* [MPTCP][PATCH v5 mptcp-next 0/5] add MP_CAPABLE 'C' flag @ 2021-05-08 10:33 Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port Geliang Tang 0 siblings, 1 reply; 7+ messages in thread From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw) To: mptcp; +Cc: Geliang Tang v5: - add a new patch "mptcp: add add_list in mptcp_pm_data" - fix !CONFIG_SYSCTL case - tag: export/20210507T174457 v4: - rename mptcp_is_allow_join_id0 to mptcp_allow_join_id0 - rename deny_join_id0 in mptcp_pm_data to remote_deny_join_id0 - add comments for self test cases - apply: export/20210504T064955 + "data checksum support" + "data checksum support cleanups" v3: - use 'u8 allow_join_initial_addr_port' - drop the spinlock in patch 3 v2: - rename join_denied to allow_join_id0 in mptcp_out_options - rename join_denied to deny_join_id0 in mptcp_options_received - add a new function mptcp_pm_deny_join_id0_received - move deny_join_id0 flag from mptcp_sock to mptcp_pm_data - check deny_join_id0 flag in mptcp_pm_create_subflow_or_signal_addr instead of in mptcp_syn_options. Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/183 Geliang Tang (5): mptcp: add sysctl allow_join_initial_addr_port mptcp: add allow_join_id0 in mptcp_out_options mptcp: add add_list in mptcp_pm_data mptcp: add deny_join_id0 in mptcp_options_received selftests: mptcp: add deny_join_id0 testcases Documentation/networking/mptcp-sysctl.rst | 13 +++ include/net/mptcp.h | 3 +- net/mptcp/ctrl.c | 16 ++++ net/mptcp/options.c | 12 +++ net/mptcp/pm.c | 2 + net/mptcp/pm_netlink.c | 86 ++++++++++++++++++- net/mptcp/protocol.c | 1 + net/mptcp/protocol.h | 13 ++- net/mptcp/subflow.c | 3 + .../testing/selftests/net/mptcp/mptcp_join.sh | 56 +++++++++++- 10 files changed, 199 insertions(+), 6 deletions(-) -- 2.31.1 ^ permalink raw reply [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port 2021-05-08 10:33 [MPTCP][PATCH v5 mptcp-next 0/5] add MP_CAPABLE 'C' flag Geliang Tang @ 2021-05-08 10:33 ` Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options Geliang Tang 0 siblings, 1 reply; 7+ messages in thread From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw) To: mptcp; +Cc: Geliang Tang, Florian Westphal This patch added a new sysctl, named allow_join_initial_addr_port, to control whether allow peers to send join requests to the IP address and port number used by the initial subflow. Suggested-by: Florian Westphal <fw@strlen.de> Signed-off-by: Geliang Tang <geliangtang@gmail.com> --- Documentation/networking/mptcp-sysctl.rst | 13 +++++++++++++ net/mptcp/ctrl.c | 16 ++++++++++++++++ net/mptcp/protocol.h | 1 + 3 files changed, 30 insertions(+) diff --git a/Documentation/networking/mptcp-sysctl.rst b/Documentation/networking/mptcp-sysctl.rst index ee06fd782465..76d939e688b8 100644 --- a/Documentation/networking/mptcp-sysctl.rst +++ b/Documentation/networking/mptcp-sysctl.rst @@ -32,3 +32,16 @@ checksum_enabled - BOOLEAN per-namespace sysctl. Default: 0 + +allow_join_initial_addr_port - BOOLEAN + Allow peers to send join requests to the IP address and port number used + by the initial subflow if the value is 1. This controls a flag that is + sent to the peer at connection time, and whether such join requests are + accepted or denied. + + Joins to addresses advertised with ADD_ADDR are not affected by this + value. + + This is a per-namespace sysctl. + + Default: 1 diff --git a/net/mptcp/ctrl.c b/net/mptcp/ctrl.c index 6c2639bb9c19..7d738bd06f2c 100644 --- a/net/mptcp/ctrl.c +++ b/net/mptcp/ctrl.c @@ -24,6 +24,7 @@ struct mptcp_pernet { u8 mptcp_enabled; unsigned int add_addr_timeout; u8 