From: Mat Martineau Date: Tue, 5 Jul 2022 21:32:13 +0000 (-0700) Subject: mptcp: Acquire the subflow socket lock before modifying MP_PRIO flags X-Git-Tag: v6.1-rc5~943^2~5^2~4 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=a657430260e5437df16004c8c317821d946b5ead;p=platform%2Fkernel%2Flinux-starfive.git mptcp: Acquire the subflow socket lock before modifying MP_PRIO flags When setting up a subflow's flags for sending MP_PRIO MPTCP options, the subflow socket lock was not held while reading and modifying several struct members that are also read and modified in mptcp_write_options(). Acquire the subflow socket lock earlier and send the MP_PRIO ACK with that lock already acquired. Add a new variant of the mptcp_subflow_send_ack() helper to use with the subflow lock held. Fixes: 067065422fcd ("mptcp: add the outgoing MP_PRIO support") Acked-by: Paolo Abeni Signed-off-by: Mat Martineau Signed-off-by: David S. Miller --- diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index 5ff93b73f33d..ca86c88f89e0 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -728,11 +728,13 @@ static int mptcp_pm_nl_mp_prio_send_ack(struct mptcp_sock *msk, mptcp_for_each_subflow(msk, subflow) { struct sock *ssk = mptcp_subflow_tcp_sock(subflow); struct mptcp_addr_info local; + bool slow; local_address((struct sock_common *)ssk, &local); if (!mptcp_addresses_equal(&local, addr, addr->port)) continue; + slow = lock_sock_fast(ssk); if (subflow->backup != bkup) msk->last_snd = NULL; subflow->backup = bkup; @@ -740,7 +742,8 @@ static int mptcp_pm_nl_mp_prio_send_ack(struct mptcp_sock *msk, subflow->request_bkup = bkup; pr_debug("send ack for mp_prio"); - mptcp_subflow_send_ack(ssk); + __mptcp_subflow_send_ack(ssk); + unlock_sock_fast(ssk, slow); return 0; } diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index e475212f2618..cc21fafd9726 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -506,13 +506,18 @@ static inline bool tcp_can_send_ack(const struct sock *ssk) (TCPF_SYN_SENT | TCPF_SYN_RECV | TCPF_TIME_WAIT | TCPF_CLOSE | TCPF_LISTEN)); } +void __mptcp_subflow_send_ack(struct sock *ssk) +{ + if (tcp_can_send_ack(ssk)) + tcp_send_ack(ssk); +} + void mptcp_subflow_send_ack(struct sock *ssk) { bool slow; slow = lock_sock_fast(ssk); - if (tcp_can_send_ack(ssk)) - tcp_send_ack(ssk); + __mptcp_subflow_send_ack(ssk); unlock_sock_fast(ssk, slow); } diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index c14d70c036d0..033c995772dc 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -607,6 +607,7 @@ void __init mptcp_subflow_init(void); void mptcp_subflow_shutdown(struct sock *sk, struct sock *ssk, int how); void mptcp_close_ssk(struct sock *sk, struct sock *ssk, struct mptcp_subflow_context *subflow); +void __mptcp_subflow_send_ack(struct sock *ssk); void mptcp_subflow_send_ack(struct sock *ssk); void mptcp_subflow_reset(struct sock *ssk); void mptcp_subflow_queue_clean(struct sock *ssk);