lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAK6E8=cH9TcPobp0UmQqph87TgEtzjAA_YdbTqGORnL4gg=nVA@mail.gmail.com> Date: Sun, 17 Jul 2022 08:20:19 -0700 From: Yuchung Cheng <ycheng@...gle.com> To: Kuniyuki Iwashima <kuniyu@...zon.com> Cc: "David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>, David Ahern <dsahern@...nel.org>, Kuniyuki Iwashima <kuni1840@...il.com>, netdev@...r.kernel.org Subject: Re: [PATCH v1 net 14/15] tcp: Fix data-races around sysctl_tcp_fastopen. On Fri, Jul 15, 2022 at 10:21 AM Kuniyuki Iwashima <kuniyu@...zon.com> wrote: > > While reading sysctl_tcp_fastopen, it can be changed concurrently. > Thus, we need to add READ_ONCE() to its readers. > > Fixes: 2100c8d2d9db ("net-tcp: Fast Open base") > Signed-off-by: Kuniyuki Iwashima <kuniyu@...zon.com> > --- > CC: Yuchung Cheng <ycheng@...gle.com> Thanks for the improvement Acked-by: Yuchung Cheng <ycheng@...gle.com> > --- > net/ipv4/af_inet.c | 2 +- > net/ipv4/tcp.c | 6 ++++-- > net/ipv4/tcp_fastopen.c | 4 ++-- > 3 files changed, 7 insertions(+), 5 deletions(-) > > diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c > index 4bc24f9e38b3..59a0c5406fc1 100644 > --- a/net/ipv4/af_inet.c > +++ b/net/ipv4/af_inet.c > @@ -217,7 +217,7 @@ int inet_listen(struct socket *sock, int backlog) > * because the socket was in TCP_LISTEN state previously but > * was shutdown() rather than close(). > */ > - tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen; > + tcp_fastopen = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen); > if ((tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) && > (tcp_fastopen & TFO_SERVER_ENABLE) && > !inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) { > diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c > index b1b1bcbc4f60..2faaaaf540ac 100644 > --- a/net/ipv4/tcp.c > +++ b/net/ipv4/tcp.c > @@ -1150,7 +1150,8 @@ static int tcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg, > struct sockaddr *uaddr = msg->msg_name; > int err, flags; > > - if (!(sock_net(sk)->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) || > + if (!(READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen) & > + TFO_CLIENT_ENABLE) || > (uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) && > uaddr->sa_family == AF_UNSPEC)) > return -EOPNOTSUPP; > @@ -3617,7 +3618,8 @@ static int do_tcp_setsockopt(struct sock *sk, int level, int optname, > case TCP_FASTOPEN_CONNECT: > if (val > 1 || val < 0) { > err = -EINVAL; > - } else if (net->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) { > + } else if (READ_ONCE(net->ipv4.sysctl_tcp_fastopen) & > + TFO_CLIENT_ENABLE) { > if (sk->sk_state == TCP_CLOSE) > tp->fastopen_connect = val; > else > diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c > index fdbcf2a6d08e..0acdb5473850 100644 > --- a/net/ipv4/tcp_fastopen.c > +++ b/net/ipv4/tcp_fastopen.c > @@ -332,7 +332,7 @@ static bool tcp_fastopen_no_cookie(const struct sock *sk, > const struct dst_entry *dst, > int flag) > { > - return (sock_net(sk)->ipv4.sysctl_tcp_fastopen & flag) || > + return (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen) & flag) || > tcp_sk(sk)->fastopen_no_cookie || > (dst && dst_metric(dst, RTAX_FASTOPEN_NO_COOKIE)); > } > @@ -347,7 +347,7 @@ struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb, > const struct dst_entry *dst) > { > bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1; > - int tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen; > + int tcp_fastopen = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen); > struct tcp_fastopen_cookie valid_foc = { .len = -1 }; > struct sock *child; > int ret = 0; > -- > 2.30.2 >
Powered by blists - more mailing lists