xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tcp: Fix data-races around sysctl_tcp_fastopen.

Browse Source 
[ Upstream commit 5a54213318c43f4009ae158347aa6016e3b9b55a ]

While reading sysctl_tcp_fastopen, it can be changed concurrently.
Thus, we need to add READ_ONCE() to its readers.

Fixes: 2100c8d2d9 ("net-tcp: Fast Open base")
Signed-off-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Acked-by: Yuchung Cheng <ycheng@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
This commit is contained in:
Kuniyuki Iwashima
2022-07-15 10:17:54 -07:00
committed by Greg Kroah-Hartman
parent b3ce32e33a
commit 22938534c6
3 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
net/ipv4/af_inet.c
View File

@@ -220,7 +220,7 @@ int inet_listen(struct socket *sock, int backlog)
* because the socket was in TCP_LISTEN state previously but * because the socket was in TCP_LISTEN state previously but
* was shutdown() rather than close(). * was shutdown() rather than close().
*/ */
tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen; tcp_fastopen = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen);
if ((tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) && if ((tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) &&
(tcp_fastopen & TFO_SERVER_ENABLE) && (tcp_fastopen & TFO_SERVER_ENABLE) &&
!inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) { !inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) {

6
net/ipv4/tcp.c
View File

@@ -1148,7 +1148,8 @@ static int tcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg,
struct sockaddr *uaddr = msg->msg_name; struct sockaddr *uaddr = msg->msg_name;
int err, flags; int err, flags;
if (!(sock_net(sk)->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) || if (!(READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen) &
TFO_CLIENT_ENABLE) ||
(uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) && (uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) &&
uaddr->sa_family == AF_UNSPEC)) uaddr->sa_family == AF_UNSPEC))
return -EOPNOTSUPP; return -EOPNOTSUPP;
@@ -3390,7 +3391,8 @@ static int do_tcp_setsockopt(struct sock *sk, int level, int optname,
case TCP_FASTOPEN_CONNECT: case TCP_FASTOPEN_CONNECT:
if (val > 1 || val < 0) { if (val > 1 || val < 0) {
err = -EINVAL; err = -EINVAL;
} else if (net->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) { } else if (READ_ONCE(net->ipv4.sysctl_tcp_fastopen) &
TFO_CLIENT_ENABLE) {
if (sk->sk_state == TCP_CLOSE) if (sk->sk_state == TCP_CLOSE)
tp->fastopen_connect = val; tp->fastopen_connect = val;
else else

4
net/ipv4/tcp_fastopen.c
View File

@@ -349,7 +349,7 @@ static bool tcp_fastopen_no_cookie(const struct sock *sk,
const struct dst_entry *dst, const struct dst_entry *dst,
int flag) int flag)
{ {
return (sock_net(sk)->ipv4.sysctl_tcp_fastopen & flag) || return (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen) & flag) ||
tcp_sk(sk)->fastopen_no_cookie || tcp_sk(sk)->fastopen_no_cookie ||
(dst && dst_metric(dst, RTAX_FASTOPEN_NO_COOKIE)); (dst && dst_metric(dst, RTAX_FASTOPEN_NO_COOKIE));
} }
@@ -364,7 +364,7 @@ struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
const struct dst_entry *dst) const struct dst_entry *dst)
{ {
bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1; bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1;
int tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen; int tcp_fastopen = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen);
struct tcp_fastopen_cookie valid_foc = { .len = -1 }; struct tcp_fastopen_cookie valid_foc = { .len = -1 };
struct sock *child; struct sock *child;
int ret = 0; int ret = 0;