diff mbox series

[mptcp-next,v1,1/6] mptcp: pm: in-kernel: avoid access entry without lock

Message ID 1ccd8b5eee126272e4841635d69616ca79977ad8.1740384564.git.tanggeliang@kylinos.cn (mailing list archive)
State Accepted, archived
Commit c8a2f8c2afacf04e060866bcc93432da50483b3f
Delegated to: Matthieu Baerts
Headers show
Series BPF path manager, part 4 | expand

Checks

Context Check Description
matttbe/checkpatch success total: 0 errors, 0 warnings, 0 checks, 8 lines checked
matttbe/shellcheck success MPTCP selftests files have not been modified
matttbe/build success Build and static analysis OK
matttbe/KVM_Validation__normal success Success! ✅
matttbe/KVM_Validation__debug success Success! ✅
matttbe/KVM_Validation__btf-normal__only_bpftest_all_ success Success! ✅
matttbe/KVM_Validation__btf-debug__only_bpftest_all_ success Success! ✅

Commit Message

Geliang Tang Feb. 24, 2025, 8:13 a.m. UTC 
From: Geliang Tang <tanggeliang@kylinos.cn>

In mptcp_pm_nl_set_flags(), "entry" is copied to "local" when pernet->lock
is held to avoid direct access to entry without pernet->lock.

Therefore, "local->flags" should be passed to mptcp_nl_set_flags instead
of "entry->flags" when pernet->lock is not held, so as to avoid access to
entry.

Signed-off-by: Geliang Tang <tanggeliang@kylinos.cn>
---
 net/mptcp/pm_netlink.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Matthieu Baerts Feb. 24, 2025, 8:31 a.m. UTC | #1 
Hi Geliang,

On 24/02/2025 09:13, Geliang Tang wrote:
> From: Geliang Tang <tanggeliang@kylinos.cn>
> 
> In mptcp_pm_nl_set_flags(), "entry" is copied to "local" when pernet->lock
> is held to avoid direct access to entry without pernet->lock.
> 
> Therefore, "local->flags" should be passed to mptcp_nl_set_flags instead
> of "entry->flags" when pernet->lock is not held, so as to avoid access to
> entry.

Good catch! I see that this is a fix for a patch that has been sent to
net-next, but not applied yet.

Fixes: TODO ("mptcp: pm: change to fullmesh only for 'subflow'")

Cheers,
Matt
Matthieu Baerts Feb. 24, 2025, 11:02 a.m. UTC | #2 
Hi Geliang,

On 24/02/2025 09:31, Matthieu Baerts wrote:
> Hi Geliang,
> 
> On 24/02/2025 09:13, Geliang Tang wrote:
>> From: Geliang Tang <tanggeliang@kylinos.cn>
>>
>> In mptcp_pm_nl_set_flags(), "entry" is copied to "local" when pernet->lock
>> is held to avoid direct access to entry without pernet->lock.
>>
>> Therefore, "local->flags" should be passed to mptcp_nl_set_flags instead
>> of "entry->flags" when pernet->lock is not held, so as to avoid access to
>> entry.
> 
> Good catch! I see that this is a fix for a patch that has been sent to
> net-next, but not applied yet.
> 
> Fixes: TODO ("mptcp: pm: change to fullmesh only for 'subflow'")

I will mark this patch and the two next ones as queued, and I will apply
them when the above patch will be applied in netdev, so I can add the
appropriated SHA.

Cheers,
Matt
diff mbox series

Patch

diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index d4328443d844..fb83eba041f1 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -1983,7 +1983,7 @@  int mptcp_pm_nl_set_flags(struct mptcp_pm_addr_entry *local,
 	*local = *entry;
 	spin_unlock_bh(&pernet->lock);
 
-	mptcp_nl_set_flags(net, &local->addr, entry->flags, changed);
+	mptcp_nl_set_flags(net, &local->addr, local->flags, changed);
 	return 0;
 }