checksum_enabled; + u8 allow_join_initial_addr_port; }; static struct mptcp_pernet *mptcp_get_pernet(struct net *net) @@ -46,11 +47,17 @@ int mptcp_is_checksum_enabled(struct net *net) return mptcp_get_pernet(net)->checksum_enabled; } +int mptcp_allow_join_id0(struct net *net) +{ + return mptcp_get_pernet(net)->allow_join_initial_addr_port; +} + static void mptcp_pernet_set_defaults(struct mptcp_pernet *pernet) { pernet->mptcp_enabled = 1; pernet->add_addr_timeout = TCP_RTO_MAX; pernet->checksum_enabled = 0; + pernet->allow_join_initial_addr_port = 1; } #ifdef CONFIG_SYSCTL @@ -80,6 +87,14 @@ static struct ctl_table mptcp_sysctl_table[] = { .extra1 = SYSCTL_ZERO, .extra2 = SYSCTL_ONE }, + { + .procname = "allow_join_initial_addr_port", + .maxlen = sizeof(u8), + .mode = 0644, + .proc_handler = proc_dou8vec_minmax, + .extra1 = SYSCTL_ZERO, + .extra2 = SYSCTL_ONE + }, {} }; @@ -98,6 +113,7 @@ static int mptcp_pernet_new_table(struct net *net, struct mptcp_pernet *pernet) table[0].data = &pernet->mptcp_enabled; table[1].data = &pernet->add_addr_timeout; table[2].data = &pernet->checksum_enabled; + table[3].data = &pernet->allow_join_initial_addr_port; hdr = register_net_sysctl(net, MPTCP_SYSCTL_PATH, table); if (!hdr) diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 868e878af526..3d6bbdf00bfb 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -543,6 +543,7 @@ static inline void mptcp_subflow_delegated_done(struct mptcp_subflow_context *su int mptcp_is_enabled(struct net *net); unsigned int mptcp_get_add_addr_timeout(struct net *net); int mptcp_is_checksum_enabled(struct net *net); +int mptcp_allow_join_id0(struct net *net); void mptcp_subflow_fully_established(struct mptcp_subflow_context *subflow, struct mptcp_options_received *mp_opt); bool mptcp_subflow_data_available(struct sock *sk); -- 2.31.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port Geliang Tang @ 2021-05-08 10:33 ` Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang 0 siblings, 1 reply; 7+ messages in thread From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw) To: mptcp; +Cc: Geliang Tang This patch defined a new flag MPTCP_CAP_DENY_JOIN_ID0 for the third bit, labeled "C" of the MP_CAPABLE option. Add a new flag allow_join_id0 in struct mptcp_out_options. If this flag is set, send out the MP_CAPABLE option with the flag MPTCP_CAP_DENY_JOIN_ID0. Signed-off-by: Geliang Tang <geliangtang@gmail.com> --- include/net/mptcp.h | 3 ++- net/mptcp/options.c | 6 ++++++ net/mptcp/protocol.h | 6 ++++-- net/mptcp/subflow.c | 1 + 4 files changed, 13 insertions(+), 3 deletions(-) diff --git a/include/net/mptcp.h b/include/net/mptcp.h index d61bbbf11979..cb580b06152f 100644 --- a/include/net/mptcp.h +++ b/include/net/mptcp.h @@ -67,7 +67,8 @@ struct mptcp_out_options { u8 backup; u8 reset_reason:4, reset_transient:1, - csum_reqd:1; + csum_reqd:1, + allow_join_id0:1; u32 nonce; u64 thmac; u32 token; diff --git a/net/mptcp/options.c b/net/mptcp/options.c index 3428c163299b..441ec25e117d 100644 --- a/net/mptcp/options.c +++ b/net/mptcp/options.c @@ -403,6 +403,7 @@ bool mptcp_syn_options(struct sock *sk, const struct sk_buff *skb, if (subflow->request_mptcp) { opts->suboptions = OPTION_MPTCP_MPC_SYN; opts->csum_reqd = mptcp_is_checksum_enabled(sock_net(sk)); + opts->allow_join_id0 = mptcp_allow_join_id0(sock_net(sk)); *size = TCPOLEN_MPTCP_MPC_SYN; return true; } else if (subflow->request_join) { @@ -491,6 +492,7 @@ static bool mptcp_established_options_mp(struct sock *sk, struct sk_buff *skb, opts->sndr_key = subflow->local_key; opts->rcvr_key = subflow->remote_key; opts->csum_reqd = READ_ONCE(msk->csum_enabled); + opts->allow_join_id0 = mptcp_allow_join_id0(sock_net(sk)); /* Section 3.1. * The MP_CAPABLE option is carried on the SYN, SYN/ACK, and ACK @@ -833,6 +835,7 @@ bool mptcp_synack_options(const struct request_sock *req, unsigned int *size, opts->suboptions = OPTION_MPTCP_MPC_SYNACK; opts->sndr_key = subflow_req->local_key; opts->csum_reqd = subflow_req->csum_reqd; + opts->allow_join_id0 = subflow_req->allow_join_id0; *size = TCPOLEN_MPTCP_MPC_SYNACK; pr_debug("subflow_req=%p, local_key=%llu", subflow_req, subflow_req->local_key); @@ -1207,6 +1210,9 @@ void mptcp_write_options(__be32 *ptr, const struct tcp_sock *tp, if (opts->csum_reqd) flag |= MPTCP_CAP_CHECKSUM_REQD; + if (!opts->allow_join_id0) + flag |= MPTCP_CAP_DENY_JOIN_ID0; + *ptr++ = mptcp_option(MPTCPOPT_MP_CAPABLE, len, MPTCP_SUPPORTED_VERSION, flag); diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 3d6bbdf00bfb..fd7ff2d28cb3 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -79,8 +79,9 @@ #define MPTCP_VERSION_MASK (0x0F) #define MPTCP_CAP_CHECKSUM_REQD BIT(7) #define MPTCP_CAP_EXTENSIBILITY BIT(6) +#define MPTCP_CAP_DENY_JOIN_ID0 BIT(5) #define MPTCP_CAP_HMAC_SHA256 BIT(0) -#define MPTCP_CAP_FLAG_MASK (0x3F) +#define MPTCP_CAP_FLAG_MASK (0x1F) /* MPTCP DSS flags */ #define MPTCP_DSS_DATA_FIN BIT(4) @@ -352,7 +353,8 @@ struct mptcp_subflow_request_sock { u16 mp_capable : 1, mp_join : 1, backup : 1, - csum_reqd : 1; + csum_reqd : 1, + allow_join_id0 : 1; u8 local_id; u8 remote_id; u64 local_key; diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index c8968038174f..249a66ad54dc 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -109,6 +109,7 @@ static void subflow_init_req(struct request_sock *req, const struct sock *sk_lis subflow_req->mp_capable = 0; subflow_req->mp_join = 0; subflow_req->csum_reqd = mptcp_is_checksum_enabled(sock_net(sk_listener)); + subflow_req->allow_join_id0 = mptcp_allow_join_id0(sock_net(sk_listener)); subflow_req->msk = NULL; mptcp_token_init_request(req); } -- 2.31.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options Geliang Tang @ 2021-05-08 10:33 ` Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang 2021-05-13 0:43 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Mat Martineau 0 siblings, 2 replies; 7+ messages in thread From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw) To: mptcp; +Cc: Geliang Tang Like the anno_list member in struct mptcp_pm_data, this patch added a new member named add_list in it, to save all the received ADD_ADDRs in this add_list. Signed-off-by: Geliang Tang <geliangtang@gmail.com> --- net/mptcp/pm.c | 1 + net/mptcp/pm_netlink.c | 74 ++++++++++++++++++++++++++++++++++++++++++ net/mptcp/protocol.c | 1 + net/mptcp/protocol.h | 2 ++ 4 files changed, 78 insertions(+) diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c index 9d00fa6d22e9..9456fe17b6a3 100644 --- a/net/mptcp/pm.c +++ b/net/mptcp/pm.c @@ -324,6 +324,7 @@ void mptcp_pm_data_init(struct mptcp_sock *msk) spin_lock_init(&msk->pm.lock); INIT_LIST_HEAD(&msk->pm.anno_list); + INIT_LIST_HEAD(&msk->pm.add_list); mptcp_pm_nl_data_init(msk); } diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index d094588afad8..47a515af2b0a 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -483,6 +483,72 @@ static void mptcp_pm_nl_subflow_established(struct mptcp_sock *msk) mptcp_pm_create_subflow_or_signal_addr(msk); } +struct mptcp_pm_add_entry * +mptcp_lookup_add_list_by_id(struct mptcp_sock *msk, u8 id) +{ + struct mptcp_pm_add_entry *entry; + + lockdep_assert_held(&msk->pm.lock); + + list_for_each_entry(entry, &msk->pm.add_list, list) { + if (entry->addr.id == id) + return entry; + } + + return NULL; +} + +struct mptcp_pm_add_entry * +mptcp_lookup_add_list_by_saddr(struct mptcp_sock *msk, + struct mptcp_addr_info *addr) +{ + struct mptcp_pm_add_entry *entry; + + lockdep_assert_held(&msk->pm.lock); + + list_for_each_entry(entry, &msk->pm.add_list, list) { + if (addresses_equal(&entry->addr, addr, true)) + return entry; + } + + return NULL; +} + +static bool mptcp_pm_alloc_add_list(struct mptcp_sock *msk, + struct mptcp_addr_info *addr) +{ + struct mptcp_pm_add_entry *add_entry = NULL; + + lockdep_assert_held(&msk->pm.lock); + + if (mptcp_lookup_add_list_by_saddr(msk, addr)) + return false; + + add_entry = kmalloc(sizeof(*add_entry), GFP_ATOMIC); + if (!add_entry) + return false; + + list_add(&add_entry->list, &msk->pm.add_list); + add_entry->addr = *addr; + + return true; +} + +void mptcp_pm_free_add_list(struct mptcp_sock *msk) +{ + struct mptcp_pm_add_entry *entry, *tmp; + LIST_HEAD(free_list); + + pr_debug("msk=%p", msk); + + spin_lock_bh(&msk->pm.lock); + list_splice_init(&msk->pm.add_list, &free_list); + spin_unlock_bh(&msk->pm.lock); + + list_for_each_entry_safe(entry, tmp, &free_list, list) + kfree(entry); +} + static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk) { struct sock *sk = (struct sock *)msk; @@ -513,6 +579,8 @@ static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk) remote = msk->pm.remote; if (!remote.port) remote.port = sk->sk_dport; + if (!mptcp_pm_alloc_add_list(msk, &remote)) + return; memset(&local, 0, sizeof(local)); local.family = remote.family; @@ -612,6 +680,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, list_for_each_entry_safe(subflow, tmp, &msk->conn_list, node) { struct sock *ssk = mptcp_subflow_tcp_sock(subflow); int how = RCV_SHUTDOWN | SEND_SHUTDOWN; + struct mptcp_pm_add_entry *entry; u8 id = subflow->local_id; if (rm_type == MPTCP_MIB_RMADDR) @@ -631,6 +700,11 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, if (rm_type == MPTCP_MIB_RMADDR) { msk->pm.add_addr_accepted--; WRITE_ONCE(msk->pm.accept_addr, true); + entry = mptcp_lookup_add_list_by_id(msk, id); + if (entry) { + list_del(&entry->list); + kfree(entry); + } } else if (rm_type == MPTCP_MIB_RMSUBFLOW) { msk->pm.local_addr_used--; } diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 652e55a0c6e8..446076388637 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -2882,6 +2882,7 @@ void mptcp_destroy_common(struct mptcp_sock *msk) skb_rbtree_purge(&msk->out_of_order_queue); mptcp_token_destroy(msk); mptcp_pm_free_anno_list(msk); + mptcp_pm_free_add_list(msk); } static void mptcp_destroy(struct sock *sk) diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index fd7ff2d28cb3..d19deee01896 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -185,6 +185,7 @@ struct mptcp_pm_data { struct mptcp_addr_info local; struct mptcp_addr_info remote; struct list_head anno_list; + struct list_head add_list; spinlock_t lock; /*protects the whole PM data */ @@ -693,6 +694,7 @@ int mptcp_pm_nl_mp_prio_send_ack(struct mptcp_sock *msk, struct mptcp_addr_info *addr, u8 bkup); void mptcp_pm_free_anno_list(struct mptcp_sock *msk); +void mptcp_pm_free_add_list(struct mptcp_sock *msk); bool mptcp_pm_sport_in_anno_list(struct mptcp_sock *msk, const struct sock *sk); struct mptcp_pm_add_entry * mptcp_pm_del_add_timer(struct mptcp_sock *msk, -- 2.31.