1 // SPDX-License-Identifier: GPL-2.0
2 /* Multipath TCP
3 *
4 * Copyright (c) 2025, Matthieu Baerts.
5 */
6
7 #define pr_fmt(fmt) "MPTCP: " fmt
8
9 #include <net/netns/generic.h>
10
11 #include "protocol.h"
12 #include "mib.h"
13 #include "mptcp_pm_gen.h"
14
15 static int pm_nl_pernet_id;
16
17 struct pm_nl_pernet {
18 /* protects pernet updates */
19 spinlock_t lock;
20 struct list_head endp_list;
21 u8 endpoints;
22 u8 endp_signal_max;
23 u8 endp_subflow_max;
24 u8 endp_laminar_max;
25 u8 endp_fullmesh_max;
26 u8 limit_add_addr_accepted;
27 u8 limit_extra_subflows;
28 u8 next_id;
29 DECLARE_BITMAP(id_bitmap, MPTCP_PM_MAX_ADDR_ID + 1);
30 };
31
32 #define MPTCP_PM_ADDR_MAX 8
33
pm_nl_get_pernet(const struct net * net)34 static struct pm_nl_pernet *pm_nl_get_pernet(const struct net *net)
35 {
36 return net_generic(net, pm_nl_pernet_id);
37 }
38
39 static struct pm_nl_pernet *
pm_nl_get_pernet_from_msk(const struct mptcp_sock * msk)40 pm_nl_get_pernet_from_msk(const struct mptcp_sock *msk)
41 {
42 return pm_nl_get_pernet(sock_net((struct sock *)msk));
43 }
44
genl_info_pm_nl(struct genl_info * info)45 static struct pm_nl_pernet *genl_info_pm_nl(struct genl_info *info)
46 {
47 return pm_nl_get_pernet(genl_info_net(info));
48 }
49
mptcp_pm_get_endp_signal_max(const struct mptcp_sock * msk)50 u8 mptcp_pm_get_endp_signal_max(const struct mptcp_sock *msk)
51 {
52 const struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
53
54 return READ_ONCE(pernet->endp_signal_max);
55 }
56 EXPORT_SYMBOL_GPL(mptcp_pm_get_endp_signal_max);
57
mptcp_pm_get_endp_subflow_max(const struct mptcp_sock * msk)58 u8 mptcp_pm_get_endp_subflow_max(const struct mptcp_sock *msk)
59 {
60 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
61
62 return READ_ONCE(pernet->endp_subflow_max);
63 }
64 EXPORT_SYMBOL_GPL(mptcp_pm_get_endp_subflow_max);
65
mptcp_pm_get_endp_laminar_max(const struct mptcp_sock * msk)66 u8 mptcp_pm_get_endp_laminar_max(const struct mptcp_sock *msk)
67 {
68 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
69
70 return READ_ONCE(pernet->endp_laminar_max);
71 }
72 EXPORT_SYMBOL_GPL(mptcp_pm_get_endp_laminar_max);
73
mptcp_pm_get_endp_fullmesh_max(const struct mptcp_sock * msk)74 u8 mptcp_pm_get_endp_fullmesh_max(const struct mptcp_sock *msk)
75 {
76 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
77
78 return READ_ONCE(pernet->endp_fullmesh_max);
79 }
80 EXPORT_SYMBOL_GPL(mptcp_pm_get_endp_fullmesh_max);
81
mptcp_pm_get_limit_add_addr_accepted(const struct mptcp_sock * msk)82 u8 mptcp_pm_get_limit_add_addr_accepted(const struct mptcp_sock *msk)
83 {
84 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
85
86 return READ_ONCE(pernet->limit_add_addr_accepted);
87 }
88 EXPORT_SYMBOL_GPL(mptcp_pm_get_limit_add_addr_accepted);
89
mptcp_pm_get_limit_extra_subflows(const struct mptcp_sock * msk)90 u8 mptcp_pm_get_limit_extra_subflows(const struct mptcp_sock *msk)
91 {
92 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
93
94 return READ_ONCE(pernet->limit_extra_subflows);
95 }
96 EXPORT_SYMBOL_GPL(mptcp_pm_get_limit_extra_subflows);
97
lookup_subflow_by_daddr(const struct list_head * list,const struct mptcp_addr_info * daddr)98 static bool lookup_subflow_by_daddr(const struct list_head *list,
99 const struct mptcp_addr_info *daddr)
100 {
101 struct mptcp_subflow_context *subflow;
102 struct mptcp_addr_info cur;
103
104 list_for_each_entry(subflow, list, node) {
105 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
106
107 if (!((1 << inet_sk_state_load(ssk)) &
108 (TCPF_ESTABLISHED | TCPF_SYN_SENT | TCPF_SYN_RECV)))
109 continue;
110
111 mptcp_remote_address((struct sock_common *)ssk, &cur);
112 if (mptcp_addresses_equal(&cur, daddr, daddr->port))
113 return true;
114 }
115
116 return false;
117 }
118
119 static bool
select_local_address(const struct pm_nl_pernet * pernet,const struct mptcp_sock * msk,struct mptcp_pm_local * new_local)120 select_local_address(const struct pm_nl_pernet *pernet,
121 const struct mptcp_sock *msk,
122 struct mptcp_pm_local *new_local)
123 {
124 struct mptcp_pm_addr_entry *entry;
125 bool found = false;
126
127 msk_owned_by_me(msk);
128
129 rcu_read_lock();
130 list_for_each_entry_rcu(entry, &pernet->endp_list, list) {
131 if (!(entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW))
132 continue;
133
134 if (!test_bit(entry->addr.id, msk->pm.id_avail_bitmap))
135 continue;
136
137 new_local->addr = entry->addr;
138 new_local->flags = entry->flags;
139 new_local->ifindex = entry->ifindex;
140 found = true;
141 break;
142 }
143 rcu_read_unlock();
144
145 return found;
146 }
147
148 static bool
select_signal_address(struct pm_nl_pernet * pernet,const struct mptcp_sock * msk,struct mptcp_pm_local * new_local)149 select_signal_address(struct pm_nl_pernet *pernet, const struct mptcp_sock *msk,
150 struct mptcp_pm_local *new_local)
151 {
152 struct mptcp_pm_addr_entry *entry;
153 bool found = false;
154
155 rcu_read_lock();
156 /* do not keep any additional per socket state, just signal
157 * the address list in order.
158 * Note: removal from the local address list during the msk life-cycle
159 * can lead to additional addresses not being announced.
160 */
161 list_for_each_entry_rcu(entry, &pernet->endp_list, list) {
162 if (!test_bit(entry->addr.id, msk->pm.id_avail_bitmap))
163 continue;
164
165 if (!(entry->flags & MPTCP_PM_ADDR_FLAG_SIGNAL))
166 continue;
167
168 new_local->addr = entry->addr;
169 new_local->flags = entry->flags;
170 new_local->ifindex = entry->ifindex;
171 found = true;
172 break;
173 }
174 rcu_read_unlock();
175
176 return found;
177 }
178
179 static unsigned int
fill_remote_addr(struct mptcp_sock * msk,struct mptcp_addr_info * local,struct mptcp_addr_info * addrs)180 fill_remote_addr(struct mptcp_sock *msk, struct mptcp_addr_info *local,
181 struct mptcp_addr_info *addrs)
182 {
183 bool deny_id0 = READ_ONCE(msk->pm.remote_deny_join_id0);
184 struct mptcp_addr_info remote = { 0 };
185 struct sock *sk = (struct sock *)msk;
186
187 if (deny_id0)
188 return 0;
189
190 mptcp_remote_address((struct sock_common *)sk, &remote);
191
192 if (!mptcp_pm_addr_families_match(sk, local, &remote))
193 return 0;
194
195 msk->pm.extra_subflows++;
196 *addrs = remote;
197
198 return 1;
199 }
200
201 static unsigned int
fill_remote_addresses_fullmesh(struct mptcp_sock * msk,struct mptcp_addr_info * local,struct mptcp_addr_info * addrs)202 fill_remote_addresses_fullmesh(struct mptcp_sock *msk,
203 struct mptcp_addr_info *local,
204 struct mptcp_addr_info *addrs)
205 {
206 u8 limit_extra_subflows = mptcp_pm_get_limit_extra_subflows(msk);
207 bool deny_id0 = READ_ONCE(msk->pm.remote_deny_join_id0);
208 DECLARE_BITMAP(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1);
209 struct sock *sk = (struct sock *)msk, *ssk;
210 struct mptcp_subflow_context *subflow;
211 int i = 0;
212
213 /* Forbid creation of new subflows matching existing ones, possibly
214 * already created by incoming ADD_ADDR
215 */
216 bitmap_zero(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1);
217 mptcp_for_each_subflow(msk, subflow)
218 if (READ_ONCE(subflow->local_id) == local->id)
219 __set_bit(subflow->remote_id, unavail_id);
220
221 mptcp_for_each_subflow(msk, subflow) {
222 ssk = mptcp_subflow_tcp_sock(subflow);
223 mptcp_remote_address((struct sock_common *)ssk, &addrs[i]);
224 addrs[i].id = READ_ONCE(subflow->remote_id);
225 if (deny_id0 && !addrs[i].id)
226 continue;
227
228 if (test_bit(addrs[i].id, unavail_id))
229 continue;
230
231 if (!mptcp_pm_addr_families_match(sk, local, &addrs[i]))
232 continue;
233
234 /* forbid creating multiple address towards this id */
235 __set_bit(addrs[i].id, unavail_id);
236 msk->pm.extra_subflows++;
237 i++;
238
239 if (msk->pm.extra_subflows >= limit_extra_subflows)
240 break;
241 }
242
243 return i;
244 }
245
246 /* Fill all the remote addresses into the array addrs[],
247 * and return the array size.
248 */
249 static unsigned int
fill_remote_addresses_vec(struct mptcp_sock * msk,struct mptcp_addr_info * local,bool fullmesh,struct mptcp_addr_info * addrs)250 fill_remote_addresses_vec(struct mptcp_sock *msk, struct mptcp_addr_info *local,
251 bool fullmesh, struct mptcp_addr_info *addrs)
252 {
253 /* Non-fullmesh: fill in the single entry corresponding to the primary
254 * MPC subflow remote address, and return 1, corresponding to 1 entry.
255 */
256 if (!fullmesh)
257 return fill_remote_addr(msk, local, addrs);
258
259 /* Fullmesh endpoint: fill all possible remote addresses */
260 return fill_remote_addresses_fullmesh(msk, local, addrs);
261 }
262
263 static struct mptcp_pm_addr_entry *
__lookup_addr_by_id(struct pm_nl_pernet * pernet,unsigned int id)264 __lookup_addr_by_id(struct pm_nl_pernet *pernet, unsigned int id)
265 {
266 struct mptcp_pm_addr_entry *entry;
267
268 list_for_each_entry_rcu(entry, &pernet->endp_list, list,
269 lockdep_is_held(&pernet->lock)) {
270 if (entry->addr.id == id)
271 return entry;
272 }
273 return NULL;
274 }
275
276 static struct mptcp_pm_addr_entry *
__lookup_addr(struct pm_nl_pernet * pernet,const struct mptcp_addr_info * info)277 __lookup_addr(struct pm_nl_pernet *pernet, const struct mptcp_addr_info *info)
278 {
279 struct mptcp_pm_addr_entry *entry;
280
281 list_for_each_entry_rcu(entry, &pernet->endp_list, list,
282 lockdep_is_held(&pernet->lock)) {
283 if (mptcp_addresses_equal(&entry->addr, info, entry->addr.port))
284 return entry;
285 }
286 return NULL;
287 }
288
mptcp_endp_get_local_id(struct mptcp_sock * msk,const struct mptcp_addr_info * addr)289 static u8 mptcp_endp_get_local_id(struct mptcp_sock *msk,
290 const struct mptcp_addr_info *addr)
291 {
292 return msk->mpc_endpoint_id == addr->id ? 0 : addr->id;
293 }
294
295 /* Set mpc_endpoint_id, and send MP_PRIO for ID0 if needed */
mptcp_mpc_endpoint_setup(struct mptcp_sock * msk)296 static void mptcp_mpc_endpoint_setup(struct mptcp_sock *msk)
297 {
298 struct mptcp_subflow_context *subflow;
299 struct mptcp_pm_addr_entry *entry;
300 struct mptcp_addr_info mpc_addr;
301 struct pm_nl_pernet *pernet;
302 bool backup = false;
303
304 /* do lazy endpoint usage accounting for the MPC subflows */
305 if (likely(msk->pm.status & BIT(MPTCP_PM_MPC_ENDPOINT_ACCOUNTED)) ||
306 !msk->first)
307 return;
308
309 subflow = mptcp_subflow_ctx(msk->first);
310 pernet = pm_nl_get_pernet_from_msk(msk);
311
312 mptcp_local_address((struct sock_common *)msk->first, &mpc_addr);
313 rcu_read_lock();
314 entry = __lookup_addr(pernet, &mpc_addr);
315 if (entry) {
316 __clear_bit(entry->addr.id, msk->pm.id_avail_bitmap);
317 msk->mpc_endpoint_id = entry->addr.id;
318 backup = !!(entry->flags & MPTCP_PM_ADDR_FLAG_BACKUP);
319 }
320 rcu_read_unlock();
321
322 /* Send MP_PRIO */
323 if (backup)
324 mptcp_pm_send_ack(msk, subflow, true, backup);
325
326 msk->pm.status |= BIT(MPTCP_PM_MPC_ENDPOINT_ACCOUNTED);
327 }
328
mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock * msk)329 static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk)
330 {
331 u8 limit_extra_subflows = mptcp_pm_get_limit_extra_subflows(msk);
332 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
333 u8 endp_subflow_max = mptcp_pm_get_endp_subflow_max(msk);
334 u8 endp_signal_max = mptcp_pm_get_endp_signal_max(msk);
335 struct sock *sk = (struct sock *)msk;
336 bool signal_and_subflow = false;
337 struct mptcp_pm_local local;
338
339 mptcp_mpc_endpoint_setup(msk);
340 if (!mptcp_is_fully_established(sk))
341 return;
342
343 pr_debug("local %d:%d signal %d:%d subflows %d:%d\n",
344 msk->pm.local_addr_used, endp_subflow_max,
345 msk->pm.add_addr_signaled, endp_signal_max,
346 msk->pm.extra_subflows, limit_extra_subflows);
347
348 /* check first for announce */
349 if (msk->pm.add_addr_signaled < endp_signal_max) {
350 u8 endp_id;
351
352 /* due to racing events on both ends we can reach here while
353 * previous add address is still running: if we invoke now
354 * mptcp_pm_announce_addr(), that will fail and the
355 * corresponding id will be marked as used.
356 * Instead let the PM machinery reschedule us when the
357 * current address announce will be completed.
358 */
359 if (msk->pm.addr_signal & BIT(MPTCP_ADD_ADDR_SIGNAL))
360 return;
361
362 if (!select_signal_address(pernet, msk, &local))
363 goto subflow;
364
365 /* Special case for ID0: set the correct ID */
366 endp_id = local.addr.id;
367 if (endp_id == msk->mpc_endpoint_id)
368 local.addr.id = 0;
369
370 /* If the alloc fails, we are on memory pressure, not worth
371 * continuing, and trying to create subflows.
372 */
373 if (!mptcp_pm_alloc_anno_list(msk, &local.addr))
374 return;
375
376 __clear_bit(endp_id, msk->pm.id_avail_bitmap);
377 msk->pm.add_addr_signaled++;
378
379 mptcp_pm_announce_addr(msk, &local.addr, false);
380 mptcp_pm_addr_send_ack(msk);
381
382 if (local.flags & MPTCP_PM_ADDR_FLAG_SUBFLOW)
383 signal_and_subflow = true;
384 }
385
386 subflow:
387 /* No need to try establishing subflows to remote id0 if not allowed */
388 if (mptcp_pm_add_addr_c_flag_case(msk))
389 goto exit;
390
391 /* check if should create a new subflow */
392 while (msk->pm.local_addr_used < endp_subflow_max &&
393 msk->pm.extra_subflows < limit_extra_subflows) {
394 struct mptcp_addr_info addrs[MPTCP_PM_ADDR_MAX];
395 bool fullmesh;
396 int i, nr;
397
398 if (signal_and_subflow)
399 signal_and_subflow = false;
400 else if (!select_local_address(pernet, msk, &local))
401 break;
402
403 fullmesh = !!(local.flags & MPTCP_PM_ADDR_FLAG_FULLMESH);
404
405 __clear_bit(local.addr.id, msk->pm.id_avail_bitmap);
406
407 /* Special case for ID0: set the correct ID */
408 if (local.addr.id == msk->mpc_endpoint_id)
409 local.addr.id = 0;
410 else /* local_addr_used is not decr for ID 0 */
411 msk->pm.local_addr_used++;
412
413 nr = fill_remote_addresses_vec(msk, &local.addr, fullmesh, addrs);
414 if (nr == 0)
415 continue;
416
417 spin_unlock_bh(&msk->pm.lock);
418 for (i = 0; i < nr; i++)
419 __mptcp_subflow_connect(sk, &local, &addrs[i]);
420 spin_lock_bh(&msk->pm.lock);
421 }
422
423 exit:
424 /* If an endpoint has both the signal and subflow flags, but it is not
425 * possible to create subflows -- the 'while' loop body above never
426 * executed -- then still mark the endp as used, which is somehow the
427 * case. This avoids issues later when removing the endpoint and calling
428 * __mark_subflow_endp_available(), which expects the increment here.
429 */
430 if (signal_and_subflow && local.addr.id != msk->mpc_endpoint_id)
431 msk->pm.local_addr_used++;
432
433 mptcp_pm_nl_check_work_pending(msk);
434 }
435
mptcp_pm_nl_fully_established(struct mptcp_sock * msk)436 static void mptcp_pm_nl_fully_established(struct mptcp_sock *msk)
437 {
438 mptcp_pm_create_subflow_or_signal_addr(msk);
439 }
440
mptcp_pm_nl_subflow_established(struct mptcp_sock * msk)441 static void mptcp_pm_nl_subflow_established(struct mptcp_sock *msk)
442 {
443 mptcp_pm_create_subflow_or_signal_addr(msk);
444 }
445
446 static unsigned int
fill_local_addresses_vec_fullmesh(struct mptcp_sock * msk,struct mptcp_addr_info * remote,struct mptcp_pm_local * locals,bool c_flag_case)447 fill_local_addresses_vec_fullmesh(struct mptcp_sock *msk,
448 struct mptcp_addr_info *remote,
449 struct mptcp_pm_local *locals,
450 bool c_flag_case)
451 {
452 u8 limit_extra_subflows = mptcp_pm_get_limit_extra_subflows(msk);
453 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
454 struct sock *sk = (struct sock *)msk;
455 struct mptcp_pm_addr_entry *entry;
456 struct mptcp_pm_local *local;
457 int i = 0;
458
459 rcu_read_lock();
460 list_for_each_entry_rcu(entry, &pernet->endp_list, list) {
461 bool is_id0;
462
463 if (!(entry->flags & MPTCP_PM_ADDR_FLAG_FULLMESH))
464 continue;
465
466 if (!mptcp_pm_addr_families_match(sk, &entry->addr, remote))
467 continue;
468
469 local = &locals[i];
470 local->addr = entry->addr;
471 local->flags = entry->flags;
472 local->ifindex = entry->ifindex;
473
474 is_id0 = local->addr.id == msk->mpc_endpoint_id;
475
476 if (c_flag_case &&
477 (entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW)) {
478 __clear_bit(local->addr.id, msk->pm.id_avail_bitmap);
479
480 if (!is_id0)
481 msk->pm.local_addr_used++;
482 }
483
484 /* Special case for ID0: set the correct ID */
485 if (is_id0)
486 local->addr.id = 0;
487
488 msk->pm.extra_subflows++;
489 i++;
490
491 if (msk->pm.extra_subflows >= limit_extra_subflows)
492 break;
493 }
494 rcu_read_unlock();
495
496 return i;
497 }
498
499 static unsigned int
fill_local_laminar_endp(struct mptcp_sock * msk,struct mptcp_addr_info * remote,struct mptcp_pm_local * locals)500 fill_local_laminar_endp(struct mptcp_sock *msk, struct mptcp_addr_info *remote,
501 struct mptcp_pm_local *locals)
502 {
503 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
504 DECLARE_BITMAP(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1);
505 struct mptcp_subflow_context *subflow;
506 struct sock *sk = (struct sock *)msk;
507 struct mptcp_pm_addr_entry *entry;
508 struct mptcp_pm_local *local;
509 int found = 0;
510
511 /* Forbid creation of new subflows matching existing ones, possibly
512 * already created by 'subflow' endpoints
513 */
514 bitmap_zero(unavail_id, MPTCP_PM_MAX_ADDR_ID + 1);
515 mptcp_for_each_subflow(msk, subflow) {
516 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
517
518 if ((1 << inet_sk_state_load(ssk)) &
519 (TCPF_FIN_WAIT1 | TCPF_FIN_WAIT2 | TCPF_CLOSING |
520 TCPF_CLOSE))
521 continue;
522
523 __set_bit(subflow_get_local_id(subflow), unavail_id);
524 }
525
526 rcu_read_lock();
527 list_for_each_entry_rcu(entry, &pernet->endp_list, list) {
528 if (!(entry->flags & MPTCP_PM_ADDR_FLAG_LAMINAR))
529 continue;
530
531 if (!mptcp_pm_addr_families_match(sk, &entry->addr, remote))
532 continue;
533
534 if (test_bit(mptcp_endp_get_local_id(msk, &entry->addr),
535 unavail_id))
536 continue;
537
538 local = &locals[0];
539 local->addr = entry->addr;
540 local->flags = entry->flags;
541 local->ifindex = entry->ifindex;
542
543 if (entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW) {
544 __clear_bit(local->addr.id, msk->pm.id_avail_bitmap);
545
546 if (local->addr.id != msk->mpc_endpoint_id)
547 msk->pm.local_addr_used++;
548 }
549
550 msk->pm.extra_subflows++;
551 found = 1;
552 break;
553 }
554 rcu_read_unlock();
555
556 return found;
557 }
558
559 static unsigned int
fill_local_addresses_vec_c_flag(struct mptcp_sock * msk,struct mptcp_addr_info * remote,struct mptcp_pm_local * locals)560 fill_local_addresses_vec_c_flag(struct mptcp_sock *msk,
561 struct mptcp_addr_info *remote,
562 struct mptcp_pm_local *locals)
563 {
564 u8 limit_extra_subflows = mptcp_pm_get_limit_extra_subflows(msk);
565 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
566 u8 endp_subflow_max = mptcp_pm_get_endp_subflow_max(msk);
567 struct sock *sk = (struct sock *)msk;
568 struct mptcp_pm_local *local;
569 int i = 0;
570
571 while (msk->pm.local_addr_used < endp_subflow_max) {
572 local = &locals[i];
573
574 if (!select_local_address(pernet, msk, local))
575 break;
576
577 __clear_bit(local->addr.id, msk->pm.id_avail_bitmap);
578
579 if (!mptcp_pm_addr_families_match(sk, &local->addr, remote))
580 continue;
581
582 if (local->addr.id == msk->mpc_endpoint_id)
583 continue;
584
585 msk->pm.local_addr_used++;
586 msk->pm.extra_subflows++;
587 i++;
588
589 if (msk->pm.extra_subflows >= limit_extra_subflows)
590 break;
591 }
592
593 return i;
594 }
595
596 static unsigned int
fill_local_address_any(struct mptcp_sock * msk,struct mptcp_addr_info * remote,struct mptcp_pm_local * local)597 fill_local_address_any(struct mptcp_sock *msk, struct mptcp_addr_info *remote,
598 struct mptcp_pm_local *local)
599 {
600 struct sock *sk = (struct sock *)msk;
601
602 memset(local, 0, sizeof(*local));
603 local->addr.family =
604 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
605 remote->family == AF_INET6 &&
606 ipv6_addr_v4mapped(&remote->addr6) ? AF_INET :
607 #endif
608 remote->family;
609
610 if (!mptcp_pm_addr_families_match(sk, &local->addr, remote))
611 return 0;
612
613 msk->pm.extra_subflows++;
614
615 return 1;
616 }
617
618 /* Fill all the local addresses into the array addrs[],
619 * and return the array size.
620 */
621 static unsigned int
fill_local_addresses_vec(struct mptcp_sock * msk,struct mptcp_addr_info * remote,struct mptcp_pm_local * locals)622 fill_local_addresses_vec(struct mptcp_sock *msk, struct mptcp_addr_info *remote,
623 struct mptcp_pm_local *locals)
624 {
625 bool c_flag_case = remote->id && mptcp_pm_add_addr_c_flag_case(msk);
626
627 /* If there is at least one MPTCP endpoint with a fullmesh flag */
628 if (mptcp_pm_get_endp_fullmesh_max(msk))
629 return fill_local_addresses_vec_fullmesh(msk, remote, locals,
630 c_flag_case);
631
632 /* If there is at least one MPTCP endpoint with a laminar flag */
633 if (mptcp_pm_get_endp_laminar_max(msk))
634 return fill_local_laminar_endp(msk, remote, locals);
635
636 /* Special case: peer sets the C flag, accept one ADD_ADDR if default
637 * limits are used -- accepting no ADD_ADDR -- and use subflow endpoints
638 */
639 if (c_flag_case)
640 return fill_local_addresses_vec_c_flag(msk, remote, locals);
641
642 /* No special case: fill in the single 'IPADDRANY' local address */
643 return fill_local_address_any(msk, remote, &locals[0]);
644 }
645
mptcp_pm_nl_add_addr_received(struct mptcp_sock * msk)646 static void mptcp_pm_nl_add_addr_received(struct mptcp_sock *msk)
647 {
648 u8 limit_add_addr_accepted = mptcp_pm_get_limit_add_addr_accepted(msk);
649 u8 limit_extra_subflows = mptcp_pm_get_limit_extra_subflows(msk);
650 struct mptcp_pm_local locals[MPTCP_PM_ADDR_MAX];
651 struct sock *sk = (struct sock *)msk;
652 struct mptcp_addr_info remote;
653 bool sf_created = false;
654 int i, nr;
655
656 pr_debug("accepted %d:%d remote family %d\n",
657 msk->pm.add_addr_accepted, limit_add_addr_accepted,
658 msk->pm.remote.family);
659
660 remote = msk->pm.remote;
661 mptcp_pm_announce_addr(msk, &remote, true);
662 mptcp_pm_addr_send_ack(msk);
663 mptcp_mpc_endpoint_setup(msk);
664
665 if (lookup_subflow_by_daddr(&msk->conn_list, &remote))
666 return;
667
668 /* pick id 0 port, if none is provided the remote address */
669 if (!remote.port)
670 remote.port = sk->sk_dport;
671
672 /* connect to the specified remote address, using whatever
673 * local address the routing configuration will pick.
674 */
675 nr = fill_local_addresses_vec(msk, &remote, locals);
676 if (nr == 0)
677 return;
678
679 spin_unlock_bh(&msk->pm.lock);
680 for (i = 0; i < nr; i++)
681 if (__mptcp_subflow_connect(sk, &locals[i], &remote) == 0)
682 sf_created = true;
683 spin_lock_bh(&msk->pm.lock);
684
685 if (sf_created) {
686 /* add_addr_accepted is not decr for ID 0 */
687 if (remote.id)
688 msk->pm.add_addr_accepted++;
689 if (msk->pm.add_addr_accepted >= limit_add_addr_accepted ||
690 msk->pm.extra_subflows >= limit_extra_subflows)
691 WRITE_ONCE(msk->pm.accept_addr, false);
692 }
693 }
694
mptcp_pm_nl_rm_addr(struct mptcp_sock * msk,u8 rm_id)695 void mptcp_pm_nl_rm_addr(struct mptcp_sock *msk, u8 rm_id)
696 {
697 if (rm_id && !WARN_ON_ONCE(msk->pm.add_addr_accepted == 0)) {
698 u8 limit_add_addr_accepted =
699 mptcp_pm_get_limit_add_addr_accepted(msk);
700
701 /* Note: if the subflow has been closed before, this
702 * add_addr_accepted counter will not be decremented.
703 */
704 if (--msk->pm.add_addr_accepted < limit_add_addr_accepted)
705 WRITE_ONCE(msk->pm.accept_addr, true);
706 }
707 }
708
address_use_port(struct mptcp_pm_addr_entry * entry)709 static bool address_use_port(struct mptcp_pm_addr_entry *entry)
710 {
711 return (entry->flags &
712 (MPTCP_PM_ADDR_FLAG_SIGNAL | MPTCP_PM_ADDR_FLAG_SUBFLOW)) ==
713 MPTCP_PM_ADDR_FLAG_SIGNAL;
714 }
715
716 /* caller must ensure the RCU grace period is already elapsed */
__mptcp_pm_release_addr_entry(struct mptcp_pm_addr_entry * entry)717 static void __mptcp_pm_release_addr_entry(struct mptcp_pm_addr_entry *entry)
718 {
719 if (entry->lsk)
720 sock_release(entry->lsk);
721 kfree(entry);
722 }
723
mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet * pernet,struct mptcp_pm_addr_entry * entry,bool replace)724 static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet,
725 struct mptcp_pm_addr_entry *entry,
726 bool replace)
727 {
728 struct mptcp_pm_addr_entry *cur, *del_entry = NULL;
729 int ret = -EINVAL;
730 u8 addr_max;
731
732 spin_lock_bh(&pernet->lock);
733 /* to keep the code simple, don't do IDR-like allocation for address ID,
734 * just bail when we exceed limits
735 */
736 if (pernet->next_id == MPTCP_PM_MAX_ADDR_ID)
737 pernet->next_id = 1;
738 if (pernet->endpoints >= MPTCP_PM_ADDR_MAX) {
739 ret = -ERANGE;
740 goto out;
741 }
742 if (test_bit(entry->addr.id, pernet->id_bitmap)) {
743 ret = -EBUSY;
744 goto out;
745 }
746
747 /* do not insert duplicate address, differentiate on port only
748 * singled addresses
749 */
750 if (!address_use_port(entry))
751 entry->addr.port = 0;
752 list_for_each_entry(cur, &pernet->endp_list, list) {
753 if (mptcp_addresses_equal(&cur->addr, &entry->addr,
754 cur->addr.port || entry->addr.port)) {
755 /* allow replacing the exiting endpoint only if such
756 * endpoint is an implicit one and the user-space
757 * did not provide an endpoint id
758 */
759 if (!(cur->flags & MPTCP_PM_ADDR_FLAG_IMPLICIT)) {
760 ret = -EEXIST;
761 goto out;
762 }
763 if (entry->addr.id)
764 goto out;
765
766 /* allow callers that only need to look up the local
767 * addr's id to skip replacement. This allows them to
768 * avoid calling synchronize_rcu in the packet recv
769 * path.
770 */
771 if (!replace) {
772 kfree(entry);
773 ret = cur->addr.id;
774 goto out;
775 }
776
777 pernet->endpoints--;
778 entry->addr.id = cur->addr.id;
779 list_del_rcu(&cur->list);
780 del_entry = cur;
781 break;
782 }
783 }
784
785 if (!entry->addr.id) {
786 find_next:
787 entry->addr.id = find_next_zero_bit(pernet->id_bitmap,
788 MPTCP_PM_MAX_ADDR_ID + 1,
789 pernet->next_id);
790 if (!entry->addr.id && pernet->next_id != 1) {
791 pernet->next_id = 1;
792 goto find_next;
793 }
794 }
795
796 if (!entry->addr.id)
797 goto out;
798
799 __set_bit(entry->addr.id, pernet->id_bitmap);
800 if (entry->addr.id > pernet->next_id)
801 pernet->next_id = entry->addr.id;
802
803 if (entry->flags & MPTCP_PM_ADDR_FLAG_SIGNAL) {
804 addr_max = pernet->endp_signal_max;
805 WRITE_ONCE(pernet->endp_signal_max, addr_max + 1);
806 }
807 if (entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW) {
808 addr_max = pernet->endp_subflow_max;
809 WRITE_ONCE(pernet->endp_subflow_max, addr_max + 1);
810 }
811 if (entry->flags & MPTCP_PM_ADDR_FLAG_LAMINAR) {
812 addr_max = pernet->endp_laminar_max;
813 WRITE_ONCE(pernet->endp_laminar_max, addr_max + 1);
814 }
815 if (entry->flags & MPTCP_PM_ADDR_FLAG_FULLMESH) {
816 addr_max = pernet->endp_fullmesh_max;
817 WRITE_ONCE(pernet->endp_fullmesh_max, addr_max + 1);
818 }
819
820 pernet->endpoints++;
821 if (!entry->addr.port)
822 list_add_tail_rcu(&entry->list, &pernet->endp_list);
823 else
824 list_add_rcu(&entry->list, &pernet->endp_list);
825 ret = entry->addr.id;
826
827 out:
828 spin_unlock_bh(&pernet->lock);
829
830 /* just replaced an existing entry, free it */
831 if (del_entry) {
832 synchronize_rcu();
833 __mptcp_pm_release_addr_entry(del_entry);
834 }
835 return ret;
836 }
837
838 static struct lock_class_key mptcp_slock_keys[2];
839 static struct lock_class_key mptcp_keys[2];
840
mptcp_pm_nl_create_listen_socket(struct sock * sk,struct mptcp_pm_addr_entry * entry)841 static int mptcp_pm_nl_create_listen_socket(struct sock *sk,
842 struct mptcp_pm_addr_entry *entry)
843 {
844 bool is_ipv6 = entry->addr.family == AF_INET6;
845 int addrlen = sizeof(struct sockaddr_in);
846 struct sockaddr_storage addr;
847 struct sock *newsk, *ssk;
848 int backlog = 1024;
849 int err;
850
851 err = sock_create_kern(sock_net(sk), entry->addr.family,
852 SOCK_STREAM, IPPROTO_MPTCP, &entry->lsk);
853 if (err)
854 return err;
855
856 newsk = entry->lsk->sk;
857 if (!newsk)
858 return -EINVAL;
859
860 /* The subflow socket lock is acquired in a nested to the msk one
861 * in several places, even by the TCP stack, and this msk is a kernel
862 * socket: lockdep complains. Instead of propagating the _nested
863 * modifiers in several places, re-init the lock class for the msk
864 * socket to an mptcp specific one.
865 */
866 sock_lock_init_class_and_name(newsk,
867 is_ipv6 ? "mlock-AF_INET6" : "mlock-AF_INET",
868 &mptcp_slock_keys[is_ipv6],
869 is_ipv6 ? "msk_lock-AF_INET6" : "msk_lock-AF_INET",
870 &mptcp_keys[is_ipv6]);
871
872 lock_sock(newsk);
873 ssk = __mptcp_nmpc_sk(mptcp_sk(newsk));
874 release_sock(newsk);
875 if (IS_ERR(ssk))
876 return PTR_ERR(ssk);
877
878 mptcp_info2sockaddr(&entry->addr, &addr, entry->addr.family);
879 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
880 if (entry->addr.family == AF_INET6)
881 addrlen = sizeof(struct sockaddr_in6);
882 #endif
883 if (ssk->sk_family == AF_INET)
884 err = inet_bind_sk(ssk, (struct sockaddr_unsized *)&addr, addrlen);
885 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
886 else if (ssk->sk_family == AF_INET6)
887 err = inet6_bind_sk(ssk, (struct sockaddr_unsized *)&addr, addrlen);
888 #endif
889 if (err)
890 return err;
891
892 /* We don't use mptcp_set_state() here because it needs to be called
893 * under the msk socket lock. For the moment, that will not bring
894 * anything more than only calling inet_sk_state_store(), because the
895 * old status is known (TCP_CLOSE).
896 */
897 inet_sk_state_store(newsk, TCP_LISTEN);
898 lock_sock(ssk);
899 WRITE_ONCE(mptcp_subflow_ctx(ssk)->pm_listener, true);
900 err = __inet_listen_sk(ssk, backlog);
901 if (!err)
902 mptcp_event_pm_listener(ssk, MPTCP_EVENT_LISTENER_CREATED);
903 release_sock(ssk);
904 return err;
905 }
906
mptcp_pm_nl_get_local_id(struct mptcp_sock * msk,struct mptcp_pm_addr_entry * skc)907 int mptcp_pm_nl_get_local_id(struct mptcp_sock *msk,
908 struct mptcp_pm_addr_entry *skc)
909 {
910 struct mptcp_pm_addr_entry *entry;
911 struct pm_nl_pernet *pernet;
912 int ret;
913
914 pernet = pm_nl_get_pernet_from_msk(msk);
915
916 rcu_read_lock();
917 entry = __lookup_addr(pernet, &skc->addr);
918 ret = entry ? entry->addr.id : -1;
919 rcu_read_unlock();
920 if (ret >= 0)
921 return ret;
922
923 /* address not found, add to local list */
924 entry = kmemdup(skc, sizeof(*skc), GFP_ATOMIC);
925 if (!entry)
926 return -ENOMEM;
927
928 entry->addr.port = 0;
929 ret = mptcp_pm_nl_append_new_local_addr(pernet, entry, false);
930 if (ret < 0)
931 kfree(entry);
932
933 return ret;
934 }
935
mptcp_pm_nl_is_backup(struct mptcp_sock * msk,struct mptcp_addr_info * skc)936 bool mptcp_pm_nl_is_backup(struct mptcp_sock *msk, struct mptcp_addr_info *skc)
937 {
938 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
939 struct mptcp_pm_addr_entry *entry;
940 bool backup;
941
942 rcu_read_lock();
943 entry = __lookup_addr(pernet, skc);
944 backup = entry && !!(entry->flags & MPTCP_PM_ADDR_FLAG_BACKUP);
945 rcu_read_unlock();
946
947 return backup;
948 }
949
mptcp_nl_add_subflow_or_signal_addr(struct net * net,struct mptcp_addr_info * addr)950 static int mptcp_nl_add_subflow_or_signal_addr(struct net *net,
951 struct mptcp_addr_info *addr)
952 {
953 struct mptcp_sock *msk;
954 long s_slot = 0, s_num = 0;
955
956 while ((msk = mptcp_token_iter_next(net, &s_slot, &s_num)) != NULL) {
957 struct sock *sk = (struct sock *)msk;
958 struct mptcp_addr_info mpc_addr;
959
960 if (!READ_ONCE(msk->fully_established) ||
961 mptcp_pm_is_userspace(msk))
962 goto next;
963
964 /* if the endp linked to the init sf is re-added with a != ID */
965 mptcp_local_address((struct sock_common *)msk, &mpc_addr);
966
967 lock_sock(sk);
968 spin_lock_bh(&msk->pm.lock);
969 if (mptcp_addresses_equal(addr, &mpc_addr, addr->port))
970 msk->mpc_endpoint_id = addr->id;
971 mptcp_pm_create_subflow_or_signal_addr(msk);
972 spin_unlock_bh(&msk->pm.lock);
973 release_sock(sk);
974
975 next:
976 sock_put(sk);
977 cond_resched();
978 }
979
980 return 0;
981 }
982
983 /* Add an MPTCP endpoint */
mptcp_pm_nl_add_addr_doit(struct sk_buff * skb,struct genl_info * info)984 int mptcp_pm_nl_add_addr_doit(struct sk_buff *skb, struct genl_info *info)
985 {
986 struct pm_nl_pernet *pernet = genl_info_pm_nl(info);
987 struct mptcp_pm_addr_entry addr, *entry;
988 struct nlattr *attr;
989 int ret;
990
991 if (GENL_REQ_ATTR_CHECK(info, MPTCP_PM_ENDPOINT_ADDR))
992 return -EINVAL;
993
994 attr = info->attrs[MPTCP_PM_ENDPOINT_ADDR];
995 ret = mptcp_pm_parse_entry(attr, info, true, &addr);
996 if (ret < 0)
997 return ret;
998
999 if (addr.addr.port && !address_use_port(&addr)) {
1000 NL_SET_ERR_MSG_ATTR(info->extack, attr,
1001 "flags must have signal and not subflow when using port");
1002 return -EINVAL;
1003 }
1004
1005 if (addr.flags & MPTCP_PM_ADDR_FLAG_SIGNAL &&
1006 addr.flags & MPTCP_PM_ADDR_FLAG_FULLMESH) {
1007 NL_SET_ERR_MSG_ATTR(info->extack, attr,
1008 "flags mustn't have both signal and fullmesh");
1009 return -EINVAL;
1010 }
1011
1012 if (addr.flags & MPTCP_PM_ADDR_FLAG_IMPLICIT) {
1013 NL_SET_ERR_MSG_ATTR(info->extack, attr,
1014 "can't create IMPLICIT endpoint");
1015 return -EINVAL;
1016 }
1017
1018 entry = kmemdup(&addr, sizeof(addr), GFP_KERNEL_ACCOUNT);
1019 if (!entry) {
1020 GENL_SET_ERR_MSG(info, "can't allocate addr");
1021 return -ENOMEM;
1022 }
1023
1024 if (entry->addr.port) {
1025 ret = mptcp_pm_nl_create_listen_socket(skb->sk, entry);
1026 if (ret) {
1027 GENL_SET_ERR_MSG_FMT(info, "create listen socket error: %d", ret);
1028 goto out_free;
1029 }
1030 }
1031 ret = mptcp_pm_nl_append_new_local_addr(pernet, entry, true);
1032 if (ret < 0) {
1033 GENL_SET_ERR_MSG_FMT(info, "too many addresses or duplicate one: %d", ret);
1034 goto out_free;
1035 }
1036
1037 mptcp_nl_add_subflow_or_signal_addr(sock_net(skb->sk), &entry->addr);
1038 return 0;
1039
1040 out_free:
1041 __mptcp_pm_release_addr_entry(entry);
1042 return ret;
1043 }
1044
mptcp_pm_remove_anno_addr(struct mptcp_sock * msk,const struct mptcp_addr_info * addr,bool force)1045 static void mptcp_pm_remove_anno_addr(struct mptcp_sock *msk,
1046 const struct mptcp_addr_info *addr,
1047 bool force)
1048 {
1049 struct mptcp_rm_list list = { .nr = 0 };
1050 bool announced;
1051
1052 list.ids[list.nr++] = mptcp_endp_get_local_id(msk, addr);
1053
1054 announced = mptcp_remove_anno_list_by_saddr(msk, addr);
1055 if (announced || force) {
1056 spin_lock_bh(&msk->pm.lock);
1057 if (announced)
1058 msk->pm.add_addr_signaled--;
1059 mptcp_pm_remove_addr(msk, &list);
1060 spin_unlock_bh(&msk->pm.lock);
1061 }
1062 }
1063
__mark_subflow_endp_available(struct mptcp_sock * msk,u8 id)1064 static void __mark_subflow_endp_available(struct mptcp_sock *msk, u8 id)
1065 {
1066 /* If it was marked as used, and not ID 0, decrement local_addr_used */
1067 if (!__test_and_set_bit(id ? : msk->mpc_endpoint_id, msk->pm.id_avail_bitmap) &&
1068 id && !WARN_ON_ONCE(msk->pm.local_addr_used == 0))
1069 msk->pm.local_addr_used--;
1070 }
1071
mptcp_nl_remove_subflow_and_signal_addr(struct net * net,const struct mptcp_pm_addr_entry * entry)1072 static int mptcp_nl_remove_subflow_and_signal_addr(struct net *net,
1073 const struct mptcp_pm_addr_entry *entry)
1074 {
1075 const struct mptcp_addr_info *addr = &entry->addr;
1076 struct mptcp_rm_list list = { .nr = 1 };
1077 long s_slot = 0, s_num = 0;
1078 struct mptcp_sock *msk;
1079
1080 pr_debug("remove_id=%d\n", addr->id);
1081
1082 while ((msk = mptcp_token_iter_next(net, &s_slot, &s_num)) != NULL) {
1083 struct sock *sk = (struct sock *)msk;
1084 bool remove_subflow;
1085
1086 if (mptcp_pm_is_userspace(msk))
1087 goto next;
1088
1089 lock_sock(sk);
1090 remove_subflow = mptcp_lookup_subflow_by_saddr(&msk->conn_list, addr);
1091 mptcp_pm_remove_anno_addr(msk, addr, remove_subflow &&
1092 !(entry->flags & MPTCP_PM_ADDR_FLAG_IMPLICIT));
1093
1094 list.ids[0] = mptcp_endp_get_local_id(msk, addr);
1095
1096 spin_lock_bh(&msk->pm.lock);
1097 if (remove_subflow)
1098 mptcp_pm_rm_subflow(msk, &list);
1099 if (entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW)
1100 __mark_subflow_endp_available(msk, list.ids[0]);
1101 else /* mark endp ID as available, e.g. Signal or MPC endp */
1102 __set_bit(addr->id, msk->pm.id_avail_bitmap);
1103 spin_unlock_bh(&msk->pm.lock);
1104
1105 if (msk->mpc_endpoint_id == entry->addr.id)
1106 msk->mpc_endpoint_id = 0;
1107 release_sock(sk);
1108
1109 next:
1110 sock_put(sk);
1111 cond_resched();
1112 }
1113
1114 return 0;
1115 }
1116
mptcp_nl_remove_id_zero_address(struct net * net,struct mptcp_addr_info * addr)1117 static int mptcp_nl_remove_id_zero_address(struct net *net,
1118 struct mptcp_addr_info *addr)
1119 {
1120 struct mptcp_rm_list list = { .nr = 0 };
1121 long s_slot = 0, s_num = 0;
1122 struct mptcp_sock *msk;
1123
1124 list.ids[list.nr++] = 0;
1125
1126 while ((msk = mptcp_token_iter_next(net, &s_slot, &s_num)) != NULL) {
1127 struct sock *sk = (struct sock *)msk;
1128 struct mptcp_addr_info msk_local;
1129
1130 if (list_empty(&msk->conn_list) || mptcp_pm_is_userspace(msk))
1131 goto next;
1132
1133 mptcp_local_address((struct sock_common *)msk, &msk_local);
1134 if (!mptcp_addresses_equal(&msk_local, addr, addr->port))
1135 goto next;
1136
1137 lock_sock(sk);
1138 spin_lock_bh(&msk->pm.lock);
1139 mptcp_pm_remove_addr(msk, &list);
1140 mptcp_pm_rm_subflow(msk, &list);
1141 __mark_subflow_endp_available(msk, 0);
1142 spin_unlock_bh(&msk->pm.lock);
1143 release_sock(sk);
1144
1145 next:
1146 sock_put(sk);
1147 cond_resched();
1148 }
1149
1150 return 0;
1151 }
1152
1153 /* Remove an MPTCP endpoint */
mptcp_pm_nl_del_addr_doit(struct sk_buff * skb,struct genl_info * info)1154 int mptcp_pm_nl_del_addr_doit(struct sk_buff *skb, struct genl_info *info)
1155 {
1156 struct pm_nl_pernet *pernet = genl_info_pm_nl(info);
1157 struct mptcp_pm_addr_entry addr, *entry;
1158 struct nlattr *attr;
1159 u8 addr_max;
1160 int ret;
1161
1162 if (GENL_REQ_ATTR_CHECK(info, MPTCP_PM_ENDPOINT_ADDR))
1163 return -EINVAL;
1164
1165 attr = info->attrs[MPTCP_PM_ENDPOINT_ADDR];
1166 ret = mptcp_pm_parse_entry(attr, info, false, &addr);
1167 if (ret < 0)
1168 return ret;
1169
1170 /* the zero id address is special: the first address used by the msk
1171 * always gets such an id, so different subflows can have different zero
1172 * id addresses. Additionally zero id is not accounted for in id_bitmap.
1173 * Let's use an 'mptcp_rm_list' instead of the common remove code.
1174 */
1175 if (addr.addr.id == 0)
1176 return mptcp_nl_remove_id_zero_address(sock_net(skb->sk), &addr.addr);
1177
1178 spin_lock_bh(&pernet->lock);
1179 entry = __lookup_addr_by_id(pernet, addr.addr.id);
1180 if (!entry) {
1181 NL_SET_ERR_MSG_ATTR(info->extack, attr, "address not found");
1182 spin_unlock_bh(&pernet->lock);
1183 return -EINVAL;
1184 }
1185 if (entry->flags & MPTCP_PM_ADDR_FLAG_SIGNAL) {
1186 addr_max = pernet->endp_signal_max;
1187 WRITE_ONCE(pernet->endp_signal_max, addr_max - 1);
1188 }
1189 if (entry->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW) {
1190 addr_max = pernet->endp_subflow_max;
1191 WRITE_ONCE(pernet->endp_subflow_max, addr_max - 1);
1192 }
1193 if (entry->flags & MPTCP_PM_ADDR_FLAG_LAMINAR) {
1194 addr_max = pernet->endp_laminar_max;
1195 WRITE_ONCE(pernet->endp_laminar_max, addr_max - 1);
1196 }
1197 if (entry->flags & MPTCP_PM_ADDR_FLAG_FULLMESH) {
1198 addr_max = pernet->endp_fullmesh_max;
1199 WRITE_ONCE(pernet->endp_fullmesh_max, addr_max - 1);
1200 }
1201
1202 pernet->endpoints--;
1203 list_del_rcu(&entry->list);
1204 __clear_bit(entry->addr.id, pernet->id_bitmap);
1205 spin_unlock_bh(&pernet->lock);
1206
1207 mptcp_nl_remove_subflow_and_signal_addr(sock_net(skb->sk), entry);
1208 synchronize_rcu();
1209 __mptcp_pm_release_addr_entry(entry);
1210
1211 return ret;
1212 }
1213
mptcp_pm_flush_addrs_and_subflows(struct mptcp_sock * msk,struct list_head * rm_list)1214 static void mptcp_pm_flush_addrs_and_subflows(struct mptcp_sock *msk,
1215 struct list_head *rm_list)
1216 {
1217 struct mptcp_rm_list alist = { .nr = 0 }, slist = { .nr = 0 };
1218 struct mptcp_pm_addr_entry *entry;
1219
1220 list_for_each_entry(entry, rm_list, list) {
1221 if (slist.nr < MPTCP_RM_IDS_MAX &&
1222 mptcp_lookup_subflow_by_saddr(&msk->conn_list, &entry->addr))
1223 slist.ids[slist.nr++] = mptcp_endp_get_local_id(msk, &entry->addr);
1224
1225 if (alist.nr < MPTCP_RM_IDS_MAX &&
1226 mptcp_remove_anno_list_by_saddr(msk, &entry->addr))
1227 alist.ids[alist.nr++] = mptcp_endp_get_local_id(msk, &entry->addr);
1228 }
1229
1230 spin_lock_bh(&msk->pm.lock);
1231 if (alist.nr) {
1232 msk->pm.add_addr_signaled -= alist.nr;
1233 mptcp_pm_remove_addr(msk, &alist);
1234 }
1235 if (slist.nr)
1236 mptcp_pm_rm_subflow(msk, &slist);
1237 /* Reset counters: maybe some subflows have been removed before */
1238 bitmap_fill(msk->pm.id_avail_bitmap, MPTCP_PM_MAX_ADDR_ID + 1);
1239 msk->pm.local_addr_used = 0;
1240 spin_unlock_bh(&msk->pm.lock);
1241 }
1242
mptcp_nl_flush_addrs_list(struct net * net,struct list_head * rm_list)1243 static void mptcp_nl_flush_addrs_list(struct net *net,
1244 struct list_head *rm_list)
1245 {
1246 long s_slot = 0, s_num = 0;
1247 struct mptcp_sock *msk;
1248
1249 if (list_empty(rm_list))
1250 return;
1251
1252 while ((msk = mptcp_token_iter_next(net, &s_slot, &s_num)) != NULL) {
1253 struct sock *sk = (struct sock *)msk;
1254
1255 if (!mptcp_pm_is_userspace(msk)) {
1256 lock_sock(sk);
1257 mptcp_pm_flush_addrs_and_subflows(msk, rm_list);
1258 release_sock(sk);
1259 }
1260
1261 sock_put(sk);
1262 cond_resched();
1263 }
1264 }
1265
1266 /* caller must ensure the RCU grace period is already elapsed */
__flush_addrs(struct list_head * list)1267 static void __flush_addrs(struct list_head *list)
1268 {
1269 while (!list_empty(list)) {
1270 struct mptcp_pm_addr_entry *cur;
1271
1272 cur = list_entry(list->next,
1273 struct mptcp_pm_addr_entry, list);
1274 list_del_rcu(&cur->list);
1275 __mptcp_pm_release_addr_entry(cur);
1276 }
1277 }
1278
__reset_counters(struct pm_nl_pernet * pernet)1279 static void __reset_counters(struct pm_nl_pernet *pernet)
1280 {
1281 WRITE_ONCE(pernet->endp_signal_max, 0);
1282 WRITE_ONCE(pernet->endp_subflow_max, 0);
1283 WRITE_ONCE(pernet->endp_laminar_max, 0);
1284 WRITE_ONCE(pernet->endp_fullmesh_max, 0);
1285 pernet->endpoints = 0;
1286 }
1287
mptcp_pm_nl_flush_addrs_doit(struct sk_buff * skb,struct genl_info * info)1288 int mptcp_pm_nl_flush_addrs_doit(struct sk_buff *skb, struct genl_info *info)
1289 {
1290 struct pm_nl_pernet *pernet = genl_info_pm_nl(info);
1291 struct list_head free_list;
1292
1293 spin_lock_bh(&pernet->lock);
1294 free_list = pernet->endp_list;
1295 INIT_LIST_HEAD_RCU(&pernet->endp_list);
1296 __reset_counters(pernet);
1297 pernet->next_id = 1;
1298 bitmap_zero(pernet->id_bitmap, MPTCP_PM_MAX_ADDR_ID + 1);
1299 spin_unlock_bh(&pernet->lock);
1300
1301 if (free_list.next == &pernet->endp_list)
1302 return 0;
1303
1304 synchronize_rcu();
1305
1306 /* Adjust the pointers to free_list instead of pernet->endp_list */
1307 free_list.prev->next = &free_list;
1308 free_list.next->prev = &free_list;
1309
1310 mptcp_nl_flush_addrs_list(sock_net(skb->sk), &free_list);
1311 __flush_addrs(&free_list);
1312 return 0;
1313 }
1314
mptcp_pm_nl_get_addr(u8 id,struct mptcp_pm_addr_entry * addr,struct genl_info * info)1315 int mptcp_pm_nl_get_addr(u8 id, struct mptcp_pm_addr_entry *addr,
1316 struct genl_info *info)
1317 {
1318 struct pm_nl_pernet *pernet = genl_info_pm_nl(info);
1319 struct mptcp_pm_addr_entry *entry;
1320 int ret = -EINVAL;
1321
1322 rcu_read_lock();
1323 entry = __lookup_addr_by_id(pernet, id);
1324 if (entry) {
1325 *addr = *entry;
1326 ret = 0;
1327 }
1328 rcu_read_unlock();
1329
1330 return ret;
1331 }
1332
mptcp_pm_nl_dump_addr(struct sk_buff * msg,struct netlink_callback * cb)1333 int mptcp_pm_nl_dump_addr(struct sk_buff *msg,
1334 struct netlink_callback *cb)
1335 {
1336 struct net *net = sock_net(msg->sk);
1337 struct mptcp_pm_addr_entry *entry;
1338 struct pm_nl_pernet *pernet;
1339 int id = cb->args[0];
1340 int i;
1341
1342 pernet = pm_nl_get_pernet(net);
1343
1344 rcu_read_lock();
1345 for (i = id; i < MPTCP_PM_MAX_ADDR_ID + 1; i++) {
1346 if (test_bit(i, pernet->id_bitmap)) {
1347 entry = __lookup_addr_by_id(pernet, i);
1348 if (!entry)
1349 break;
1350
1351 if (entry->addr.id <= id)
1352 continue;
1353
1354 if (mptcp_pm_genl_fill_addr(msg, cb, entry) < 0)
1355 break;
1356
1357 id = entry->addr.id;
1358 }
1359 }
1360 rcu_read_unlock();
1361
1362 cb->args[0] = id;
1363 return msg->len;
1364 }
1365
parse_limit(struct genl_info * info,int id,unsigned int * limit)1366 static int parse_limit(struct genl_info *info, int id, unsigned int *limit)
1367 {
1368 struct nlattr *attr = info->attrs[id];
1369
1370 if (!attr)
1371 return 0;
1372
1373 *limit = nla_get_u32(attr);
1374 if (*limit > MPTCP_PM_ADDR_MAX) {
1375 NL_SET_ERR_MSG_ATTR_FMT(info->extack, attr,
1376 "limit greater than maximum (%u)",
1377 MPTCP_PM_ADDR_MAX);
1378 return -EINVAL;
1379 }
1380 return 0;
1381 }
1382
mptcp_pm_nl_set_limits_doit(struct sk_buff * skb,struct genl_info * info)1383 int mptcp_pm_nl_set_limits_doit(struct sk_buff *skb, struct genl_info *info)
1384 {
1385 struct pm_nl_pernet *pernet = genl_info_pm_nl(info);
1386 unsigned int rcv_addrs, subflows;
1387 int ret;
1388
1389 spin_lock_bh(&pernet->lock);
1390 rcv_addrs = pernet->limit_add_addr_accepted;
1391 ret = parse_limit(info, MPTCP_PM_ATTR_RCV_ADD_ADDRS, &rcv_addrs);
1392 if (ret)
1393 goto unlock;
1394
1395 subflows = pernet->limit_extra_subflows;
1396 ret = parse_limit(info, MPTCP_PM_ATTR_SUBFLOWS, &subflows);
1397 if (ret)
1398 goto unlock;
1399
1400 WRITE_ONCE(pernet->limit_add_addr_accepted, rcv_addrs);
1401 WRITE_ONCE(pernet->limit_extra_subflows, subflows);
1402
1403 unlock:
1404 spin_unlock_bh(&pernet->lock);
1405 return ret;
1406 }
1407
mptcp_pm_nl_get_limits_doit(struct sk_buff * skb,struct genl_info * info)1408 int mptcp_pm_nl_get_limits_doit(struct sk_buff *skb, struct genl_info *info)
1409 {
1410 struct pm_nl_pernet *pernet = genl_info_pm_nl(info);
1411 struct sk_buff *msg;
1412 void *reply;
1413
1414 msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
1415 if (!msg)
1416 return -ENOMEM;
1417
1418 reply = genlmsg_put_reply(msg, info, &mptcp_genl_family, 0,
1419 MPTCP_PM_CMD_GET_LIMITS);
1420 if (!reply)
1421 goto fail;
1422
1423 if (nla_put_u32(msg, MPTCP_PM_ATTR_RCV_ADD_ADDRS,
1424 READ_ONCE(pernet->limit_add_addr_accepted)))
1425 goto fail;
1426
1427 if (nla_put_u32(msg, MPTCP_PM_ATTR_SUBFLOWS,
1428 READ_ONCE(pernet->limit_extra_subflows)))
1429 goto fail;
1430
1431 genlmsg_end(msg, reply);
1432 return genlmsg_reply(msg, info);
1433
1434 fail:
1435 GENL_SET_ERR_MSG(info, "not enough space in Netlink message");
1436 nlmsg_free(msg);
1437 return -EMSGSIZE;
1438 }
1439
mptcp_pm_nl_fullmesh(struct mptcp_sock * msk,struct mptcp_addr_info * addr)1440 static void mptcp_pm_nl_fullmesh(struct mptcp_sock *msk,
1441 struct mptcp_addr_info *addr)
1442 {
1443 struct mptcp_rm_list list = { .nr = 0 };
1444
1445 list.ids[list.nr++] = mptcp_endp_get_local_id(msk, addr);
1446
1447 spin_lock_bh(&msk->pm.lock);
1448 mptcp_pm_rm_subflow(msk, &list);
1449 __mark_subflow_endp_available(msk, list.ids[0]);
1450 mptcp_pm_create_subflow_or_signal_addr(msk);
1451 spin_unlock_bh(&msk->pm.lock);
1452 }
1453
mptcp_pm_nl_set_flags_all(struct net * net,struct mptcp_pm_addr_entry * local,u8 changed)1454 static void mptcp_pm_nl_set_flags_all(struct net *net,
1455 struct mptcp_pm_addr_entry *local,
1456 u8 changed)
1457 {
1458 u8 is_subflow = !!(local->flags & MPTCP_PM_ADDR_FLAG_SUBFLOW);
1459 u8 bkup = !!(local->flags & MPTCP_PM_ADDR_FLAG_BACKUP);
1460 long s_slot = 0, s_num = 0;
1461 struct mptcp_sock *msk;
1462
1463 if (changed == MPTCP_PM_ADDR_FLAG_FULLMESH && !is_subflow)
1464 return;
1465
1466 while ((msk = mptcp_token_iter_next(net, &s_slot, &s_num)) != NULL) {
1467 struct sock *sk = (struct sock *)msk;
1468
1469 if (list_empty(&msk->conn_list) || mptcp_pm_is_userspace(msk))
1470 goto next;
1471
1472 lock_sock(sk);
1473 if (changed & MPTCP_PM_ADDR_FLAG_BACKUP)
1474 mptcp_pm_mp_prio_send_ack(msk, &local->addr, NULL, bkup);
1475 /* Subflows will only be recreated if the SUBFLOW flag is set */
1476 if (is_subflow && (changed & MPTCP_PM_ADDR_FLAG_FULLMESH))
1477 mptcp_pm_nl_fullmesh(msk, &local->addr);
1478 release_sock(sk);
1479
1480 next:
1481 sock_put(sk);
1482 cond_resched();
1483 }
1484 }
1485
mptcp_pm_nl_set_flags(struct mptcp_pm_addr_entry * local,struct genl_info * info)1486 int mptcp_pm_nl_set_flags(struct mptcp_pm_addr_entry *local,
1487 struct genl_info *info)
1488 {
1489 struct nlattr *attr = info->attrs[MPTCP_PM_ATTR_ADDR];
1490 u8 changed, mask = MPTCP_PM_ADDR_FLAG_BACKUP |
1491 MPTCP_PM_ADDR_FLAG_FULLMESH;
1492 struct net *net = genl_info_net(info);
1493 struct mptcp_pm_addr_entry *entry;
1494 struct pm_nl_pernet *pernet;
1495 u8 lookup_by_id = 0;
1496
1497 pernet = pm_nl_get_pernet(net);
1498
1499 if (local->addr.family == AF_UNSPEC) {
1500 lookup_by_id = 1;
1501 if (!local->addr.id) {
1502 NL_SET_ERR_MSG_ATTR(info->extack, attr,
1503 "missing address ID");
1504 return -EOPNOTSUPP;
1505 }
1506 }
1507
1508 spin_lock_bh(&pernet->lock);
1509 entry = lookup_by_id ? __lookup_addr_by_id(pernet, local->addr.id) :
1510 __lookup_addr(pernet, &local->addr);
1511 if (!entry) {
1512 spin_unlock_bh(&pernet->lock);
1513 NL_SET_ERR_MSG_ATTR(info->extack, attr, "address not found");
1514 return -EINVAL;
1515 }
1516 if ((local->flags & MPTCP_PM_ADDR_FLAG_FULLMESH) &&
1517 (entry->flags & (MPTCP_PM_ADDR_FLAG_SIGNAL |
1518 MPTCP_PM_ADDR_FLAG_IMPLICIT))) {
1519 spin_unlock_bh(&pernet->lock);
1520 NL_SET_ERR_MSG_ATTR(info->extack, attr, "invalid addr flags");
1521 return -EINVAL;
1522 }
1523
1524 changed = (local->flags ^ entry->flags) & mask;
1525 entry->flags = (entry->flags & ~mask) | (local->flags & mask);
1526 *local = *entry;
1527
1528 if (changed & MPTCP_PM_ADDR_FLAG_FULLMESH) {
1529 u8 addr_max = pernet->endp_fullmesh_max;
1530
1531 if (entry->flags & MPTCP_PM_ADDR_FLAG_FULLMESH)
1532 addr_max++;
1533 else
1534 addr_max--;
1535
1536 WRITE_ONCE(pernet->endp_fullmesh_max, addr_max);
1537 }
1538
1539 spin_unlock_bh(&pernet->lock);
1540
1541 mptcp_pm_nl_set_flags_all(net, local, changed);
1542 return 0;
1543 }
1544
mptcp_pm_nl_check_work_pending(struct mptcp_sock * msk)1545 bool mptcp_pm_nl_check_work_pending(struct mptcp_sock *msk)
1546 {
1547 struct pm_nl_pernet *pernet = pm_nl_get_pernet_from_msk(msk);
1548
1549 if (msk->pm.extra_subflows == mptcp_pm_get_limit_extra_subflows(msk) ||
1550 (find_next_and_bit(pernet->id_bitmap, msk->pm.id_avail_bitmap,
1551 MPTCP_PM_MAX_ADDR_ID + 1, 0) == MPTCP_PM_MAX_ADDR_ID + 1)) {
1552 WRITE_ONCE(msk->pm.work_pending, false);
1553 return false;
1554 }
1555 return true;
1556 }
1557
1558 /* Called under PM lock */
__mptcp_pm_kernel_worker(struct mptcp_sock * msk)1559 void __mptcp_pm_kernel_worker(struct mptcp_sock *msk)
1560 {
1561 struct mptcp_pm_data *pm = &msk->pm;
1562
1563 if (pm->status & BIT(MPTCP_PM_ADD_ADDR_RECEIVED)) {
1564 pm->status &= ~BIT(MPTCP_PM_ADD_ADDR_RECEIVED);
1565 mptcp_pm_nl_add_addr_received(msk);
1566 }
1567 if (pm->status & BIT(MPTCP_PM_ESTABLISHED)) {
1568 pm->status &= ~BIT(MPTCP_PM_ESTABLISHED);
1569 mptcp_pm_nl_fully_established(msk);
1570 }
1571 if (pm->status & BIT(MPTCP_PM_SUBFLOW_ESTABLISHED)) {
1572 pm->status &= ~BIT(MPTCP_PM_SUBFLOW_ESTABLISHED);
1573 mptcp_pm_nl_subflow_established(msk);
1574 }
1575 }
1576
pm_nl_init_net(struct net * net)1577 static int __net_init pm_nl_init_net(struct net *net)
1578 {
1579 struct pm_nl_pernet *pernet = pm_nl_get_pernet(net);
1580
1581 INIT_LIST_HEAD_RCU(&pernet->endp_list);
1582
1583 /* Cit. 2 subflows ought to be enough for anybody. */
1584 pernet->limit_extra_subflows = 2;
1585 pernet->next_id = 1;
1586 spin_lock_init(&pernet->lock);
1587
1588 /* No need to initialize other pernet fields, the struct is zeroed at
1589 * allocation time.
1590 */
1591
1592 return 0;
1593 }
1594
pm_nl_exit_net(struct list_head * net_list)1595 static void __net_exit pm_nl_exit_net(struct list_head *net_list)
1596 {
1597 struct net *net;
1598
1599 list_for_each_entry(net, net_list, exit_list) {
1600 struct pm_nl_pernet *pernet = pm_nl_get_pernet(net);
1601
1602 /* net is removed from namespace list, can't race with
1603 * other modifiers, also netns core already waited for a
1604 * RCU grace period.
1605 */
1606 __flush_addrs(&pernet->endp_list);
1607 }
1608 }
1609
1610 static struct pernet_operations mptcp_pm_pernet_ops = {
1611 .init = pm_nl_init_net,
1612 .exit_batch = pm_nl_exit_net,
1613 .id = &pm_nl_pernet_id,
1614 .size = sizeof(struct pm_nl_pernet),
1615 };
1616
1617 struct mptcp_pm_ops mptcp_pm_kernel = {
1618 .name = "kernel",
1619 .owner = THIS_MODULE,
1620 };
1621
mptcp_pm_kernel_register(void)1622 void __init mptcp_pm_kernel_register(void)
1623 {
1624 if (register_pernet_subsys(&mptcp_pm_pernet_ops) < 0)
1625 panic("Failed to register MPTCP PM pernet subsystem.\n");
1626
1627 mptcp_pm_register(&mptcp_pm_kernel);
1628 }
1629