From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: stable@vger.kernel.org
Cc: "Greg Kroah-Hartman" <gregkh@linuxfoundation.org>,
patches@lists.linux.dev, "Arınç ÜNAL" <arinc.unal@arinc9.com>,
syzbot+455d38ecd5f655fc45cf@syzkaller.appspotmail.com,
"Mat Martineau" <martineau@kernel.org>,
"Matthieu Baerts (NGI0)" <matttbe@kernel.org>,
"Paolo Abeni" <pabeni@redhat.com>
Subject: [PATCH 6.6 19/93] mptcp: pm: fix ID 0 endp usage after multiple re-creations
Date: Sun, 1 Sep 2024 18:16:06 +0200 [thread overview]
Message-ID: <20240901160808.085027171@linuxfoundation.org> (raw)
In-Reply-To: <20240901160807.346406833@linuxfoundation.org>
6.6-stable review patch. If anyone has any objections, please let me know.
------------------
From: Matthieu Baerts (NGI0) <matttbe@kernel.org>
commit 9366922adc6a71378ca01f898c41be295309f044 upstream.
'local_addr_used' and 'add_addr_accepted' are decremented for addresses
not related to the initial subflow (ID0), because the source and
destination addresses of the initial subflows are known from the
beginning: they don't count as "additional local address being used" or
"ADD_ADDR being accepted".
It is then required not to increment them when the entrypoint used by
the initial subflow is removed and re-added during a connection. Without
this modification, this entrypoint cannot be removed and re-added more
than once.
Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/512
Fixes: 3ad14f54bd74 ("mptcp: more accurate MPC endpoint tracking")
Reported-by: syzbot+455d38ecd5f655fc45cf@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/00000000000049861306209237f4@google.com
Cc: stable@vger.kernel.org
Tested-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Reviewed-by: Mat Martineau <martineau@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
net/mptcp/pm_netlink.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -623,12 +623,13 @@ subflow:
fullmesh = !!(local.flags & MPTCP_PM_ADDR_FLAG_FULLMESH);
- msk->pm.local_addr_used++;
__clear_bit(local.addr.id, msk->pm.id_avail_bitmap);
/* Special case for ID0: set the correct ID */
if (local.addr.id == msk->mpc_endpoint_id)
local.addr.id = 0;
+ else /* local_addr_used is not decr for ID 0 */
+ msk->pm.local_addr_used++;
nr = fill_remote_addresses_vec(msk, &local.addr, fullmesh, addrs);
if (nr == 0)
@@ -758,7 +759,9 @@ static void mptcp_pm_nl_add_addr_receive
spin_lock_bh(&msk->pm.lock);
if (sf_created) {
- msk->pm.add_addr_accepted++;
+ /* add_addr_accepted is not decr for ID 0 */
+ if (remote.id)
+ msk->pm.add_addr_accepted++;
if (msk->pm.add_addr_accepted >= add_addr_accept_max ||
msk->pm.subflows >= subflows_max)
WRITE_ONCE(msk->pm.accept_addr, false);
next prev parent reply other threads:[~2024-09-01 16:25 UTC|newest]
Thread overview: 101+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-09-01 16:15 [PATCH 6.6 00/93] 6.6.49-rc1 review Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 01/93] ALSA: seq: Skip event type filtering for UMP events Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 02/93] LoongArch: Remove the unused dma-direct.h Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 03/93] btrfs: fix a use-after-free when hitting errors inside btrfs_submit_chunk() Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 04/93] btrfs: run delayed iputs when flushing delalloc Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 05/93] smb/client: avoid dereferencing rdata=NULL in smb2_new_read_req() Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 06/93] pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 07/93] pinctrl: single: fix potential NULL dereference in pcs_get_function() Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 08/93] of: Add cleanup.h based auto release via __free(device_node) markings Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 09/93] wifi: wfx: repair open network AP mode Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 10/93] wifi: mwifiex: duplicate static structs used in driver instances Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 11/93] net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response Greg Kroah-Hartman
2024-09-01 16:15 ` [PATCH 6.6 12/93] mptcp: close subflow when receiving TCP+FIN Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 13/93] mptcp: sched: check both backup in retrans Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 14/93] mptcp: pm: reuse ID 0 after delete and re-add Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 15/93] mptcp: pm: skip connecting to already established sf Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 16/93] mptcp: pm: reset MPC endp ID when re-added Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 17/93] mptcp: pm: send ACK on an active subflow Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 18/93] mptcp: pm: do not remove already closed subflows Greg Kroah-Hartman
2024-09-01 16:16 ` Greg Kroah-Hartman [this message]
2024-09-01 16:16 ` [PATCH 6.6 20/93] mptcp: pm: ADD_ADDR 0 is not a new address Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 21/93] selftests: mptcp: join: check removing ID 0 endpoint Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 22/93] selftests: mptcp: join: no extra msg if no counter Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 23/93] selftests: mptcp: join: check re-re-adding ID 0 endp Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 24/93] drm/amdgpu: align pp_power_profile_mode with kernel docs Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 25/93] drm/amdgpu/swsmu: always force a state reprogram on init Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 26/93] drm/vmwgfx: Fix prime with external buffers Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 27/93] tracing: Have format file honor EVENT_FILE_FL_FREED Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 28/93] usb: typec: fix up incorrectly backported "usb: typec: tcpm: unregister existing source caps before re-registration" Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 29/93] of: Introduce for_each_*_child_of_node_scoped() to automate of_node_put() handling Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 30/93] thermal: of: Fix OF node leak in thermal_of_trips_init() error path Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 31/93] thermal: of: Fix OF node leak in of_thermal_zone_find() error paths Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 32/93] ASoC: amd: acp: fix module autoloading Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 33/93] ASoC: SOF: amd: Fix for acp init sequence Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 34/93] pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 35/93] pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 36/93] ovl: pass string to ovl_parse_layer() Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 37/93] ovl: fix wrong lowerdir number check for parameter Opt_lowerdir Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 38/93] ovl: ovl_parse_param_lowerdir: Add missed \n for pr_err Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 39/93] mm: Fix missing folio invalidation calls during truncation Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 40/93] cifs: Fix FALLOC_FL_PUNCH_HOLE support Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 41/93] Revert "change alloc_pages name in dma_map_ops to avoid name conflicts" Greg Kroah-Hartman
