From: Eric Dumazet <edumazet@google.com>
To: Dmitry Safonov <dima@arista.com>
Cc: David Ahern <dsahern@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
linux-kernel@vger.kernel.org,
Dmitry Safonov <0x7f454c46@gmail.com>,
Francesco Ruggeri <fruggeri05@gmail.com>,
Salam Noureddine <noureddine@arista.com>,
Simon Horman <horms@kernel.org>,
netdev@vger.kernel.org
Subject: Re: [PATCH 6/7] net/tcp: ACCESS_ONCE() on snd/rcv SNEs
Date: Tue, 21 Nov 2023 09:08:49 +0100 [thread overview]
Message-ID: <CANn89iLEANNvZ45PaPL8miZeyMUTAcLoVR4WS55gbtfiMPbueQ@mail.gmail.com> (raw)
In-Reply-To: <20231121020111.1143180-7-dima@arista.com>
On Tue, Nov 21, 2023 at 3:01 AM Dmitry Safonov <dima@arista.com> wrote:
>
> SNEs need READ_ONCE()/WRITE_ONCE() for access as they can be written and
> read at the same time.
>
> This is actually a shame: I planned to send it in TCP-AO patches, but
> it seems I've chosen a wrong commit to git-commit-fixup some time ago.
> It ended up in a commit that adds a selftest. Human factor.
>
> Fixes: 64382c71a557 ("net/tcp: Add TCP-AO SNE support")
> Signed-off-by: Dmitry Safonov <dima@arista.com>
> ---
> net/ipv4/tcp_ao.c | 4 ++--
> net/ipv4/tcp_input.c | 4 ++--
> 2 files changed, 4 insertions(+), 4 deletions(-)
>
> diff --git a/net/ipv4/tcp_ao.c b/net/ipv4/tcp_ao.c
> index 122ff58168ee..9b7f1970c2e9 100644
> --- a/net/ipv4/tcp_ao.c
> +++ b/net/ipv4/tcp_ao.c
> @@ -956,8 +956,8 @@ tcp_inbound_ao_hash(struct sock *sk, const struct sk_buff *skb,
> if (unlikely(th->syn && !th->ack))
> goto verify_hash;
>
> - sne = tcp_ao_compute_sne(info->rcv_sne, tcp_sk(sk)->rcv_nxt,
> - ntohl(th->seq));
> + sne = tcp_ao_compute_sne(READ_ONCE(info->rcv_sne),
> + tcp_sk(sk)->rcv_nxt, ntohl(th->seq));
I think this is a wrong fix. Something is definitely fishy here.
Update side should only happen for an established socket ?
And the read side should have locked the socket before calling
tcp_inbound_ao_hash(),
otherwise reading other fields (like tcp_sk(sk)->rcv_nxt) would be racy anyway.
> /* Established socket, traffic key are cached */
> traffic_key = rcv_other_key(key);
> err = tcp_ao_verify_hash(sk, skb, family, info, aoh, key,
> diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
> index bcb55d98004c..78896c8be0d4 100644
> --- a/net/ipv4/tcp_input.c
> +++ b/net/ipv4/tcp_input.c
tcp_snd_sne_update() definitely only deals with full sockets
(TCP_AO_ESTABLISHED)
> @@ -3583,7 +3583,7 @@ static void tcp_snd_sne_update(struct tcp_sock *tp, u32 ack)
> ao = rcu_dereference_protected(tp->ao_info,
> lockdep_sock_is_held((struct sock *)tp));
> if (ao && ack < tp->snd_una)
> - ao->snd_sne++;
> + WRITE_ONCE(ao->snd_sne, ao->snd_sne + 1);
> #endif
> }
>
> @@ -3609,7 +3609,7 @@ static void tcp_rcv_sne_update(struct tcp_sock *tp, u32 seq)
> ao = rcu_dereference_protected(tp->ao_info,
> lockdep_sock_is_held((struct sock *)tp));
> if (ao && seq < tp->rcv_nxt)
> - ao->rcv_sne++;
> + WRITE_ONCE(ao->rcv_sne, ao->rcv_sne + 1);
> #endif
> }
>
> --
> 2.42.0
>
next prev parent reply other threads:[~2023-11-21 8:09 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-21 2:01 [PATCH 0/7] TCP-AO fixes Dmitry Safonov
2023-11-21 2:01 ` [PATCH 1/7] Documentation/tcp: Fix an obvious typo Dmitry Safonov
2023-11-21 2:01 ` [PATCH 2/7] net/tcp: Consistently align TCP-AO option in the header Dmitry Safonov
2023-11-21 2:01 ` [PATCH 3/7] net/tcp: Limit TCP_AO_REPAIR to non-listen sockets Dmitry Safonov
2023-11-21 8:21 ` Eric Dumazet
2023-11-21 17:50 ` Dmitry Safonov
2023-11-21 2:01 ` [PATCH 4/7] net/tcp: Reset TCP-AO cached keys on listen() syscall Dmitry Safonov
2023-11-21 8:18 ` Eric Dumazet
2023-11-22 1:00 ` Dmitry Safonov
2023-11-21 2:01 ` [PATCH 5/7] net/tcp: Don't add key with non-matching VRF on connected sockets Dmitry Safonov
2023-11-21 2:01 ` [PATCH 6/7] net/tcp: ACCESS_ONCE() on snd/rcv SNEs Dmitry Safonov
2023-11-21 8:08 ` Eric Dumazet [this message]
2023-11-21 2:01 ` [PATCH 7/7] net/tcp: Don't store TCP-AO maclen on reqsk Dmitry Safonov
2023-11-21 8:13 ` Eric Dumazet
2023-11-22 1:19 ` Dmitry Safonov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANn89iLEANNvZ45PaPL8miZeyMUTAcLoVR4WS55gbtfiMPbueQ@mail.gmail.com \
--to=edumazet@google.com \
--cc=0x7f454c46@gmail.com \
--cc=davem@davemloft.net \
--cc=dima@arista.com \
--cc=dsahern@kernel.org \
--cc=fruggeri05@gmail.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=noureddine@arista.com \
--cc=pabeni@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).