mptcp: emit tcp reset when a join request fails

author Florian Westphal <fw@strlen.de>

Mon, 30 Nov 2020 15:36:31 +0000 (16:36 +0100)

committer Jakub Kicinski <kuba@kernel.org>

Thu, 3 Dec 2020 20:56:03 +0000 (12:56 -0800)
author Florian Westphal <fw@strlen.de>
Mon, 30 Nov 2020 15:36:31 +0000 (16:36 +0100)
committer Jakub Kicinski <kuba@kernel.org>
Thu, 3 Dec 2020 20:56:03 +0000 (12:56 -0800)
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c

index 727e607f40d2260ccbb62fb6ea36ff00c11822f1..5f5815a1665f1d9422938806348ef0f777e8b01b 100644 (file)
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -112,9 +112,14 @@ static int __subflow_init_req(struct request_sock *req, const struct sock *sk_li
         return 0;
  }
  
-static void subflow_init_req(struct request_sock *req,
-                            const struct sock *sk_listener,
-                            struct sk_buff *skb)
+/* Init mptcp request socket.
+ *
+ * Returns an error code if a JOIN has failed and a TCP reset
+ * should be sent.
+ */
+static int subflow_init_req(struct request_sock *req,
+                           const struct sock *sk_listener,
+                           struct sk_buff *skb)
  {
         struct mptcp_subflow_context *listener = mptcp_subflow_ctx(sk_listener);
         struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
@@ -125,7 +130,7 @@ static void subflow_init_req(struct request_sock *req,
  
         ret = __subflow_init_req(req, sk_listener);
         if (ret)
-               return;
+               return 0;
  
         mptcp_get_options(skb, &mp_opt);
  
@@ -133,7 +138,7 @@ static void subflow_init_req(struct request_sock *req,
                 SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_MPCAPABLEPASSIVE);
  
                 if (mp_opt.mp_join)
-                       return;
+                       return 0;
         } else if (mp_opt.mp_join) {
                 SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINSYNRX);
         }
@@ -157,7 +162,7 @@ again:
                         } else {
                                 subflow_req->mp_capable = 1;
                         }
-                       return;
+                       return 0;
                 }
  
                 err = mptcp_token_new_request(req);
@@ -175,7 +180,11 @@ again:
                 subflow_req->remote_nonce = mp_opt.nonce;
                 subflow_req->msk = subflow_token_join_request(req, skb);
  
-               if (unlikely(req->syncookie) && subflow_req->msk) {
+               /* Can't fall back to TCP in this case. */
+               if (!subflow_req->msk)
+                       return -EPERM;
+
+               if (unlikely(req->syncookie)) {
                         if (mptcp_can_accept_new_subflow(subflow_req->msk))
                                 subflow_init_req_cookie_join_save(subflow_req, skb);
                 }
@@ -183,6 +192,8 @@ again:
                 pr_debug("token=%u, remote_nonce=%u msk=%p", subflow_req->token,
                          subflow_req->remote_nonce, subflow_req->msk);
         }
+
+       return 0;
  }
  
  int mptcp_subflow_init_cookie_req(struct request_sock *req,
@@ -234,6 +245,7 @@ static struct dst_entry *subflow_v4_route_req(const struct sock *sk,
                                               struct request_sock *req)
  {
         struct dst_entry *dst;
+       int err;
  
         tcp_rsk(req)->is_mptcp = 1;
  
@@ -241,8 +253,14 @@ static struct dst_entry *subflow_v4_route_req(const struct sock *sk,
         if (!dst)
                 return NULL;
  
-       subflow_init_req(req, sk, skb);
-       return dst;
+       err = subflow_init_req(req, sk, skb);
+       if (err == 0)
+               return dst;
+
+       dst_release(dst);
+       if (!req->syncookie)
+               tcp_request_sock_ops.send_reset(sk, skb);
+       return NULL;
  }
  
  #if IS_ENABLED(CONFIG_MPTCP_IPV6)
@@ -252,6 +270,7 @@ static struct dst_entry *subflow_v6_route_req(const struct sock *sk,
                                               struct request_sock *req)
  {
         struct dst_entry *dst;
+       int err;
  
         tcp_rsk(req)->is_mptcp = 1;
  
@@ -259,8 +278,14 @@ static struct dst_entry *subflow_v6_route_req(const struct sock *sk,
         if (!dst)
                 return NULL;
  
-       subflow_init_req(req, sk, skb);
-       return dst;
+       err = subflow_init_req(req, sk, skb);
+       if (err == 0)
+               return dst;
+
+       dst_release(dst);
+       if (!req->syncookie)
+               tcp6_request_sock_ops.send_reset(sk, skb);
+       return NULL;
  }
  #endif
author	Florian Westphal <fw@strlen.de>
	Mon, 30 Nov 2020 15:36:31 +0000 (16:36 +0100)
committer	Jakub Kicinski <kuba@kernel.org>
	Thu, 3 Dec 2020 20:56:03 +0000 (12:56 -0800)