Commit 61b3cc32 authored by Paolo Abeni's avatar Paolo Abeni Committed by Geliang Tang
Browse files

mptcp: annotate access for msk keys 

mainline inclusion
from mainline-v6.9-rc1
commit 1c09d7cbb57abcea66148923cef717cc7ab35704
category: feature
bugzilla: https://gitee.com/openeuler/kernel/issues/I9VYQ9
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/?id=1c09d7cbb57abcea66148923cef717cc7ab35704



--------------------------------

Both the local and the remote key follow the same locking
schema, put in place the proper ONCE accessors.

Signed-off-by: default avatarPaolo Abeni <pabeni@redhat.com>
Reviewed-by: default avatarMat Martineau <martineau@kernel.org>
Signed-off-by: default avatarMatthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
Reviewed-by: default avatarJackie Liu <liuyun01@kylinos.cn>
Signed-off-by: default avatarGeliang Tang <tanggeliang@kylinos.cn>
parent 43499e79

net/mptcp/options.c

+6 −6
Original line number Diff line number Diff line
@@ -689,8 +689,8 @@ static bool mptcp_established_options_add_addr(struct sock *sk, struct sk_buff * 
	opts->suboptions |= OPTION_MPTCP_ADD_ADDR;

	if (!echo) {

		MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_ADDADDRTX);

		opts->ahmac = add_addr_generate_hmac(msk->local_key,

						     msk->remote_key,

		opts->ahmac = add_addr_generate_hmac(READ_ONCE(msk->local_key),

						     READ_ONCE(msk->remote_key),

						     &opts->addr);

	} else {

		MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_ECHOADDTX);
@@ -792,7 +792,7 @@ static bool mptcp_established_options_fastclose(struct sock *sk, 


	*size = TCPOLEN_MPTCP_FASTCLOSE;

	opts->suboptions |= OPTION_MPTCP_FASTCLOSE;

	opts->rcvr_key = msk->remote_key;

	opts->rcvr_key = READ_ONCE(msk->remote_key);



	pr_debug("FASTCLOSE key=%llu", opts->rcvr_key);

	MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_MPFASTCLOSETX);
@@ -1100,8 +1100,8 @@ static bool add_addr_hmac_valid(struct mptcp_sock *msk, 
	if (mp_opt->echo)

		return true;



	hmac = add_addr_generate_hmac(msk->remote_key,

				      msk->local_key,

	hmac = add_addr_generate_hmac(READ_ONCE(msk->remote_key),

				      READ_ONCE(msk->local_key),

				      &mp_opt->addr);



	pr_debug("msk=%p, ahmac=%llu, mp_opt->ahmac=%llu\n",
@@ -1148,7 +1148,7 @@ bool mptcp_incoming_options(struct sock *sk, struct sk_buff *skb) 


	if (unlikely(mp_opt.suboptions != OPTION_MPTCP_DSS)) {

		if ((mp_opt.suboptions & OPTION_MPTCP_FASTCLOSE) &&

		    msk->local_key == mp_opt.rcvr_key) {

		    READ_ONCE(msk->local_key) == mp_opt.rcvr_key) {

			WRITE_ONCE(msk->rcv_fastclose, true);

			mptcp_schedule_work((struct sock *)msk);

			MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_MPFASTCLOSERX);

net/mptcp/protocol.c

+1 −1
Original line number Diff line number Diff line
@@ -3250,7 +3250,7 @@ struct sock *mptcp_sk_clone_init(const struct sock *sk, 
		mptcp_copy_ip_options(nsk, sk);



	msk = mptcp_sk(nsk);

	msk->local_key = subflow_req->local_key;

	WRITE_ONCE(msk->local_key, subflow_req->local_key);

	msk->token = subflow_req->token;

	msk->in_accept_queue = 1;

	WRITE_ONCE(msk->fully_established, false);

net/mptcp/protocol.h

+4 −2
Original line number Diff line number Diff line
@@ -260,8 +260,10 @@ struct mptcp_data_frag { 
struct mptcp_sock {

	/* inet_connection_sock must be the first member */

	struct inet_connection_sock sk;

	u64		local_key;

	u64		remote_key;

	u64		local_key;		/* protected by the first subflow socket lock

						 * lockless access read

						 */

	u64		remote_key;		/* same as above */

	u64		write_seq;

	u64		bytes_sent;

	u64		snd_nxt;

net/mptcp/subflow.c

+6 −4
Original line number Diff line number Diff line
@@ -75,7 +75,8 @@ static void subflow_req_create_thmac(struct mptcp_subflow_request_sock *subflow_ 


	get_random_bytes(&subflow_req->local_nonce, sizeof(u32));



	subflow_generate_hmac(msk->local_key, msk->remote_key,

	subflow_generate_hmac(READ_ONCE(msk->local_key),

			      READ_ONCE(msk->remote_key),

			      subflow_req->local_nonce,

			      subflow_req->remote_nonce, hmac);
@@ -714,7 +715,8 @@ static bool subflow_hmac_valid(const struct request_sock *req, 
	if (!msk)

		return false;



	subflow_generate_hmac(msk->remote_key, msk->local_key,

	subflow_generate_hmac(READ_ONCE(msk->remote_key),

			      READ_ONCE(msk->local_key),

			      subflow_req->remote_nonce,

			      subflow_req->local_nonce, hmac);
@@ -1550,8 +1552,8 @@ int __mptcp_subflow_connect(struct sock *sk, const struct mptcp_addr_info *loc, 
	mptcp_pm_get_flags_and_ifindex_by_id(msk, local_id,

					     &flags, &ifindex);

	subflow->remote_key_valid = 1;

	subflow->remote_key = msk->remote_key;

	subflow->local_key = msk->local_key;

	subflow->remote_key = READ_ONCE(msk->remote_key);

	subflow->local_key = READ_ONCE(msk->local_key);

	subflow->token = msk->token;

	mptcp_info2sockaddr(loc, &addr, ssk->sk_family);