* [MPTCP][PATCH v5 mptcp-next 0/5] add MP_CAPABLE 'C' flag
@ 2021-05-08 10:33 Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port Geliang Tang
0 siblings, 1 reply; 7+ messages in thread
From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw)
To: mptcp; +Cc: Geliang Tang
v5:
- add a new patch "mptcp: add add_list in mptcp_pm_data"
- fix !CONFIG_SYSCTL case
- tag: export/20210507T174457
v4:
- rename mptcp_is_allow_join_id0 to mptcp_allow_join_id0
- rename deny_join_id0 in mptcp_pm_data to remote_deny_join_id0
- add comments for self test cases
- apply: export/20210504T064955 +
"data checksum support" +
"data checksum support cleanups"
v3:
- use 'u8 allow_join_initial_addr_port'
- drop the spinlock in patch 3
v2:
- rename join_denied to allow_join_id0 in mptcp_out_options
- rename join_denied to deny_join_id0 in mptcp_options_received
- add a new function mptcp_pm_deny_join_id0_received
- move deny_join_id0 flag from mptcp_sock to mptcp_pm_data
- check deny_join_id0 flag in mptcp_pm_create_subflow_or_signal_addr
instead of in mptcp_syn_options.
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/183
Geliang Tang (5):
mptcp: add sysctl allow_join_initial_addr_port
mptcp: add allow_join_id0 in mptcp_out_options
mptcp: add add_list in mptcp_pm_data
mptcp: add deny_join_id0 in mptcp_options_received
selftests: mptcp: add deny_join_id0 testcases
Documentation/networking/mptcp-sysctl.rst | 13 +++
include/net/mptcp.h | 3 +-
net/mptcp/ctrl.c | 16 ++++
net/mptcp/options.c | 12 +++
net/mptcp/pm.c | 2 +
net/mptcp/pm_netlink.c | 86 ++++++++++++++++++-
net/mptcp/protocol.c | 1 +
net/mptcp/protocol.h | 13 ++-
net/mptcp/subflow.c | 3 +
.../testing/selftests/net/mptcp/mptcp_join.sh | 56 +++++++++++-
10 files changed, 199 insertions(+), 6 deletions(-)
--
2.31.1
^ permalink raw reply [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port
2021-05-08 10:33 [MPTCP][PATCH v5 mptcp-next 0/5] add MP_CAPABLE 'C' flag Geliang Tang
@ 2021-05-08 10:33 ` Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options Geliang Tang
0 siblings, 1 reply; 7+ messages in thread
From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw)
To: mptcp; +Cc: Geliang Tang, Florian Westphal
This patch added a new sysctl, named allow_join_initial_addr_port, to
control whether allow peers to send join requests to the IP address and
port number used by the initial subflow.
Suggested-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
---
Documentation/networking/mptcp-sysctl.rst | 13 +++++++++++++
net/mptcp/ctrl.c | 16 ++++++++++++++++
net/mptcp/protocol.h | 1 +
3 files changed, 30 insertions(+)
diff --git a/Documentation/networking/mptcp-sysctl.rst b/Documentation/networking/mptcp-sysctl.rst
index ee06fd782465..76d939e688b8 100644
--- a/Documentation/networking/mptcp-sysctl.rst
+++ b/Documentation/networking/mptcp-sysctl.rst
@@ -32,3 +32,16 @@ checksum_enabled - BOOLEAN
per-namespace sysctl.
Default: 0
+
+allow_join_initial_addr_port - BOOLEAN
+ Allow peers to send join requests to the IP address and port number used
+ by the initial subflow if the value is 1. This controls a flag that is
+ sent to the peer at connection time, and whether such join requests are
+ accepted or denied.
+
+ Joins to addresses advertised with ADD_ADDR are not affected by this
+ value.
+
+ This is a per-namespace sysctl.