2024-09-02 10:58 ` Frank Scheiner
2024-09-01 16:16 ` [PATCH 6.6 42/93] selinux,smack: dont bypass permissions check in inode_setsecctx hook Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 43/93] iommufd: Do not allow creating areas without READ or WRITE Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 44/93] phy: fsl-imx8mq-usb: fix tuning parameter name Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 45/93] soundwire: stream: fix programming slave ports for non-continous port maps Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 46/93] dmaengine: dw-edma: Fix unmasking STOP and ABORT interrupts for HDMA Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 47/93] dmaengine: dw-edma: Do not enable watermark " Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 48/93] phy: xilinx: phy-zynqmp: Fix SGMII linkup failure on resume Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 49/93] dmaengine: dw: Add peripheral bus width verification Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 50/93] dmaengine: dw: Add memory " Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 51/93] Bluetooth: btnxpuart: Resolve TX timeout error in power save stress test Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 52/93] Bluetooth: btnxpuart: Handle FW Download Abort scenario Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 53/93] Bluetooth: btnxpuart: Fix random crash seen while removing driver Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 54/93] Bluetooth: hci_core: Fix not handling hibernation actions Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 55/93] iommu: Do not return 0 from map_pages if it doesnt do anything Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 56/93] netfilter: nf_tables: restore IP sanity checks for netdev/egress Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 57/93] wifi: iwlwifi: fw: fix wgds rev 3 exact size Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 58/93] ethtool: check device is present when getting link settings Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 59/93] netfilter: nf_tables_ipv6: consider network offset in netdev/egress validation Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 60/93] selftests: forwarding: no_forwarding: Down ports on cleanup Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 61/93] selftests: forwarding: local_termination: " Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 62/93] bonding: implement xdo_dev_state_free and call it after deletion Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 63/93] bonding: extract the use of real_device into local variable Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 64/93] bonding: change ipsec_lock from spin lock to mutex Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 65/93] gtp: fix a potential NULL pointer dereference Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 66/93] sctp: fix association labeling in the duplicate COOKIE-ECHO case Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 67/93] drm/amd/display: avoid using null object of framebuffer Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 68/93] net: busy-poll: use ktime_get_ns() instead of local_clock() Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 69/93] nfc: pn533: Add poll mod list filling check Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 70/93] soc: qcom: cmd-db: Map shared memory as WC, not WB Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 71/93] soc: qcom: pmic_glink: Actually communicate when remote goes down Greg Kroah-Hartman
2024-09-01 16:16 ` [PATCH 6.6 72/93] soc: qcom: pmic_glink: Fix race during initialization Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 73/93] cdc-acm: Add DISABLE_ECHO quirk for GE HealthCare UI Controller Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 74/93] firmware: qcom: scm: Mark get_wq_ctx() as atomic call Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 75/93] scsi: sd: Ignore command SYNCHRONIZE CACHE error if format in progress Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 76/93] USB: serial: option: add MeiG Smart SRM825L Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 77/93] ARM: dts: imx6dl-yapp43: Increase LED current to match the yapp4 HW design Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 78/93] usb: dwc3: omap: add missing depopulate in probe error path Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 79/93] usb: dwc3: core: Prevent USB core invalid event buffer address access Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 80/93] usb: dwc3: st: fix probed platform device ref count on probe error path Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 81/93] usb: dwc3: st: add missing depopulate in " Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 82/93] usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 83/93] usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 84/93] usb: cdnsp: fix for Link TRB with TC Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 85/93] ARM: dts: omap3-n900: correct the accelerometer orientation Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 86/93] arm64: dts: imx8mp-beacon-kit: Fix Stereo Audio on WM8962 Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 87/93] arm64: dts: imx93: add nvmem property for fec1 Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 88/93] arm64: dts: imx93: add nvmem property for eqos Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 89/93] arm64: dts: imx93: update default value for snps,clk-csr Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 90/93] arm64: dts: freescale: imx93-tqma9352: fix CMA alloc-ranges Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 91/93] arm64: dts: freescale: imx93-tqma9352-mba93xxla: fix typo Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 92/93] scsi: aacraid: Fix double-free on probe failure Greg Kroah-Hartman
2024-09-01 16:17 ` [PATCH 6.6 93/93] apparmor: fix policy_unpack_test on big endian systems Greg Kroah-Hartman
2024-09-02 10:58 ` [PATCH 6.6 00/93] 6.6.49-rc1 review Frank Scheiner
2024-09-02 15:38 ` Naresh Kamboju
2024-09-03 7:16 ` Ron Economos
2024-09-03 8:45 ` Jon Hunter
2024-09-03 11:41 ` Takeshi Ogasawara
2024-09-03 11:44 ` Mark Brown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240901160808.085027171@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=arinc.unal@arinc9.com \
--cc=martineau@kernel.org \
--cc=matttbe@kernel.org \
--cc=pabeni@redhat.com \
--cc=patches@lists.linux.dev \
--cc=stable@vger.kernel.org \
--cc=syzbot+455d38ecd5f655fc45cf@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox