projects / linux-2.6-microblaze.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 417789d)
mptcp: free resources when the port number is mismatched
authorGeliang Tang <geliangtang@gmail.com>
Thu, 4 Mar 2021 21:32:16 +0000 (13:32 -0800)
committerDavid S. Miller <davem@davemloft.net>
Thu, 4 Mar 2021 22:30:13 +0000 (14:30 -0800)
When the port number is mismatched with the announced ones, use
'goto dispose_child' to free the resources instead of using 'goto out'.

This patch also moves the port number checking code in
subflow_syn_recv_sock before mptcp_finish_join, otherwise subflow_drop_ctx
will fail in dispose_child.

Fixes: 5bc56388c74f ("mptcp: add port number check for MP_JOIN")
Reported-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Geliang Tang <geliangtang@gmail.com>
Signed-off-by: Mat Martineau <mathew.j.martineau@linux.intel.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
net/mptcp/subflow.c patch | blob | history

diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index 41695e2..3d47d67 100644 (file)
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -687,11 +687,6 @@ create_child:
                        /* move the msk reference ownership to the subflow */
                        subflow_req->msk = NULL;
                        ctx->conn = (struct sock *)owner;
-                       if (!mptcp_finish_join(child))
-                               goto dispose_child;
-
-                       SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINACKRX);
-                       tcp_rsk(req)->drop_req = true;
 
                        if (subflow_use_different_sport(owner, sk)) {
                                pr_debug("ack inet_sport=%d %d",
@@ -699,10 +694,16 @@ create_child:
                                         ntohs(inet_sk((struct sock *)owner)->inet_sport));
                                if (!mptcp_pm_sport_in_anno_list(owner, sk)) {
                                        SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_MISMATCHPORTACKRX);
-                                       goto out;
+                                       goto dispose_child;
                                }
                                SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINPORTACKRX);
                        }
+
+                       if (!mptcp_finish_join(child))
+                               goto dispose_child;
+
+                       SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINACKRX);
+                       tcp_rsk(req)->drop_req = true;
                }
        }
 
MicroBlaze GIT Repository