+
+ Default: 1
diff --git a/net/mptcp/ctrl.c b/net/mptcp/ctrl.c
index 6c2639bb9c19..7d738bd06f2c 100644
--- a/net/mptcp/ctrl.c
+++ b/net/mptcp/ctrl.c
@@ -24,6 +24,7 @@ struct mptcp_pernet {
u8 mptcp_enabled;
unsigned int add_addr_timeout;
u8 checksum_enabled;
+ u8 allow_join_initial_addr_port;
};
static struct mptcp_pernet *mptcp_get_pernet(struct net *net)
@@ -46,11 +47,17 @@ int mptcp_is_checksum_enabled(struct net *net)
return mptcp_get_pernet(net)->checksum_enabled;
}
+int mptcp_allow_join_id0(struct net *net)
+{
+ return mptcp_get_pernet(net)->allow_join_initial_addr_port;
+}
+
static void mptcp_pernet_set_defaults(struct mptcp_pernet *pernet)
{
pernet->mptcp_enabled = 1;
pernet->add_addr_timeout = TCP_RTO_MAX;
pernet->checksum_enabled = 0;
+ pernet->allow_join_initial_addr_port = 1;
}
#ifdef CONFIG_SYSCTL
@@ -80,6 +87,14 @@ static struct ctl_table mptcp_sysctl_table[] = {
.extra1 = SYSCTL_ZERO,
.extra2 = SYSCTL_ONE
},
+ {
+ .procname = "allow_join_initial_addr_port",
+ .maxlen = sizeof(u8),
+ .mode = 0644,
+ .proc_handler = proc_dou8vec_minmax,
+ .extra1 = SYSCTL_ZERO,
+ .extra2 = SYSCTL_ONE
+ },
{}
};
@@ -98,6 +113,7 @@ static int mptcp_pernet_new_table(struct net *net, struct mptcp_pernet *pernet)
table[0].data = &pernet->mptcp_enabled;
table[1].data = &pernet->add_addr_timeout;
table[2].data = &pernet->checksum_enabled;
+ table[3].data = &pernet->allow_join_initial_addr_port;
hdr = register_net_sysctl(net, MPTCP_SYSCTL_PATH, table);
if (!hdr)
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 868e878af526..3d6bbdf00bfb 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -543,6 +543,7 @@ static inline void mptcp_subflow_delegated_done(struct mptcp_subflow_context *su
int mptcp_is_enabled(struct net *net);
unsigned int mptcp_get_add_addr_timeout(struct net *net);
int mptcp_is_checksum_enabled(struct net *net);
+int mptcp_allow_join_id0(struct net *net);
void mptcp_subflow_fully_established(struct mptcp_subflow_context *subflow,
struct mptcp_options_received *mp_opt);
bool mptcp_subflow_data_available(struct sock *sk);
--
2.31.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port Geliang Tang
@ 2021-05-08 10:33 ` Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang
0 siblings, 1 reply; 7+ messages in thread
From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw)
To: mptcp; +Cc: Geliang Tang
This patch defined a new flag MPTCP_CAP_DENY_JOIN_ID0 for the third bit,
labeled "C" of the MP_CAPABLE option.
Add a new flag allow_join_id0 in struct mptcp_out_options. If this flag is
set, send out the MP_CAPABLE option with the flag MPTCP_CAP_DENY_JOIN_ID0.
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
---
include/net/mptcp.h | 3 ++-
net/mptcp/options.c | 6 ++++++
net/mptcp/protocol.h | 6 ++++--
net/mptcp/subflow.c | 1 +
4 files changed, 13 insertions(+), 3 deletions(-)
diff --git a/include/net/mptcp.h b/include/net/mptcp.h
index d61bbbf11979..cb580b06152f 100644
--- a/include/net/mptcp.h
+++ b/include/net/mptcp.h
@@ -67,7 +67,8 @@ struct mptcp_out_options {
u8 backup;
u8 reset_reason:4,
reset_transient:1,
- csum_reqd:1;
+ csum_reqd:1,
+ allow_join_id0:1;
u32 nonce;
u64 thmac;
u32 token;
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 3428c163299b..441ec25e117d 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -403,6 +403,7 @@ bool mptcp_syn_options(struct sock *sk, const struct sk_buff *skb,
if (subflow->request_mptcp) {
opts->suboptions = OPTION_MPTCP_MPC_SYN;
opts->csum_reqd = mptcp_is_checksum_enabled(sock_net(sk));
+ opts->allow_join_id0 = mptcp_allow_join_id0(sock_net(sk));
*size = TCPOLEN_MPTCP_MPC_SYN;
return true;
} else if (subflow->request_join) {
@@ -491,6 +492,7 @@ static bool mptcp_established_options_mp(struct sock *sk, struct sk_buff *skb,
opts->sndr_key = subflow->local_key;
opts->rcvr_key = subflow->remote_key;
opts->csum_reqd = READ_ONCE(msk->csum_enabled);
+ opts->allow_join_id0 = mptcp_allow_join_id0(sock_net(sk));
/* Section 3.1.
* The MP_CAPABLE option is carried on the SYN, SYN/ACK, and ACK
@@ -833,6 +835,7 @@ bool mptcp_synack_options(const struct request_sock *req, unsigned int *size,
opts->suboptions = OPTION_MPTCP_MPC_SYNACK;
opts->sndr_key = subflow_req->local_key;
opts->csum_reqd = subflow_req->csum_reqd;
+ opts->allow_join_id0 = subflow_req->allow_join_id0;
*size = TCPOLEN_MPTCP_MPC_SYNACK;
pr_debug("subflow_req=%p, local_key=%llu",
subflow_req, subflow_req->local_key);
@@ -1207,6 +1210,9 @@ void mptcp_write_options(__be32 *ptr, const struct tcp_sock *tp,
if (opts->csum_reqd)
flag |= MPTCP_CAP_CHECKSUM_REQD;
+ if (!opts->allow_join_id0)
+ flag |= MPTCP_CAP_DENY_JOIN_ID0;
+
*ptr++ = mptcp_option(MPTCPOPT_MP_CAPABLE, len,
MPTCP_SUPPORTED_VERSION,
flag);
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 3d6bbdf00bfb..fd7ff2d28cb3 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -79,8 +79,9 @@
#define MPTCP_VERSION_MASK (0x0F)
#define MPTCP_CAP_CHECKSUM_REQD BIT(7)
#define MPTCP_CAP_EXTENSIBILITY BIT(6)
+#define MPTCP_CAP_DENY_JOIN_ID0 BIT(5)
#define MPTCP_CAP_HMAC_SHA256 BIT(0)
-#define MPTCP_CAP_FLAG_MASK (0x3F)
+#define MPTCP_CAP_FLAG_MASK (0x1F)
/* MPTCP DSS flags */
#define MPTCP_DSS_DATA_FIN BIT(4)
@@ -352,7 +353,8 @@ struct mptcp_subflow_request_sock {
u16 mp_capable : 1,
mp_join : 1,
backup : 1,
- csum_reqd : 1;
+ csum_reqd : 1,
+ allow_join_id0 : 1;
u8 local_id;
u8 remote_id;
u64 local_key;
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index c8968038174f..249a66ad54dc 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -109,6 +109,7 @@ static void subflow_init_req(struct request_sock *req, const struct sock *sk_lis
subflow_req->mp_capable = 0;
subflow_req->mp_join = 0;
subflow_req->csum_reqd = mptcp_is_checksum_enabled(sock_net(sk_listener));
+ subflow_req->allow_join_id0 = mptcp_allow_join_id0(sock_net(sk_listener));
subflow_req->msk = NULL;
mptcp_token_init_request(req);
}
--
2.31.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options Geliang Tang
@ 2021-05-08 10:33 ` Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang
2021-05-13 0:43 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Mat Martineau
0 siblings, 2 replies; 7+ messages in thread
From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw)
To: mptcp; +Cc: Geliang Tang
Like the anno_list member in struct mptcp_pm_data, this patch added a
new member named add_list in it, to save all the received ADD_ADDRs in
this add_list.