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang @ 2021-05-08 10:33 ` Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 5/5] selftests: mptcp: add deny_join_id0 testcases Geliang Tang 2021-05-13 0:43 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Mat Martineau 1 sibling, 1 reply; 7+ messages in thread From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw) To: mptcp; +Cc: Geliang Tang, Florian Westphal This patch added a new flag named deny_join_id0 in struct mptcp_options_received. Set it when MP_CAPABLE with the flag MPTCP_CAP_DENYJOIN_ID0 is received. Also add a new flag remote_deny_join_id0 in struct mptcp_pm_data. When the flag deny_join_id0 is set, set this remote_deny_join_id0 flag. In mptcp_pm_create_subflow_or_signal_addr, if the remote_deny_join_id0 flag is set, use the first received ADD_ADDR address as the remote address to connect. Suggested-by: Florian Westphal <fw@strlen.de> Signed-off-by: Geliang Tang <geliangtang@gmail.com> --- net/mptcp/options.c | 6 ++++++ net/mptcp/pm.c | 1 + net/mptcp/pm_netlink.c | 12 +++++++++++- net/mptcp/protocol.h | 4 +++- net/mptcp/subflow.c | 2 ++ 5 files changed, 23 insertions(+), 2 deletions(-) diff --git a/net/mptcp/options.c b/net/mptcp/options.c index 441ec25e117d..b9188c53e58f 100644 --- a/net/mptcp/options.c +++ b/net/mptcp/options.c @@ -87,6 +87,9 @@ static void mptcp_parse_option(const struct sock *sk, if (flags & MPTCP_CAP_CHECKSUM_REQD) mp_opt->csum_reqd = 1; + if (flags & MPTCP_CAP_DENY_JOIN_ID0) + mp_opt->deny_join_id0 = 1; + mp_opt->mp_capable = 1; if (opsize >= TCPOLEN_MPTCP_MPC_SYNACK) { mp_opt->sndr_key = get_unaligned_be64(ptr); @@ -363,6 +366,7 @@ void mptcp_get_options(const struct sock *sk, mp_opt->mp_prio = 0; mp_opt->reset = 0; mp_opt->csum_reqd = 0; + mp_opt->deny_join_id0 = 0; length = (th->doff * 4) - sizeof(struct tcphdr); ptr = (const unsigned char *)(th + 1); @@ -1055,6 +1059,8 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb) } mptcp_get_options(sk, skb, &mp_opt); + if (mp_opt.deny_join_id0) + WRITE_ONCE(msk->pm.remote_deny_join_id0, true); if (!check_fully_established(msk, sk, subflow, skb, &mp_opt)) return; diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c index 9456fe17b6a3..23a309f641aa 100644 --- a/net/mptcp/pm.c +++ b/net/mptcp/pm.c @@ -320,6 +320,7 @@ void mptcp_pm_data_init(struct mptcp_sock *msk) WRITE_ONCE(msk->pm.addr_signal, 0); WRITE_ONCE(msk->pm.accept_addr, false); WRITE_ONCE(msk->pm.accept_subflow, false); + WRITE_ONCE(msk->pm.remote_deny_join_id0, false); msk->pm.status = 0; spin_lock_init(&msk->pm.lock); diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index 47a515af2b0a..dddd7c5613fa 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -456,10 +456,20 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) if (local) { struct mptcp_addr_info remote = { 0 }; + remote_address((struct sock_common *)sk, &remote); + if (READ_ONCE(msk->pm.remote_deny_join_id0)) { + struct mptcp_pm_add_entry *entry; + + entry = list_first_entry_or_null(&msk->pm.add_list, + typeof(*entry), list); + if (!entry) + return; + + remote = entry->addr; + } msk->pm.local_addr_used++; msk->pm.subflows++; check_work_pending(msk); - remote_address((struct sock_common *)sk, &remote); spin_unlock_bh(&msk->pm.lock); __mptcp_subflow_connect(sk, &local->addr, &remote, local->flags, local->ifindex); diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index d19deee01896..5b2e72cf8e06 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -138,7 +138,8 @@ struct mptcp_options_received { mp_prio : 1, echo : 1, csum_reqd : 1, - backup : 1; + backup : 1, + deny_join_id0 : 1; u32 token; u32 nonce; u64 thmac; @@ -194,6 +195,7 @@ struct mptcp_pm_data { bool work_pending; bool accept_addr; bool accept_subflow; + bool remote_deny_join_id0; u8 add_addr_signaled; u8 add_addr_accepted; u8 local_addr_used; diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 249a66ad54dc..bb4bf31e73cf 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -408,6 +408,8 @@ static void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) if (mp_opt.csum_reqd) WRITE_ONCE(mptcp_sk(parent)->csum_enabled, true); + if (mp_opt.deny_join_id0) + WRITE_ONCE(mptcp_sk(parent)->pm.remote_deny_join_id0, true); subflow->mp_capable = 1; subflow->can_ack = 1; subflow->remote_key = mp_opt.sndr_key; -- 2.31.