Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp4453354imw; Tue, 19 Jul 2022 06:57:21 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sYSFymot6lXVRqvs/62SchWNSKNTlPymCp0Iigj+5pg/1BopXdrTe9alPnFzjEryOIibSf X-Received: by 2002:a05:6402:42c8:b0:43a:a1ee:a097 with SMTP id i8-20020a05640242c800b0043aa1eea097mr43433860edc.150.1658239041756; Tue, 19 Jul 2022 06:57:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1658239041; cv=none; d=google.com; s=arc-20160816; b=bZyTBlnrXgeUa/zTpOTTnLg+Ybl2/ISEgFsRzu4MSOEWd6m0LGazkDyBKiI0pD5/4n po8w5DLALynEoVThtecQz7n6mH+I1D/jhMEJROeHug6qMdiQ0kDY7R7/2hiO944n3eoa 0vdR2wO7DlE3sT70p8WPFtbwTPsOo/n1xWqR0HrGQDcWNm6F42tLBly4/4jA6MLWOqN/ wpusk1/lO5anYowaJQBUvjXcBuVn2FjDlzr1YyOvxyi52zg8+H+ct64SVRJw+4izpmKT /TmXrd0di2HdVjnB+dgqrUu1UYsYaF7cbopriOC4shi7DLxgH4NlqulUHUizvJhhdMbj Kbow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=HOSPjYbF/ZIdVS1ftmXv8tTBsri5kRlPs2XWbsXDmjo=; b=Nwd8sZBJyyYdVR6fhQXOE/tfqGmr78bXSTPUB0AzgSxNdBG/CIR8Ha0gSblAmxyEiL YmSvKKzFz9H2YwxVhwh4A8wo/2SqyVKwLnwZ9yeP6BU3nipkYmg+wdg4g8BjUBvg9IeZ trCiWVHVs0DpbW3ZCnnOzqJz5pbc5lub7tTlBG3vpBKxo3lnNt7F/mRSQo/1Pa9gbfle 3BK9tf9hdAbP1F74F8RvI9xVYz5LlQdKbbyUw+NMi4WF5yTMSQAO4osRQDHkyxRWTVAi 7NfhTYEqfbpsn30a/A8bZ6MBNgB1EaXaDMCf3ptSbQfg70q2KQNAjPXFaIA7uquo+ToQ F9Wg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=scH9DiSY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t3-20020a50ab43000000b0043a91cd3039si17548506edc.628.2022.07.19.06.56.57; Tue, 19 Jul 2022 06:57:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=scH9DiSY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S242911AbiGSND7 (ORCPT + 99 others); Tue, 19 Jul 2022 09:03:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S242849AbiGSM7m (ORCPT ); Tue, 19 Jul 2022 08:59:42 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 727E42F02C; Tue, 19 Jul 2022 05:25:14 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 914E7618F1; Tue, 19 Jul 2022 12:25:13 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6494DC341D0; Tue, 19 Jul 2022 12:25:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1658233512; bh=9Dpr3W6uGf7xets34ZXk9jwqgVe8iCvMPbxopTKleiQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=scH9DiSYPGwEhvZ6TDf1Zy7t3bJNv2wVaD4zUUUcpxGqwO9Wq9tvZtfTav0PJf8QU wfLyw6gdcBh5k1pmDXspxpxcYwXgVYaxSLZCK7/K8s8uMCKscwueTGTwXTX1wjJGuv pbTuiKFokyYkWTcCKk3g+/CzVnCWA14ViED7mto4= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Kuniyuki Iwashima , "David S. Miller" , Sasha Levin Subject: [PATCH 5.18 120/231] tcp: Fix data-races around sysctl_tcp_ecn. Date: Tue, 19 Jul 2022 13:53:25 +0200 Message-Id: <20220719114724.545069902@linuxfoundation.org> X-Mailer: git-send-email 2.37.1 In-Reply-To: <20220719114714.247441733@linuxfoundation.org> References: <20220719114714.247441733@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_HI, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Kuniyuki Iwashima [ Upstream commit 4785a66702f086cf2ea84bdbe6ec921f274bd9f2 ] While reading sysctl_tcp_ecn, it can be changed concurrently. Thus, we need to add READ_ONCE() to its readers. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima Signed-off-by: David S. Miller Signed-off-by: Sasha Levin --- drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c | 2 +- net/ipv4/syncookies.c | 2 +- net/ipv4/sysctl_net_ipv4.c | 2 ++ net/ipv4/tcp_input.c | 2 +- net/ipv4/tcp_output.c | 2 +- 5 files changed, 6 insertions(+), 4 deletions(-) diff --git a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c index 4af5561cbfc5..7c760aa65540 100644 --- a/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c +++ b/drivers/net/ethernet/chelsio/inline_crypto/chtls/chtls_cm.c @@ -1392,7 +1392,7 @@ static void chtls_pass_accept_request(struct sock *sk, th_ecn = tcph->ece && tcph->cwr; if (th_ecn) { ect = !INET_ECN_is_not_ect(ip_dsfield); - ecn_ok = sock_net(sk)->ipv4.sysctl_tcp_ecn; + ecn_ok = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_ecn); if ((!ect && ecn_ok) || tcp_ca_needs_ecn(sk)) inet_rsk(oreq)->ecn_ok = 1; } diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index f33c31dd7366..b387c4835155 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c @@ -273,7 +273,7 @@ bool cookie_ecn_ok(const struct tcp_options_received *tcp_opt, if (!ecn_ok) return false; - if (net->ipv4.sysctl_tcp_ecn) + if (READ_ONCE(net->ipv4.sysctl_tcp_ecn)) return true; return dst_feature(dst, RTAX_FEATURE_ECN); diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 33e65e79e46e..11add5214713 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -680,6 +680,8 @@ static struct ctl_table ipv4_net_table[] = { .maxlen = sizeof(u8), .mode = 0644, .proc_handler = proc_dou8vec_minmax, + .extra1 = SYSCTL_ZERO, + .extra2 = SYSCTL_TWO, }, { .procname = "tcp_ecn_fallback", diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 6b8fcf79688b..2d71bcfcc759 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c @@ -6712,7 +6712,7 @@ static void tcp_ecn_create_request(struct request_sock *req, ect = !INET_ECN_is_not_ect(TCP_SKB_CB(skb)->ip_dsfield); ecn_ok_dst = dst_feature(dst, DST_FEATURE_ECN_MASK); - ecn_ok = net->ipv4.sysctl_tcp_ecn || ecn_ok_dst; + ecn_ok = READ_ONCE(net->ipv4.sysctl_tcp_ecn) || ecn_ok_dst; if (((!ect || th->res1) && ecn_ok) || tcp_ca_needs_ecn(listen_sk) || (ecn_ok_dst & DST_FEATURE_ECN_CA) || diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 6b00c17c72aa..9eefe7f6370f 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -324,7 +324,7 @@ static void tcp_ecn_send_syn(struct sock *sk, struct sk_buff *skb) { struct tcp_sock *tp = tcp_sk(sk); bool bpf_needs_ecn = tcp_bpf_ca_needs_ecn(sk); - bool use_ecn = sock_net(sk)->ipv4.sysctl_tcp_ecn == 1 || + bool use_ecn = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_ecn) == 1 || tcp_ca_needs_ecn(sk) || bpf_needs_ecn; if (!use_ecn) { -- 2.35.1