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
---
net/mptcp/pm.c | 1 +
net/mptcp/pm_netlink.c | 74 ++++++++++++++++++++++++++++++++++++++++++
net/mptcp/protocol.c | 1 +
net/mptcp/protocol.h | 2 ++
4 files changed, 78 insertions(+)
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 9d00fa6d22e9..9456fe17b6a3 100644
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -324,6 +324,7 @@ void mptcp_pm_data_init(struct mptcp_sock *msk)
spin_lock_init(&msk->pm.lock);
INIT_LIST_HEAD(&msk->pm.anno_list);
+ INIT_LIST_HEAD(&msk->pm.add_list);
mptcp_pm_nl_data_init(msk);
}
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index d094588afad8..47a515af2b0a 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -483,6 +483,72 @@ static void mptcp_pm_nl_subflow_established(struct mptcp_sock *msk)
mptcp_pm_create_subflow_or_signal_addr(msk);
}
+struct mptcp_pm_add_entry *
+mptcp_lookup_add_list_by_id(struct mptcp_sock *msk, u8 id)
+{
+ struct mptcp_pm_add_entry *entry;
+
+ lockdep_assert_held(&msk->pm.lock);
+
+ list_for_each_entry(entry, &msk->pm.add_list, list) {
+ if (entry->addr.id == id)
+ return entry;
+ }
+
+ return NULL;
+}
+
+struct mptcp_pm_add_entry *
+mptcp_lookup_add_list_by_saddr(struct mptcp_sock *msk,
+ struct mptcp_addr_info *addr)
+{
+ struct mptcp_pm_add_entry *entry;
+
+ lockdep_assert_held(&msk->pm.lock);
+
+ list_for_each_entry(entry, &msk->pm.add_list, list) {
+ if (addresses_equal(&entry->addr, addr, true))
+ return entry;
+ }
+
+ return NULL;
+}
+
+static bool mptcp_pm_alloc_add_list(struct mptcp_sock *msk,
+ struct mptcp_addr_info *addr)
+{
+ struct mptcp_pm_add_entry *add_entry = NULL;
+
+ lockdep_assert_held(&msk->pm.lock);
+
+ if (mptcp_lookup_add_list_by_saddr(msk, addr))
+ return false;
+
+ add_entry = kmalloc(sizeof(*add_entry), GFP_ATOMIC);
+ if (!add_entry)
+ return false;
+
+ list_add(&add_entry->list, &msk->pm.add_list);
+ add_entry->addr = *addr;
+
+ return true;
+}
+
+void mptcp_pm_free_add_list(struct mptcp_sock *msk)
+{
+ struct mptcp_pm_add_entry *entry, *tmp;
+ LIST_HEAD(free_list);
+
+ pr_debug("msk=%p", msk);
+
+ spin_lock_bh(&msk->pm.lock);
+ list_splice_init(&msk->pm.add_list, &free_list);
+ spin_unlock_bh(&msk->pm.lock);
+
+ list_for_each_entry_safe(entry, tmp, &free_list, list)
+ kfree(entry);
+}
+
static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk)
{
struct sock *sk = (struct sock *)msk;
@@ -513,6 +579,8 @@ static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk)
remote = msk->pm.remote;
if (!remote.port)
remote.port = sk->sk_dport;
+ if (!mptcp_pm_alloc_add_list(msk, &remote))
+ return;
memset(&local, 0, sizeof(local));
local.family = remote.family;
@@ -612,6 +680,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk,
list_for_each_entry_safe(subflow, tmp, &msk->conn_list, node) {
struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
int how = RCV_SHUTDOWN | SEND_SHUTDOWN;
+ struct mptcp_pm_add_entry *entry;
u8 id = subflow->local_id;
if (rm_type == MPTCP_MIB_RMADDR)
@@ -631,6 +700,11 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk,
if (rm_type == MPTCP_MIB_RMADDR) {
msk->pm.add_addr_accepted--;
WRITE_ONCE(msk->pm.accept_addr, true);
+ entry = mptcp_lookup_add_list_by_id(msk, id);
+ if (entry) {
+ list_del(&entry->list);
+ kfree(entry);
+ }
} else if (rm_type == MPTCP_MIB_RMSUBFLOW) {
msk->pm.local_addr_used--;
}
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 652e55a0c6e8..446076388637 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -2882,6 +2882,7 @@ void mptcp_destroy_common(struct mptcp_sock *msk)
skb_rbtree_purge(&msk->out_of_order_queue);
mptcp_token_destroy(msk);
mptcp_pm_free_anno_list(msk);
+ mptcp_pm_free_add_list(msk);
}
static void mptcp_destroy(struct sock *sk)
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index fd7ff2d28cb3..d19deee01896 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -185,6 +185,7 @@ struct mptcp_pm_data {
struct mptcp_addr_info local;
struct mptcp_addr_info remote;
struct list_head anno_list;
+ struct list_head add_list;
spinlock_t lock; /*protects the whole PM data */
@@ -693,6 +694,7 @@ int mptcp_pm_nl_mp_prio_send_ack(struct mptcp_sock *msk,
struct mptcp_addr_info *addr,
u8 bkup);
void mptcp_pm_free_anno_list(struct mptcp_sock *msk);
+void mptcp_pm_free_add_list(struct mptcp_sock *msk);
bool mptcp_pm_sport_in_anno_list(struct mptcp_sock *msk, const struct sock *sk);
struct mptcp_pm_add_entry *
mptcp_pm_del_add_timer(struct mptcp_sock *msk,
--
2.31.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang
@ 2021-05-08 10:33 ` Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 5/5] selftests: mptcp: add deny_join_id0 testcases Geliang Tang
2021-05-13 0:43 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Mat Martineau
1 sibling, 1 reply; 7+ messages in thread
From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw)
To: mptcp; +Cc: Geliang Tang, Florian Westphal
This patch added a new flag named deny_join_id0 in struct
mptcp_options_received. Set it when MP_CAPABLE with the flag
MPTCP_CAP_DENYJOIN_ID0 is received.
