineau
Signed-off-by: Geliang Tang
Signed-off-by: David S. Miller -
This patch added two mibs for ADD_ADDR, MPTCP_MIB_ADDADDR for receiving
of the ADD_ADDR suboption with echo-flag=0, and MPTCP_MIB_ECHOADD for
receiving the ADD_ADDR suboption with echo-flag=1.Reviewed-by: Mat Martineau
Co-developed-by: Paolo Abeni
Signed-off-by: Paolo Abeni
Signed-off-by: Geliang Tang
Signed-off-by: David S. Miller -
When the ADD_ADDR suboption has been received, we need to send out the same
ADD_ADDR suboption with echo-flag=1, and no HMAC.Suggested-by: Mat Martineau
Reviewed-by: Mat Martineau
Signed-off-by: Geliang Tang
Signed-off-by: David S. Miller -
This patch added the RM_ADDR option parsing logic:
We parsed the incoming options to find if the rm_addr option is received,
and called mptcp_pm_rm_addr_received to schedule PM work to a new status,
named MPTCP_PM_RM_ADDR_RECEIVED.PM work got this status, and called mptcp_pm_nl_rm_addr_received to handle
it.In mptcp_pm_nl_rm_addr_received, we closed the subflow matching the rm_id,
and updated PM counter.Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Suggested-by: Mat Martineau
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
This patch added a new signal named rm_addr_signal in PM. On outgoing path,
we called mptcp_pm_should_rm_signal to check if rm_addr_signal has been
set. If it has been, we sent out the RM_ADDR option.Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller -
This patch renamed addr_signal and the related functions with the explicit
word "add".Suggested-by: Matthieu Baerts
Suggested-by: Paolo Abeni
Signed-off-by: Geliang Tang
Reviewed-by: Mat Martineau
Signed-off-by: David S. Miller
24 Sep, 2020
1 commit
-
When receiving a DATA_FIN MPTCP option on a TCP FIN packet, the DATA_FIN
information would be stored but the MPTCP worker did not get
scheduled. In turn, the MPTCP socket state would remain in
TCP_ESTABLISHED and no blocked operations would be awakened.TCP FIN packets are seen by the MPTCP socket when moving skbs out of the
subflow receive queues, so schedule the MPTCP worker when a skb with
DATA_FIN but no data payload is moved from a subflow queue. Other cases
(DATA_FIN on a bare TCP ACK or on a packet with data payload) are
already handled.Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/84
Fixes: 43b54c6ee382 ("mptcp: Use full MPTCP-level disconnect state machine")
Acked-by: Paolo Abeni
Signed-off-by: Mat Martineau
Signed-off-by: Matthieu Baerts
Signed-off-by: David S. Miller
23 Sep, 2020
1 commit
-
Two minor conflicts:
1) net/ipv4/route.c, adding a new local variable while
moving another local variable and removing it's
initial assignment.2) drivers/net/dsa/microchip/ksz9477.c, overlapping changes.
One pretty prints the port mode differently, whilst another
changes the driver to try and obtain the port mode from
the port node rather than the switch node.Signed-off-by: David S. Miller