From: Matthieu Baerts (NGI0) <matttbe@xxxxxxxxxx>
commit f448451aa62d54be16acb0034223c17e0d12bc69 upstream.
This helper is confusing. It is in pm.c, but it is specific to the
in-kernel PM and it cannot be used by the userspace one. Also, it simply
calls one in-kernel specific function with the PM lock, while the
similar mptcp_pm_remove_addr() helper requires the PM lock.
What's left is the pr_debug(), which is not that useful, because a
similar one is present in the only function called by this helper:
mptcp_pm_nl_rm_subflow_received()
After these modifications, this helper can be marked as 'static', and
the lock can be taken only once in mptcp_pm_flush_addrs_and_subflows().
Note that it is not a bug fix, but it will help backporting the
following commits.
Fixes: 0ee4261a3681 ("mptcp: implement mptcp_pm_remove_subflow")
Cc: stable@xxxxxxxxxxxxxxx
Reviewed-by: Mat Martineau <martineau@xxxxxxxxxx>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@xxxxxxxxxx>
Link: https://patch.msgid.link/20240819-net-mptcp-pm-reusing-id-v1-7-38035d40de5b@xxxxxxxxxx
Signed-off-by: Jakub Kicinski <kuba@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/mptcp/pm.c | 10 ----------
net/mptcp/pm_netlink.c | 16 +++++++---------
net/mptcp/protocol.h | 3 ---
3 files changed, 7 insertions(+), 22 deletions(-)
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -61,16 +61,6 @@ int mptcp_pm_remove_addr(struct mptcp_so
return 0;
}
-int mptcp_pm_remove_subflow(struct mptcp_sock *msk, const struct mptcp_rm_list *rm_list)
-{
- pr_debug("msk=%p, rm_list_nr=%d", msk, rm_list->nr);
-
- spin_lock_bh(&msk->pm.lock);
- mptcp_pm_nl_rm_subflow_received(msk, rm_list);
- spin_unlock_bh(&msk->pm.lock);
- return 0;
-}
-
/* path manager event handlers */
void mptcp_pm_new_connection(struct mptcp_sock *msk, const struct sock *ssk, int server_side)
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -865,8 +865,8 @@ static void mptcp_pm_nl_rm_addr_received
mptcp_pm_nl_rm_addr_or_subflow(msk, &msk->pm.rm_list_rx, MPTCP_MIB_RMADDR);
}
-void mptcp_pm_nl_rm_subflow_received(struct mptcp_sock *msk,
- const struct mptcp_rm_list *rm_list)
+static void mptcp_pm_nl_rm_subflow_received(struct mptcp_sock *msk,
+ const struct mptcp_rm_list *rm_list)
{
mptcp_pm_nl_rm_addr_or_subflow(msk, rm_list, MPTCP_MIB_RMSUBFLOW);
}
@@ -1502,7 +1502,9 @@ static int mptcp_nl_remove_subflow_and_s
!(entry->flags & MPTCP_PM_ADDR_FLAG_IMPLICIT));
if (remove_subflow) {
- mptcp_pm_remove_subflow(msk, &list);
+ spin_lock_bh(&msk->pm.lock);
+ mptcp_pm_nl_rm_subflow_received(msk, &list);
+ spin_unlock_bh(&msk->pm.lock);
} else if (entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW) {
/* If the subflow has been used, but now closed */
spin_lock_bh(&msk->pm.lock);
@@ -1648,18 +1650,14 @@ void mptcp_pm_remove_addrs_and_subflows(
alist.ids[alist.nr++] = entry->addr.id;
}
+ spin_lock_bh(&msk->pm.lock);
if (alist.nr) {
- spin_lock_bh(&msk->pm.lock);
msk->pm.add_addr_signaled -= alist.nr;
mptcp_pm_remove_addr(msk, &alist);
- spin_unlock_bh(&msk->pm.lock);
}
-
if (slist.nr)
- mptcp_pm_remove_subflow(msk, &slist);
-
+ mptcp_pm_nl_rm_subflow_received(msk, &slist);
/* Reset counters: maybe some subflows have been removed before */
- spin_lock_bh(&msk->pm.lock);
bitmap_fill(msk->pm.id_avail_bitmap, MPTCP_PM_MAX_ADDR_ID + 1);
msk->pm.local_addr_used = 0;
spin_unlock_bh(&msk->pm.lock);
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -945,7 +945,6 @@ int mptcp_pm_announce_addr(struct mptcp_
const struct mptcp_addr_info *addr,
bool echo);
int mptcp_pm_remove_addr(struct mptcp_sock *msk, const struct mptcp_rm_list *rm_list);
-int mptcp_pm_remove_subflow(struct mptcp_sock *msk, const struct mptcp_rm_list *rm_list);
void mptcp_pm_remove_addrs(struct mptcp_sock *msk, struct list_head *rm_list);
void mptcp_pm_remove_addrs_and_subflows(struct mptcp_sock *msk,
struct list_head *rm_list);
@@ -1047,8 +1046,6 @@ static inline u8 subflow_get_local_id(co
void __init mptcp_pm_nl_init(void);
void mptcp_pm_nl_work(struct mptcp_sock *msk);
-void mptcp_pm_nl_rm_subflow_received(struct mptcp_sock *msk,
- const struct mptcp_rm_list *rm_list);
unsigned int mptcp_pm_get_add_addr_signal_max(const struct mptcp_sock *msk);
unsigned int mptcp_pm_get_add_addr_accept_max(const struct mptcp_sock *msk);
unsigned int mptcp_pm_get_subflows_max(const struct mptcp_sock *msk);
Patches currently in stable-queue which might be from matttbe@xxxxxxxxxx are
queue-6.6/mptcp-pm-avoid-possible-uaf-when-selecting-endp.patch
queue-6.6/mptcp-pm-only-decrement-add_addr_accepted-for-mpj-req.patch
queue-6.6/mptcp-pm-only-in-kernel-cannot-have-entries-with-id-0.patch
queue-6.6/mptcp-pm-fullmesh-select-the-right-id-later.patch
queue-6.6/selftests-net-lib-kill-pids-before-del-netns.patch
queue-6.6/mptcp-pm-re-using-id-of-unused-flushed-subflows.patch
queue-6.6/selftests-mptcp-join-validate-fullmesh-endp-on-1st-sf.patch
queue-6.6/mptcp-pm-only-mark-subflow-endp-as-available.patch
queue-6.6/selftests-net-lib-ignore-possible-errors.patch
queue-6.6/selftests-mptcp-join-check-re-using-id-of-closed-subflow.patch
queue-6.6/mptcp-pm-re-using-id-of-unused-removed-add_addr.patch
queue-6.6/mptcp-pm-check-add_addr_accept_max-before-accepting-new-add_addr.patch
queue-6.6/mptcp-pm-re-using-id-of-unused-removed-subflows.patch
queue-6.6/mptcp-correct-mptcp_subflow_attr_ssn_offset-reserved.patch
queue-6.6/mptcp-pm-remove-mptcp_pm_remove_subflow.patch