Also add a new flag remote_deny_join_id0 in struct mptcp_pm_data. When the
flag deny_join_id0 is set, set this remote_deny_join_id0 flag.
In mptcp_pm_create_subflow_or_signal_addr, if the remote_deny_join_id0 flag
is set, use the first received ADD_ADDR address as the remote address to
connect.
Suggested-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
---
net/mptcp/options.c | 6 ++++++
net/mptcp/pm.c | 1 +
net/mptcp/pm_netlink.c | 12 +++++++++++-
net/mptcp/protocol.h | 4 +++-
net/mptcp/subflow.c | 2 ++
5 files changed, 23 insertions(+), 2 deletions(-)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 441ec25e117d..b9188c53e58f 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -87,6 +87,9 @@ static void mptcp_parse_option(const struct sock *sk,
if (flags & MPTCP_CAP_CHECKSUM_REQD)
mp_opt->csum_reqd = 1;
+ if (flags & MPTCP_CAP_DENY_JOIN_ID0)
+ mp_opt->deny_join_id0 = 1;
+
mp_opt->mp_capable = 1;
if (opsize >= TCPOLEN_MPTCP_MPC_SYNACK) {
mp_opt->sndr_key = get_unaligned_be64(ptr);
@@ -363,6 +366,7 @@ void mptcp_get_options(const struct sock *sk,
mp_opt->mp_prio = 0;
mp_opt->reset = 0;
mp_opt->csum_reqd = 0;
+ mp_opt->deny_join_id0 = 0;
length = (th->doff * 4) - sizeof(struct tcphdr);
ptr = (const unsigned char *)(th + 1);
@@ -1055,6 +1059,8 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb)
}
mptcp_get_options(sk, skb, &mp_opt);
+ if (mp_opt.deny_join_id0)
+ WRITE_ONCE(msk->pm.remote_deny_join_id0, true);
if (!check_fully_established(msk, sk, subflow, skb, &mp_opt))
return;
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 9456fe17b6a3..23a309f641aa 100644
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -320,6 +320,7 @@ void mptcp_pm_data_init(struct mptcp_sock *msk)
WRITE_ONCE(msk->pm.addr_signal, 0);
WRITE_ONCE(msk->pm.accept_addr, false);
WRITE_ONCE(msk->pm.accept_subflow, false);
+ WRITE_ONCE(msk->pm.remote_deny_join_id0, false);
msk->pm.status = 0;
spin_lock_init(&msk->pm.lock);
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index 47a515af2b0a..dddd7c5613fa 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -456,10 +456,20 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk)
if (local) {
struct mptcp_addr_info remote = { 0 };
+ remote_address((struct sock_common *)sk, &remote);
+ if (READ_ONCE(msk->pm.remote_deny_join_id0)) {
+ struct mptcp_pm_add_entry *entry;
+
+ entry = list_first_entry_or_null(&msk->pm.add_list,
+ typeof(*entry), list);
+ if (!entry)
+ return;
+
+ remote = entry->addr;
+ }
msk->pm.local_addr_used++;
msk->pm.subflows++;
check_work_pending(msk);
- remote_address((struct sock_common *)sk, &remote);
spin_unlock_bh(&msk->pm.lock);
__mptcp_subflow_connect(sk, &local->addr, &remote,
local->flags, local->ifindex);
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index d19deee01896..5b2e72cf8e06 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -138,7 +138,8 @@ struct mptcp_options_received {
mp_prio : 1,
echo : 1,
csum_reqd : 1,
- backup : 1;
+ backup : 1,
+ deny_join_id0 : 1;
u32 token;
u32 nonce;
u64 thmac;
@@ -194,6 +195,7 @@ struct mptcp_pm_data {
bool work_pending;
bool accept_addr;
bool accept_subflow;
+ bool remote_deny_join_id0;
u8 add_addr_signaled;
u8 add_addr_accepted;
u8 local_addr_used;
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index 249a66ad54dc..bb4bf31e73cf 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -408,6 +408,8 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb)
if (mp_opt.csum_reqd)
WRITE_ONCE(mptcp_sk(parent)->csum_enabled, true);
+ if (mp_opt.deny_join_id0)
+ WRITE_ONCE(mptcp_sk(parent)->pm.remote_deny_join_id0, true);
subflow->mp_capable = 1;
subflow->can_ack = 1;
subflow->remote_key = mp_opt.sndr_key;
--
2.31.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 5/5] selftests: mptcp: add deny_join_id0 testcases
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang
@ 2021-05-08 10:33 ` Geliang Tang
0 siblings, 0 replies; 7+ messages in thread
From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw)
To: mptcp; +Cc: Geliang Tang
This patch added a new argument '-d' for mptcp_join.sh script, to invoke
the testcases for the MP_CAPABLE 'C' flag.
