| Message ID | b41dd0ae28701666ba2c59170acedaafdb41726c.1696439853.git.pabeni@redhat.com (mailing list archive) |
|---|---|
| State | Superseded, archived |
| Delegated to: | Mat Martineau |
| Headers | show |
| Series | [mptcp-net] tcp: check mptcp-level constraints for backlog calescing | expand |
| Context | Check | Description |
|---|---|---|
| matttbe/build | success | Build and static analysis OK |
| matttbe/checkpatch | warning | total: 0 errors, 1 warnings, 0 checks, 7 lines checked |
| matttbe/KVM_Validation__normal__except_selftest_mptcp_join_ | success | Success! ✅ |
| matttbe/KVM_Validation__debug__except_selftest_mptcp_join_ | warning | Unstable: 1 failed test(s): selftest_diag |
| matttbe/KVM_Validation__normal__only_selftest_mptcp_join_ | success | Success! ✅ |
| matttbe/KVM_Validation__debug__only_selftest_mptcp_join_ | warning | Unstable: 1 failed test(s): selftest_mptcp_join |
Hi Paolo, Thank you for your modifications, that's great! Our CI did some validations and here is its report: - KVM Validation: normal (except selftest_mptcp_join): - Success! ✅: - Task: https://cirrus-ci.com/task/5251580925050880 - Summary: https://api.cirrus-ci.com/v1/artifact/task/5251580925050880/summary/summary.txt - KVM Validation: debug (except selftest_mptcp_join): - Unstable: 1 failed test(s): selftest_diag
On Wed, 4 Oct 2023, Paolo Abeni wrote: > The MPTCP protocol can acquire the subflow-level socket lock, and > cause the tcp backlog usage. When inserting new skb into the > backlog, the stack will try to coalesce them. > > Currently we have no check in place to ensure that such coalescing > will respect the MPTCP-level DSS, and that may cause data stream > corruption as reported by Christoph. > > Address the issue adding the relevant admission check for coalescing > in tcp_add_backlog(). > > Note the issue is not easy to reproduce, as the MPTCP protocol tries > hard to avoid acquiring the subflow-level socket lock. > > Fixes: 648ef4b88673 ("mptcp: Implement MPTCP receive path") > Reported-by: Christoph Paasch <cpaasch@apple.com> > Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/420 > Signed-off-by: Paolo Abeni <pabeni@redhat.com> > --- > net/ipv4/tcp_ipv4.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c > index f13eb7e23d03..52b6a0b22086 100644 > --- a/net/ipv4/tcp_ipv4.c > +++ b/net/ipv4/tcp_ipv4.c > @@ -1869,6 +1869,7 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb, > #ifdef CONFIG_TLS_DEVICE > tail->decrypted != skb->decrypted || > #endif > + mptcp_skb_can_collapse(tail, skb) || Hi Paolo - Shouldn't this be !mptcp_skb_can_collapse()? Also, the subject line needs the 'o' in "coalescing". - Mat > thtail->doff != th->doff || > memcmp(thtail + 1, th + 1, hdrlen - sizeof(*th))) > goto no_coalesce; > -- > 2.41.0 > > >
On Tue, 2023-10-10 at 18:00 -0700, Mat Martineau wrote: > On Wed, 4 Oct 2023, Paolo Abeni wrote: > > > The MPTCP protocol can acquire the subflow-level socket lock, and > > cause the tcp backlog usage. When inserting new skb into the > > backlog, the stack will try to coalesce them. > > > > Currently we have no check in place to ensure that such coalescing > > will respect the MPTCP-level DSS, and that may cause data stream > > corruption as reported by Christoph. > > > > Address the issue adding the relevant admission check for coalescing > > in tcp_add_backlog(). > > > > Note the issue is not easy to reproduce, as the MPTCP protocol tries > > hard to avoid acquiring the subflow-level socket lock. > > > > Fixes: 648ef4b88673 ("mptcp: Implement MPTCP receive path") > > Reported-by: Christoph Paasch <cpaasch@apple.com> > > Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/420 > > Signed-off-by: Paolo Abeni <pabeni@redhat.com> > > --- > > net/ipv4/tcp_ipv4.c | 1 + > > 1 file changed, 1 insertion(+) > > > > diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c > > index f13eb7e23d03..52b6a0b22086 100644 > > --- a/net/ipv4/tcp_ipv4.c > > +++ b/net/ipv4/tcp_ipv4.c > > @@ -1869,6 +1869,7 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb, > > #ifdef CONFIG_TLS_DEVICE > > tail->decrypted != skb->decrypted || > > #endif > > + mptcp_skb_can_collapsen(tail, skb) || > > Hi Paolo - > > Shouldn't this be !mptcp_skb_can_collapse()? > > Also, the subject line needs the 'o' in "coalescing". Indeed! thanks for checking! I'll send a v2! Cheers, Paolo
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index f13eb7e23d03..52b6a0b22086 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -1869,6 +1869,7 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb, #ifdef CONFIG_TLS_DEVICE tail->decrypted != skb->decrypted || #endif + mptcp_skb_can_collapse(tail, skb) || thtail->doff != th->doff || memcmp(thtail + 1, th + 1, hdrlen - sizeof(*th))) goto no_coalesce;
The MPTCP protocol can acquire the subflow-level socket lock, and cause the tcp backlog usage. When inserting new skb into the backlog, the stack will try to coalesce them. Currently we have no check in place to ensure that such coalescing will respect the MPTCP-level DSS, and that may cause data stream corruption as reported by Christoph. Address the issue adding the relevant admission check for coalescing in tcp_add_backlog(). Note the issue is not easy to reproduce, as the MPTCP protocol tries hard to avoid acquiring the subflow-level socket lock. Fixes: 648ef4b88673 ("mptcp: Implement MPTCP receive path") Reported-by: Christoph Paasch <cpaasch@apple.com> Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/420 Signed-off-by: Paolo Abeni <pabeni@redhat.com> --- net/ipv4/tcp_ipv4.c | 1 + 1 file changed, 1 insertion(+)