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* [MPTCP][PATCH v5 mptcp-next 5/5] selftests: mptcp: add deny_join_id0 testcases 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang @ 2021-05-08 10:33 ` Geliang Tang 0 siblings, 0 replies; 7+ messages in thread From: Geliang Tang @ 2021-05-08 10:33 UTC (permalink / raw) To: mptcp; +Cc: Geliang Tang This patch added a new argument '-d' for mptcp_join.sh script, to invoke the testcases for the MP_CAPABLE 'C' flag. Signed-off-by: Geliang Tang <geliangtang@gmail.com> --- .../testing/selftests/net/mptcp/mptcp_join.sh | 56 ++++++++++++++++++- 1 file changed, 55 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh index 523c7797f30a..17b385f011d2 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_join.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh @@ -139,6 +139,17 @@ reset_with_checksum() ip netns exec $ns2 sysctl -q net.mptcp.checksum_enabled=$ns2_enable } +reset_with_allow_join_id0() +{ + local ns1_enable=$1 + local ns2_enable=$2 + + reset + + ip netns exec $ns1 sysctl -q net.mptcp.allow_join_initial_addr_port=$ns1_enable + ip netns exec $ns2 sysctl -q net.mptcp.allow_join_initial_addr_port=$ns2_enable +} + ip -Version > /dev/null 2>&1 if [ $? -ne 0 ];then echo "SKIP: Could not run test without ip tool" @@ -1462,6 +1473,44 @@ checksum_tests() chk_csum_nr "checksum test 1 0" } +deny_join_id0_tests() +{ + # subflow allow join id0 ns1 + reset_with_allow_join_id0 1 0 + ip netns exec $ns1 ./pm_nl_ctl limits 1 1 + ip netns exec $ns2 ./pm_nl_ctl limits 1 1 + ip netns exec $ns2 ./pm_nl_ctl add 10.0.3.2 flags subflow + run_tests $ns1 $ns2 10.0.1.1 + chk_join_nr "single subflow allow join id0 ns1" 1 1 1 + + # subflow allow join id0 ns2 + reset_with_allow_join_id0 0 1 + ip netns exec $ns1 ./pm_nl_ctl limits 1 1 + ip netns exec $ns2 ./pm_nl_ctl limits 1 1 + ip netns exec $ns2 ./pm_nl_ctl add 10.0.3.2 flags subflow + run_tests $ns1 $ns2 10.0.1.1 + chk_join_nr "single subflow allow join id0 ns2" 0 0 0 + + # subflow and address allow join id0 + reset_with_allow_join_id0 0 1 + ip netns exec $ns1 ./pm_nl_ctl limits 2 2 + ip netns exec $ns2 ./pm_nl_ctl limits 2 2 + ip netns exec $ns1 ./pm_nl_ctl add 10.0.2.1 flags signal + ip netns exec $ns2 ./pm_nl_ctl add 10.0.3.2 flags subflow + run_tests $ns1 $ns2 10.0.1.1 + chk_join_nr "subflow and address allow join id0" 2 2 2 + + # signal address allow join id0 + # ADD_ADDRs are not affected by allow_join_id0 value. + reset_with_allow_join_id0 0 0 + ip netns exec $ns1 ./pm_nl_ctl limits 1 1 + ip netns exec $ns2 ./pm_nl_ctl limits 1 1 + ip netns exec $ns1 ./pm_nl_ctl add 10.0.2.1 flags signal + run_tests $ns1 $ns2 10.0.1.1 + chk_join_nr "signal address allow join id0" 1 1 1 + chk_add_nr 1 1 +} + all_tests() { subflows_tests @@ -1476,6 +1525,7 @@ all_tests() add_addr_ports_tests syncookies_tests checksum_tests + deny_join_id0_tests } usage() @@ -1493,6 +1543,7 @@ usage() echo " -p add_addr_ports_tests" echo " -k syncookies_tests" echo " -S checksum_tests" + echo " -d deny_join_id0_tests" echo " -c capture pcap files" echo " -C enable data checksum" echo " -h help" @@ -1528,7 +1579,7 @@ if [ $do_all_tests -eq 1 ]; then exit $ret fi -while getopts 'fsltra64bpkchCS' opt; do +while getopts 'fsltra64bpkdchCS' opt; do case $opt in f) subflows_tests @@ -1566,6 +1617,9 @@ while getopts 'fsltra64bpkchCS' opt; do S) checksum_tests ;; + d) + deny_join_id0_tests + ;; c) ;; C) -- 2.31.1 ^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang @ 2021-05-13 0:43 ` Mat Martineau 1 sibling, 0 replies; 7+ messages in thread From: Mat Martineau @ 2021-05-13 0:43 UTC (permalink / raw) To: Geliang Tang; +Cc: mptcp On Sat, 8 May 2021, Geliang Tang wrote: > Like the anno_list member in struct mptcp_pm_data, this patch added a > new member named add_list in it, to save all the received ADD_ADDRs in > this add_list. > > Signed-off-by: Geliang Tang <geliangtang@gmail.com> > --- > net/mptcp/pm.c | 1 + > net/mptcp/pm_netlink.c | 74 ++++++++++++++++++++++++++++++++++++++++++ > net/mptcp/protocol.c | 1 + > net/mptcp/protocol.h | 2 ++ > 4 files changed, 78 insertions(+) > > diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c > index 9d00fa6d22e9..9456fe17b6a3 100644 > --- a/net/mptcp/pm.c > +++ b/net/mptcp/pm.c > @@ -324,6 +324,7 @@ void mptcp_pm_data_init(struct mptcp_sock *msk) > > spin_lock_init(&msk->pm.lock); > INIT_LIST_HEAD(&msk->pm.anno_list); > + INIT_LIST_HEAD(&msk->pm.add_list); > > mptcp_pm_nl_data_init(msk); > } > diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c > index d094588afad8..47a515af2b0a 100644 > --- a/net/mptcp/pm_netlink.c > +++ b/net/mptcp/pm_netlink.c > @@ -483,6 +483,72 @@ static void mptcp_pm_nl_subflow_established(struct mptcp_sock *msk) > mptcp_pm_create_subflow_or_signal_addr(msk); > } > > +struct mptcp_pm_add_entry * > +mptcp_lookup_add_list_by_id(struct mptcp_sock *msk, u8 id) > +{ > + struct mptcp_pm_add_entry *entry; > + > + lockdep_assert_held(&msk->pm.lock); > + > + list_for_each_entry(entry, &msk->pm.add_list, list) { > + if (entry->addr.id == id) > + return entry; > + } > + > + return NULL; > +} > + > +struct mptcp_pm_add_entry * > +mptcp_lookup_add_list_by_saddr(struct mptcp_sock *msk, > + struct mptcp_addr_info *addr) > +{ > + struct mptcp_pm_add_entry *entry; > + > + lockdep_assert_held(&msk->pm.lock); > + > + list_for_each_entry(entry, &msk->pm.add_list, list) { > + if (addresses_equal(&entry->addr, addr, true)) > + return entry; > + } > + > + return NULL; > +} > + > +static bool mptcp_pm_alloc_add_list(struct mptcp_sock *msk, > + struct mptcp_addr_info *addr) > +{ > + struct mptcp_pm_add_entry *add_entry = NULL; > + > + lockdep_assert_held(&msk->pm.lock); > + > + if (mptcp_lookup_add_list_by_saddr(msk, addr)) > + return false; > + > + add_entry = kmalloc(sizeof(*add_entry), GFP_ATOMIC); Hi Geliang - Thanks for adding the list to track addresses announced by the peer. It will also be helpful for future in-kernel path manager functionality. I think it's worthwhile to add a separate struct for this list instead of reusing struct mptcp_pm_add_entry. The timer_list is a large number of bytes to allocate and not use: // from pahole struct mptcp_pm_add_entry { struct list_head list; /* 0 16 */ struct mptcp_addr_info addr; /* 16 24 */ struct timer_list add_timer; /* 40 80 */ /* --- cacheline 1 boundary (64 bytes) was 56 bytes ago --- */ struct mptcp_sock * sock; /* 120 8 */ /* --- cacheline 2 boundary (128 bytes) --- */ u8 retrans_times; /* 128 1 */ /* size: 136, cachelines: 3, members: 5 */ /* padding: 7 */ /* last cacheline: 8 bytes */ }; -Mat > + if (!add_entry) > + return false; > + > + list_add(&add_entry->list, &msk->pm.add_list); > + add_entry->addr = *addr; > + > + return true; > +} > + > +void mptcp_pm_free_add_list(struct mptcp_sock *msk) > +{ > + struct mptcp_pm_add_entry *entry, *tmp; > + LIST_HEAD(free_list); > + > + pr_debug("msk=%p", msk); > + > + spin_lock_bh(&msk->pm.lock); > + list_splice_init(&msk->pm.add_list, &free_list); > + spin_unlock_bh(&msk->pm.lock); > + > + list_for_each_entry_safe(entry, tmp, &free_list, list) > + kfree(entry); > +} > + > static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk) > { > struct sock *sk = (struct sock *)msk; > @@ -513,6 +579,8 @@ static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk) > remote = msk->pm.remote; > if (!remote.port) > remote.port = sk->sk_dport; > + if (!mptcp_pm_alloc_add_list(msk, &remote)) > + return; > memset(&local, 0, sizeof(local)); > local.family = remote.family; > > @@ -612,6 +680,7 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, > list_for_each_entry_safe(subflow, tmp, &msk->conn_list, node) { > struct sock *ssk = mptcp_subflow_tcp_sock(subflow); > int how = RCV_SHUTDOWN | SEND_SHUTDOWN; > + struct mptcp_pm_add_entry *entry; > u8 id = subflow->local_id; > > if (rm_type == MPTCP_MIB_RMADDR) > @@ -631,6 +700,11 @@ static void mptcp_pm_nl_rm_addr_or_subflow(struct mptcp_sock *msk, > if (rm_type == MPTCP_MIB_RMADDR) { > msk->pm.add_addr_accepted--; > WRITE_ONCE(msk->pm.accept_addr, true); > + entry = mptcp_lookup_add_list_by_id(msk, id); > + if (entry) { > + list_del(&entry->list); > + kfree(entry); > + } > } else if (rm_type == MPTCP_MIB_RMSUBFLOW) { > msk->pm.local_addr_used--; > } > diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c > index 652e55a0c6e8..446076388637 100644 > --- a/net/mptcp/protocol.c > +++ b/net/mptcp/protocol.c > @@ -2882,6 +2882,7 @@ void mptcp_destroy_common(struct mptcp_sock *msk) > skb_rbtree_purge(&msk->out_of_order_queue); > mptcp_token_destroy(msk); > mptcp_pm_free_anno_list(msk); > + mptcp_pm_free_add_list(msk); > } > > static void mptcp_destroy(struct sock *sk) > diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h > index fd7ff2d28cb3..d19deee01896 100644 > --- a/net/mptcp/protocol.h > +++ b/net/mptcp/protocol.h > @@ -185,6 +185,7 @@ struct mptcp_pm_data { > struct mptcp_addr_info local; > struct mptcp_addr_info remote; > struct list_head anno_list; > + struct list_head add_list; > > spinlock_t lock; /*protects the whole PM data */ > > @@ -693,6 +694,7 @@ int mptcp_pm_nl_mp_prio_send_ack(struct mptcp_sock *msk, > struct mptcp_addr_info *addr, > u8 bkup); > void mptcp_pm_free_anno_list(struct mptcp_sock *msk); > +void mptcp_pm_free_add_list(struct mptcp_sock *msk); > bool mptcp_pm_sport_in_anno_list(struct mptcp_sock *msk, const struct sock *sk); > struct mptcp_pm_add_entry * > mptcp_pm_del_add_timer(struct mptcp_sock *msk, > -- > 2.31.1 > > > -- Mat Martineau Intel ^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2021-05-13 0:43 UTC | newest] Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2021-05-08 10:33 [MPTCP][PATCH v5 mptcp-next 0/5] add MP_CAPABLE 'C' flag Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 1/5] mptcp: add sysctl allow_join_initial_addr_port Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 2/5] mptcp: add allow_join_id0 in mptcp_out_options Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 4/5] mptcp: add deny_join_id0 in mptcp_options_received Geliang Tang 2021-05-08 10:33 ` [MPTCP][PATCH v5 mptcp-next 5/5] selftests: mptcp: add deny_join_id0 testcases Geliang Tang 2021-05-13 0:43 ` [MPTCP][PATCH v5 mptcp-next 3/5] mptcp: add add_list in mptcp_pm_data Mat Martineau
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).