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
---
.../testing/selftests/net/mptcp/mptcp_join.sh | 56 ++++++++++++++++++-
1 file changed, 55 insertions(+), 1 deletion(-)
diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh
index 523c7797f30a..17b385f011d2 100755
--- a/tools/testing/selftests/net/mptcp/mptcp_join.sh
+++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh
@@ -139,6 +139,17 @@ reset_with_checksum()
ip netns exec $ns2 sysctl -q net.mptcp.checksum_enabled=$ns2_enable
}
+reset_with_allow_join_id0()
+{
+ local ns1_enable=$1
+ local ns2_enable=$2
+
+ reset
+
+ ip netns exec $ns1 sysctl -q net.mptcp.allow_join_initial_addr_port=$ns1_enable
+ ip netns exec $ns2 sysctl -q net.mptcp.allow_join_initial_addr_port=$ns2_enable
+}
+
ip -Version > /dev/null 2>&1
if [ $? -ne 0 ];then
echo "SKIP: Could not run test without ip tool"
@@ -1462,6 +1473,44 @@ checksum_tests()
chk_csum_nr "checksum test 1 0"
}
+deny_join_id0_tests()
+{
+ # subflow allow join id0 ns1
+ reset_with_allow_join_id0 1 0
+ ip netns exec $ns1 ./pm_nl_ctl limits 1 1
+ ip netns exec $ns2 ./pm_nl_ctl limits 1 1
+ ip netns exec $ns2 ./pm_nl_ctl add 10.0.3.2 flags subflow
+ run_tests $ns1 $ns2 10.0.1.1
+ chk_join_nr "single subflow allow join id0 ns1" 1 1 1
+
+ # subflow allow join id0 ns2
+ reset_with_allow_join_id0 0 1
+ ip netns exec $ns1 ./pm_nl_ctl limits 1 1
+ ip netns exec $ns2 ./pm_nl_ctl limits 1 1
+ ip netns exec $ns2 ./pm_nl_ctl add 10.0.3.2 flags subflow
+ run_tests $ns1 $ns2 10.0.1.1
+ chk_join_nr "single subflow allow join id0 ns2" 0 0 0
+
+ # subflow and address allow join id0
+ reset_with_allow_join_id0 0 1
+ ip netns exec $ns1 ./pm_nl_ctl limits 2 2
+ ip netns exec $ns2 ./pm_nl_ctl limits 2 2
+ ip netns exec $ns1 ./pm_nl_ctl add 10.0.2.1 flags signal
+ ip netns exec $ns2 ./pm_nl_ctl add 10.0.3.2 flags subflow
+ run_tests $ns1 $ns2 10.0.1.1
+ chk_join_nr "subflow and address allow join id0" 2 2 2
+
+ # signal address allow join id0
+ # ADD_ADDRs are not affected by allow_join_id0 value.
