mirror of
https://gitee.com/bianbu-linux/linux-6.6
synced 2025-04-24 14:07:52 -04:00
mptcp: don't return sockets in foreign netns
mptcp_token_get_sock() may return a mptcp socket that is in
a different net namespace than the socket that received the token value.
The mptcp syncookie code path had an explicit check for this,
this moves the test into mptcp_token_get_sock() function.
Eventually token.c should be converted to pernet storage, but
such change is not suitable for net tree.
Fixes: 2c5ebd001d ("mptcp: refactor token container")
Signed-off-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Florian Westphal
David S. Miller
parent
f7e745f8e9
commit
ea1300b9df
6 changed files with 20 additions and 24 deletions
|
|
@ -11,6 +11,7 @@ static struct mptcp_subflow_request_sock *build_req_sock(struct kunit *test)
|
|||
GFP_USER);
|
||||
KUNIT_EXPECT_NOT_ERR_OR_NULL(test, req);
|
||||
mptcp_token_init_request((struct request_sock *)req);
|
||||
sock_net_set((struct sock *)req, &init_net);
|
||||
return req;
|
||||
}
|
||||
|
||||
|
|
@ -22,7 +23,7 @@ static void mptcp_token_test_req_basic(struct kunit *test)
|
|||
KUNIT_ASSERT_EQ(test, 0,
|
||||
mptcp_token_new_request((struct request_sock *)req));
|
||||
KUNIT_EXPECT_NE(test, 0, (int)req->token);
|
||||
KUNIT_EXPECT_PTR_EQ(test, null_msk, mptcp_token_get_sock(req->token));
|
||||
KUNIT_EXPECT_PTR_EQ(test, null_msk, mptcp_token_get_sock(&init_net, req->token));
|
||||
|
||||
/* cleanup */
|
||||
mptcp_token_destroy_request((struct request_sock *)req);
|
||||
|
|
@ -55,6 +56,7 @@ static struct mptcp_sock *build_msk(struct kunit *test)
|
|||
msk = kunit_kzalloc(test, sizeof(struct mptcp_sock), GFP_USER);
|
||||
KUNIT_EXPECT_NOT_ERR_OR_NULL(test, msk);
|
||||
refcount_set(&((struct sock *)msk)->sk_refcnt, 1);
|
||||
sock_net_set((struct sock *)msk, &init_net);
|
||||
return msk;
|
||||
}
|
||||
|
||||
|
|
@ -74,11 +76,11 @@ static void mptcp_token_test_msk_basic(struct kunit *test)
|
|||
mptcp_token_new_connect((struct sock *)icsk));
|
||||
KUNIT_EXPECT_NE(test, 0, (int)ctx->token);
|
||||
KUNIT_EXPECT_EQ(test, ctx->token, msk->token);
|
||||
KUNIT_EXPECT_PTR_EQ(test, msk, mptcp_token_get_sock(ctx->token));
|
||||
KUNIT_EXPECT_PTR_EQ(test, msk, mptcp_token_get_sock(&init_net, ctx->token));
|
||||
KUNIT_EXPECT_EQ(test, 2, (int)refcount_read(&sk->sk_refcnt));
|
||||
|
||||
mptcp_token_destroy(msk);
|
||||
KUNIT_EXPECT_PTR_EQ(test, null_msk, mptcp_token_get_sock(ctx->token));
|
||||
KUNIT_EXPECT_PTR_EQ(test, null_msk, mptcp_token_get_sock(&init_net, ctx->token));
|
||||
}
|
||||
|
||||
static void mptcp_token_test_accept(struct kunit *test)
|
||||
|
|
@ -90,11 +92,11 @@ static void mptcp_token_test_accept(struct kunit *test)
|
|||
mptcp_token_new_request((struct request_sock *)req));
|
||||
msk->token = req->token;
|
||||
mptcp_token_accept(req, msk);
|
||||
KUNIT_EXPECT_PTR_EQ(test, msk, mptcp_token_get_sock(msk->token));
|
||||
KUNIT_EXPECT_PTR_EQ(test, msk, mptcp_token_get_sock(&init_net, msk->token));
|
||||
|
||||
/* this is now a no-op */
|
||||
mptcp_token_destroy_request((struct request_sock *)req);
|
||||
KUNIT_EXPECT_PTR_EQ(test, msk, mptcp_token_get_sock(msk->token));
|
||||
KUNIT_EXPECT_PTR_EQ(test, msk, mptcp_token_get_sock(&init_net, msk->token));
|
||||
|
||||
/* cleanup */
|
||||
mptcp_token_destroy(msk);
|
||||
|
|
@ -116,7 +118,7 @@ static void mptcp_token_test_destroyed(struct kunit *test)
|
|||
|
||||
/* simulate race on removal */
|
||||
refcount_set(&sk->sk_refcnt, 0);
|
||||
KUNIT_EXPECT_PTR_EQ(test, null_msk, mptcp_token_get_sock(msk->token));
|
||||
KUNIT_EXPECT_PTR_EQ(test, null_msk, mptcp_token_get_sock(&init_net, msk->token));
|
||||
|
||||
/* cleanup */
|
||||
mptcp_token_destroy(msk);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue