* [PATCH mptcp-net] tcp: ensure that backlog coalescing don't break MPTCP DSS
@ 2021-05-26 16:04 Paolo Abeni
2021-05-26 23:27 ` Mat Martineau
0 siblings, 1 reply; 3+ messages in thread
From: Paolo Abeni @ 2021-05-26 16:04 UTC (permalink / raw)
To: mptcp; +Cc: max
Currently the backlog coalescing does check for MPTCP validation:
a relevant DSS could be lost leading to MPTCP stream corruption.
The above is quite infrequent since the MPTCP subflows are not
exposed to user-space but the MPTCP still acquires the ssk socket
lock on some events.
Fix the issue adding the missing test.
Fixes: 85712484110d ("tcp: coalesce/collapse must respect MPTCP extensions")
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
this can possibly fix issues/196, but it's very hard to demonstrate,
even with pktdrill
---
net/ipv4/tcp_ipv4.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index 4f5b68a90be9..6b033593d069 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1822,6 +1822,7 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb)
if (TCP_SKB_CB(tail)->end_seq != TCP_SKB_CB(skb)->seq ||
TCP_SKB_CB(tail)->ip_dsfield != TCP_SKB_CB(skb)->ip_dsfield ||
+ !mptcp_skb_can_collapse(tail, skb) ||
((TCP_SKB_CB(tail)->tcp_flags |
TCP_SKB_CB(skb)->tcp_flags) & (TCPHDR_SYN | TCPHDR_RST | TCPHDR_URG)) ||
!((TCP_SKB_CB(tail)->tcp_flags &
--
2.26.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH mptcp-net] tcp: ensure that backlog coalescing don't break MPTCP DSS
2021-05-26 16:04 [PATCH mptcp-net] tcp: ensure that backlog coalescing don't break MPTCP DSS Paolo Abeni
@ 2021-05-26 23:27 ` Mat Martineau
2021-05-27 9:29 ` Paolo Abeni
0 siblings, 1 reply; 3+ messages in thread
From: Mat Martineau @ 2021-05-26 23:27 UTC (permalink / raw)
To: Paolo Abeni; +Cc: mptcp, max
On Wed, 26 May 2021, Paolo Abeni wrote:
> Currently the backlog coalescing does check for MPTCP validation:
> a relevant DSS could be lost leading to MPTCP stream corruption.
>
> The above is quite infrequent since the MPTCP subflows are not
> exposed to user-space but the MPTCP still acquires the ssk socket
> lock on some events.
>
> Fix the issue adding the missing test.
>
> Fixes: 85712484110d ("tcp: coalesce/collapse must respect MPTCP extensions")
> Signed-off-by: Paolo Abeni <pabeni@redhat.com>
> ---
> this can possibly fix issues/196, but it's very hard to demonstrate,
> even with pktdrill
> ---
> net/ipv4/tcp_ipv4.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> index 4f5b68a90be9..6b033593d069 100644
> --- a/net/ipv4/tcp_ipv4.c
> +++ b/net/ipv4/tcp_ipv4.c
> @@ -1822,6 +1822,7 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb)
>
> if (TCP_SKB_CB(tail)->end_seq != TCP_SKB_CB(skb)->seq ||
> TCP_SKB_CB(tail)->ip_dsfield != TCP_SKB_CB(skb)->ip_dsfield ||
> + !mptcp_skb_can_collapse(tail, skb) ||
> ((TCP_SKB_CB(tail)->tcp_flags |
> TCP_SKB_CB(skb)->tcp_flags) & (TCPHDR_SYN | TCPHDR_RST | TCPHDR_URG)) ||
> !((TCP_SKB_CB(tail)->tcp_flags &
> --
> 2.26.3
Yeah, definitely could lose MPTCP header information here.
Since mptcp_incoming_options() hasn't been called yet, skbs in the backlog
queue will never have the MPTCP skb extensions that
mptcp_skb_can_collapse() relies on.
Is it worth it to add a function that will do a subset of the
mptcp_incoming_options() work to populate the skb extension for mptcp
subflow socks? (and modify mptcp_incoming_options() to detect existing
mpexts?)
--
Mat Martineau
Intel
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH mptcp-net] tcp: ensure that backlog coalescing don't break MPTCP DSS
2021-05-26 23:27 ` Mat Martineau
@ 2021-05-27 9:29 ` Paolo Abeni
0 siblings, 0 replies; 3+ messages in thread
From: Paolo Abeni @ 2021-05-27 9:29 UTC (permalink / raw)
To: Mat Martineau; +Cc: mptcp, max
On Wed, 2021-05-26 at 16:27 -0700, Mat Martineau wrote:
> On Wed, 26 May 2021, Paolo Abeni wrote:
>
> > Currently the backlog coalescing does check for MPTCP validation:
> > a relevant DSS could be lost leading to MPTCP stream corruption.
> >
> > The above is quite infrequent since the MPTCP subflows are not
> > exposed to user-space but the MPTCP still acquires the ssk socket
> > lock on some events.
> >
> > Fix the issue adding the missing test.
> >
> > Fixes: 85712484110d ("tcp: coalesce/collapse must respect MPTCP extensions")
> > Signed-off-by: Paolo Abeni <pabeni@redhat.com>
> > ---
> > this can possibly fix issues/196, but it's very hard to demonstrate,
> > even with pktdrill
> > ---
> > net/ipv4/tcp_ipv4.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
> > index 4f5b68a90be9..6b033593d069 100644
> > --- a/net/ipv4/tcp_ipv4.c
> > +++ b/net/ipv4/tcp_ipv4.c
> > @@ -1822,6 +1822,7 @@ bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb)
> >
> > if (TCP_SKB_CB(tail)->end_seq != TCP_SKB_CB(skb)->seq ||
> > TCP_SKB_CB(tail)->ip_dsfield != TCP_SKB_CB(skb)->ip_dsfield ||
> > + !mptcp_skb_can_collapse(tail, skb) ||
> > ((TCP_SKB_CB(tail)->tcp_flags |
> > TCP_SKB_CB(skb)->tcp_flags) & (TCPHDR_SYN | TCPHDR_RST | TCPHDR_URG)) ||
> > !((TCP_SKB_CB(tail)->tcp_flags &
> > --
> > 2.26.3
>
> Yeah, definitely could lose MPTCP header information here.
>
> Since mptcp_incoming_options() hasn't been called yet, skbs in the backlog
> queue will never have the MPTCP skb extensions that
> mptcp_skb_can_collapse() relies on.
whoops, I missed that point!!!
> Is it worth it to add a function that will do a subset of the
> mptcp_incoming_options() work to populate the skb extension for mptcp
> subflow socks? (and modify mptcp_incoming_options() to detect existing
> mpexts?)
I was wondering about memcmp-aring the TCP options carried by the two
skbs, then I noted that the existing code already does:
thtail->doff != th->doff ||
memcmp(thtail + 1, th + 1, hdrlen - sizeof(*th)))
Skbs with different mapping can't really be merged, and the suspected
issue is really not possible.
I think this patch can be dropped,
thanks!
Paolo
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-05-27 9:30 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-26 16:04 [PATCH mptcp-net] tcp: ensure that backlog coalescing don't break MPTCP DSS Paolo Abeni
2021-05-26 23:27 ` Mat Martineau
2021-05-27 9:29 ` Paolo Abeni
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.