+ reset_with_allow_join_id0 0 0
+ ip netns exec $ns1 ./pm_nl_ctl limits 1 1
+ ip netns exec $ns2 ./pm_nl_ctl limits 1 1
+ ip netns exec $ns1 ./pm_nl_ctl add 10.0.2.1 flags signal
+ run_tests $ns1 $ns2 10.0.1.1
+ chk_join_nr "signal address allow join id0" 1 1 1
+ chk_add_nr 1 1
+}
+
all_tests()
{
subflows_tests
@@ -1476,6 +1525,7 @@ all_tests()
add_addr_ports_tests
syncookies_tests
checksum_tests
+ deny_join_id0_tests
}
usage()
@@ -1493,6 +1543,7 @@ usage()
echo " -p add_addr_ports_tests"
echo " -k syncookies_tests"
echo " -S checksum_tests"
+ echo " -d deny_join_id0_tests"
echo " -c capture pcap files"
echo " -C enable data checksum"
echo " -h help"
@@ -1528,7 +1579,7 @@ if [ $do_all_tests -eq 1 ]; then
exit $ret
fi
-while getopts 'fsltra64bpkchCS' opt; do
+while getopts 'fsltra64bpkdchCS' opt; do
case $opt in
f)
subflows_tests
@@ -1566,6 +1617,9 @@ while getopts 'fsltra64bpkchCS' opt; do
S)
checksum_tests
;;
+ d)
+ deny_join_id0_tests
+ ;;
c)
;;
C)
--
2.31.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang
@ 2021-05-13 0:43 ` Mat Martineau
1 sibling, 0 replies; 7+ messages in thread
From: Mat Martineau @ 2021-05-13 0:43 UTC (permalink / raw)
To: Geliang Tang; +Cc: mptcp
On Sat, 8 May 2021, Geliang Tang wrote:
> Like the anno_list member in struct mptcp_pm_data, this patch added a
> new member named add_list in it, to save all the received ADD_ADDRs in
> this add_list.
>
> Signed-off-by: Geliang Tang <geliangtang@gmail.com>
> ---
> net/mptcp/pm.c | 1 +
> net/mptcp/pm_netlink.c | 74 ++++++++++++++++++++++++++++++++++++++++++
> net/mptcp/protocol.c | 1 +
> net/mptcp/protocol.h | 2 ++
> 4 files changed, 78 insertions(+)
>
> diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
> index 9d00fa6d22e9..9456fe17b6a3 100644
> --- a/net/mptcp/pm.c
> +++ b/net/mptcp/pm.c
> @@ -324,6 +324,7 @@ void mptcp_pm_data_init(struct mptcp_sock *msk)
>
> spin_lock_init(&msk->pm.lock);
> INIT_LIST_HEAD(&msk->pm.anno_list);
> + INIT_LIST_HEAD(&msk->pm.add_list);
>
> mptcp_pm_nl_data_init(msk);
> }
> diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
> index d094588afad8..47a515af2b0a 100644
> --- a/net/mptcp/pm_netlink.c
> +++ b/net/mptcp/pm_netlink.c
> @@ -483,6 +483,72 @@ static void mptcp_pm_nl_subflow_established(struct mptcp_sock *msk)
> mptcp_pm_create_subflow_or_signal_addr(msk);
> }
>
> +struct mptcp_pm_add_entry *
> +mptcp_lookup_add_list_by_id(struct mptcp_sock *msk, u8 id)
> +{
> + struct mptcp_pm_add_entry *entry;
> +
> + lockdep_assert_held(&msk->pm.lock);
> +
> + list_for_each_entry(entry, &msk->pm.add_list, list) {
> + if (entry->addr.id == id)
> + return entry;
> + }
> +
> + return NULL;
> +}
> +
> +struct mptcp_pm_add_entry *
> +mptcp_lookup_add_list_by_saddr(struct mptcp_sock *msk,
> + struct mptcp_addr_info *addr)
> +{
> + struct mptcp_pm_add_entry *entry;
> +
> + lockdep_assert_held(&msk->pm.lock);
> +
> + list_for_each_entry(entry, &msk->pm.add_list, list) {
> + if (addresses_equal(&entry->addr, addr, true))
> + return entry;
> + }
> +
> + return NULL;
> +}
> +
> +static bool mptcp_pm_alloc_add_list(struct mptcp_sock *msk,
> + struct mptcp_addr_info *addr)
> +{
> + struct mptcp_pm_add_entry *add_entry = NULL;
> +
> + lockdep_assert_held(&msk->pm.lock);
> +
> + if (mptcp_lookup_add_list_by_saddr(msk, addr))
> + return false;
> +
> + add_entry = kmalloc(sizeof(*add_entry), GFP_ATOMIC);
Hi Geliang -
Thanks for adding the list to track addresses announced by the peer. It
will also be helpful for future in-kernel path manager functionality.
