From: Matthieu Baerts (NGI0) <matttbe@xxxxxxxxxx>
commit 57f86203b41c98b322119dfdbb1ec54ce5e3369b upstream.
The ADD_ADDR 0 with the address from the initial subflow should not be
considered as a new address: this is not something new. If the host
receives it, it simply means that the address is available again.
When receiving an ADD_ADDR for the ID 0, the PM already doesn't consider
it as new by not incrementing the 'add_addr_accepted' counter. But the
'accept_addr' might not be set if the limit has already been reached:
this can be bypassed in this case. But before, it is important to check
that this ADD_ADDR for the ID 0 is for the same address as the initial
subflow. If not, it is not something that should happen, and the
ADD_ADDR can be ignored.
Note that if an ADD_ADDR is received while there is already a subflow
opened using the same address, this ADD_ADDR is ignored as well. It
means that if multiple ADD_ADDR for ID 0 are received, there will not be
any duplicated subflows created by the client.
Fixes: d0876b2284cf ("mptcp: add the incoming RM_ADDR support")
Cc: stable@xxxxxxxxxxxxxxx
Reviewed-by: Mat Martineau <martineau@xxxxxxxxxx>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@xxxxxxxxxx>
Signed-off-by: Paolo Abeni <pabeni@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
net/mptcp/pm.c | 4 +++-
net/mptcp/pm_netlink.c | 9 +++++++++
net/mptcp/protocol.h | 2 ++
3 files changed, 14 insertions(+), 1 deletion(-)
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -226,7 +226,9 @@ void mptcp_pm_add_addr_received(const st
} else {
__MPTCP_INC_STATS(sock_net((struct sock *)msk), MPTCP_MIB_ADDADDRDROP);
}
- } else if (!READ_ONCE(pm->accept_addr)) {
+ /* id0 should not have a different address */
+ } else if ((addr->id == 0 && !mptcp_pm_nl_is_init_remote_addr(msk, addr)) ||
+ (addr->id > 0 && !READ_ONCE(pm->accept_addr))) {
mptcp_pm_announce_addr(msk, addr, true);
mptcp_pm_add_addr_send_ack(msk);
} else if (mptcp_pm_schedule_work(msk, MPTCP_PM_ADD_ADDR_RECEIVED)) {
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -760,6 +760,15 @@ static void mptcp_pm_nl_add_addr_receive
}
}
+bool mptcp_pm_nl_is_init_remote_addr(struct mptcp_sock *msk,
+ const struct mptcp_addr_info *remote)
+{
+ struct mptcp_addr_info mpc_remote;
+
+ remote_address((struct sock_common *)msk, &mpc_remote);
+ return mptcp_addresses_equal(&mpc_remote, remote, remote->port);
+}
+
void mptcp_pm_nl_addr_send_ack(struct mptcp_sock *msk)
{
struct mptcp_subflow_context *subflow;
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -988,6 +988,8 @@ void mptcp_pm_add_addr_received(const st
void mptcp_pm_add_addr_echoed(struct mptcp_sock *msk,
const struct mptcp_addr_info *addr);
void mptcp_pm_add_addr_send_ack(struct mptcp_sock *msk);
+bool mptcp_pm_nl_is_init_remote_addr(struct mptcp_sock *msk,
+ const struct mptcp_addr_info *remote);
void mptcp_pm_nl_addr_send_ack(struct mptcp_sock *msk);
void mptcp_pm_rm_addr_received(struct mptcp_sock *msk,
const struct mptcp_rm_list *rm_list);
Patches currently in stable-queue which might be from matttbe@xxxxxxxxxx are
queue-6.10/selftests-mptcp-join-cannot-rm-sf-if-closed.patch
queue-6.10/mptcp-pm-fix-rm_addr-id-for-the-initial-subflow.patch
queue-6.10/mptcp-pm-fix-id-0-endp-usage-after-multiple-re-creations.patch
queue-6.10/mptcp-pm-skip-connecting-to-already-established-sf.patch
queue-6.10/mptcp-pm-reuse-id-0-after-delete-and-re-add.patch
queue-6.10/mptcp-avoid-duplicated-sub_closed-events.patch
queue-6.10/mptcp-pm-add_addr-0-is-not-a-new-address.patch
queue-6.10/mptcp-pm-do-not-remove-already-closed-subflows.patch
queue-6.10/mptcp-pm-send-ack-on-an-active-subflow.patch
queue-6.10/mptcp-pm-reset-mpc-endp-id-when-re-added.patch
queue-6.10/mptcp-close-subflow-when-receiving-tcp-fin.patch
queue-6.10/selftests-mptcp-join-check-re-re-adding-id-0-endp.patch
queue-6.10/selftests-mptcp-join-no-extra-msg-if-no-counter.patch
queue-6.10/mptcp-pr_debug-add-missing-n-at-the-end.patch
queue-6.10/selftests-mptcp-join-check-removing-id-0-endpoint.patch
queue-6.10/mptcp-sched-check-both-backup-in-retrans.patch