I think it's worthwhile to add a separate struct for this list instead of
reusing struct mptcp_pm_add_entry. The timer_list is a large number of
bytes to allocate and not use:
// from pahole
struct mptcp_pm_add_entry {
struct list_head list; /* 0 16 */
struct mptcp_addr_info addr; /* 16 24 */
struct timer_list add_timer; /* 40 80 */
/* --- cacheline 1 boundary (64 bytes) was 56 bytes ago --- */
struct mptcp_sock * sock; /* 120 8 */
/* --- cacheline 2 boundary (128 bytes) --- */
u8 retrans_times; /* 128 1 */
/* size: 136, cachelines: 3, members: 5 */
/* padding: 7 */
/* last cacheline: 8 bytes */
};
-Mat
> + if (!add_entry)
> + return false;
> +
> + list_add(&add_entry->list, &msk->pm.add_list);
> + add_entry->addr = *addr;
> +
> + return true;
> +}
> +
> +void mptcp_pm_free_add_list(struct mptcp_sock *msk)
> +{
> + struct mptcp_pm_add_entry *entry, *tmp;
> + LIST_HEAD(free_list);
> +
> + pr_debug("msk=%p", msk);
> +
> + spin_lock_bh(&msk->pm.lock);
> + list_splice_init(&msk->pm.add_list, &free_list);
> + spin_unlock_bh(&msk->pm.lock);
> +
> + list_for_each_entry_safe(entry, tmp, &free_list, list)
> + kfree(entry);
> +}
> +
> static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk)
> {
> struct sock *sk = (struct sock *)msk;
> @@ -513,6 +579,8 @@ static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk)
> remote = msk->pm.remote;
> if (!remote.port)
> remote.port = sk->sk_dport;
> + if (!mptcp_pm_alloc_add_list(msk, &remote))
> + return;
> memset(&local, 0, sizeof(local));
> local.family = remote.family;
>
> @@ -612,6 +680,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk,
> list_for_each_entry_safe(subflow, tmp, &msk->conn_list, node) {
> struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
> int how = RCV_SHUTDOWN | SEND_SHUTDOWN;
> + struct mptcp_pm_add_entry *entry;
> u8 id = subflow->local_id;
>
> if (rm_type == MPTCP_MIB_RMADDR)
> @@ -631,6 +700,11 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk,
> if (rm_type == MPTCP_MIB_RMADDR) {
> msk->pm.add_addr_accepted--;
> WRITE_ONCE(msk->pm.accept_addr, true);
> + entry = mptcp_lookup_add_list_by_id(msk, id);
> + if (entry) {
> + list_del(&entry->list);
> + kfree(entry);
> + }
> } else if (rm_type == MPTCP_MIB_RMSUBFLOW) {
> msk->pm.local_addr_used--;
> }
> diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
> index 652e55a0c6e8..446076388637 100644
> --- a/net/mptcp/protocol.c
> +++ b/net/mptcp/protocol.c
> @@ -2882,6 +2882,7 @@ void mptcp_destroy_common(struct mptcp_sock *msk)
> skb_rbtree_purge(&msk->out_of_order_queue);
> mptcp_token_destroy(msk);
> mptcp_pm_free_anno_list(msk);
> + mptcp_pm_free_add_list(msk);
> }
>
> static void mptcp_destroy(struct sock *sk)
> diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
> index fd7ff2d28cb3..d19deee01896 100644
> --- a/net/mptcp/protocol.h
> +++ b/net/mptcp/protocol.h
> @@ -185,6 +185,7 @@ struct mptcp_pm_data {
> struct mptcp_addr_info local;
> struct mptcp_addr_info remote;
> struct list_head anno_list;
> + struct list_head add_list;
>
> spinlock_t lock; /*protects the whole PM data */
>
> @@ -693,6 +694,7 @@ int mptcp_pm_nl_mp_prio_send_ack(struct mptcp_sock *msk,
> struct mptcp_addr_info *addr,
> u8 bkup);
> void mptcp_pm_free_anno_list(struct mptcp_sock *msk);
> +void mptcp_pm_free_add_list(struct mptcp_sock *msk);
> bool mptcp_pm_sport_in_anno_list(struct mptcp_sock *msk, const struct sock *sk);
> struct mptcp_pm_add_entry *
> mptcp_pm_del_add_timer(struct mptcp_sock *msk,
> --
> 2.31.1
>
>
>
--
Mat Martineau
Intel
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-05-13 0:43 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-05-08 10:33 [MPTCP][PATCH v5 mptcp-next 0/5] add MP_CAPABLE 'C' flag Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang
2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 5/5] selftests: mptcp: add deny_join_id0 testcases Geliang Tang
2021-05-13 0:43 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Mat Martineau
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).