Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

MP_CAPABLE 'C' flag is ignored #183

Closed
mjmartineau opened this issue Apr 23, 2021 · 2 comments
Closed

MP_CAPABLE 'C' flag is ignored #183

mjmartineau opened this issue Apr 23, 2021 · 2 comments
Assignees
@geliangtang
Labels
enhancement

Comments

@mjmartineau
Copy link
Member

RFC 8684 section 3.1 includes a 'C' flag in the MP_CAPABLE option. The kernel currently ignores that flag - it is not sent or parsed. This flag indicates that the sender will not accept joins to the source address and the receiver "MUST NOT" send MP_JOINs to that address & port.

The flag needs to be parsed and the path manager updated (along with netlink API flags?) to make sure the peer's subflow 0 address and port are not used for outgoing joins when the C flag is set in the original connection handshake. To finish support, it will also be necessary to configure connections to send the C flag - some combination of sysctl, netlink, or socket option
@geliangtang
Copy link
Member

Hi Mat, I'll work on this issue.

@geliangtang geliangtang self-assigned this Apr 24, 2021
@matttbe
Copy link
Member

matttbe commented Jun 11, 2021

This can be closed because these patches have been applied in our tree:

  • 02acfcf: mptcp: add sysctl allow_join_initial_addr_port

  • cd1b6f6: mptcp: add allow_join_id0 in mptcp_out_options

  • ef3b489: mptcp: add deny_join_id0 in mptcp_options_received

  • 0704c54: selftests: mptcp: add deny_join_id0 testcases

  • Results: 1ba3eb6..ae2f628

  • de073c6: "squashed" in "mptcp: add deny_join_id0 in
    mptcp_options_received"

  • Results: ae2f628..4e92195

Builds and tests are now in progress:

https://cirrus-ci.com/github/multipath-tcp/mptcp_net-next/export/20210611T143831
https://github.com/multipath-tcp/mptcp_net-next/actions/workflows/build-validation.yml?query=branch:export/20210611T143831

@matttbe matttbe closed this as completed Jun 11, 2021
matttbe pushed a commit that referenced this issue Dec 11, 2021
@jkoong-fb
selftests/bpf: Measure bpf_loop verifier performance
f6e659b 
This patch tests bpf_loop in pyperf and strobemeta, and measures the
verifier performance of replacing the traditional for loop
with bpf_loop.

The results are as follows:

~strobemeta~

Baseline
    verification time 6808200 usec
    stack depth 496
    processed 554252 insns (limit 1000000) max_states_per_insn 16
    total_states 15878 peak_states 13489  mark_read 3110
    #192 verif_scale_strobemeta:OK (unrolled loop)

Using bpf_loop
    verification time 31589 usec
    stack depth 96+400
    processed 1513 insns (limit 1000000) max_states_per_insn 2
    total_states 106 peak_states 106 mark_read 60
    #193 verif_scale_strobemeta_bpf_loop:OK

~pyperf600~

Baseline
    verification time 29702486 usec
    stack depth 368
    processed 626838 insns (limit 1000000) max_states_per_insn 7
    total_states 30368 peak_states 30279 mark_read 748
    #182 verif_scale_pyperf600:OK (unrolled loop)

Using bpf_loop
    verification time 148488 usec
    stack depth 320+40
    processed 10518 insns (limit 1000000) max_states_per_insn 10
    total_states 705 peak_states 517 mark_read 38
    #183 verif_scale_pyperf600_bpf_loop:OK

Using the bpf_loop helper led to approximately a 99% decrease
in the verification time and in the number of instructions.

Signed-off-by: Joanne Koong <joannekoong@fb.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20211130030622.4131246-4-joannekoong@fb.com
matttbe pushed a commit that referenced this issue Mar 12, 2024
@Vudentz
Bluetooth: af_bluetooth: Fix deadlock
f7b94bd 
Attemting to do sock_lock on .recvmsg may cause a deadlock as shown
bellow, so instead of using sock_sock this uses sk_receive_queue.lock
on bt_sock_ioctl to avoid the UAF:

INFO: task kworker/u9:1:121 blocked for more than 30 seconds.
      Not tainted 6.7.6-lemon #183
Workqueue: hci0 hci_rx_work
Call Trace:
 <TASK>
 __schedule+0x37d/0xa00
 schedule+0x32/0xe0
 __lock_sock+0x68/0xa0
 ? __pfx_autoremove_wake_function+0x10/0x10
 lock_sock_nested+0x43/0x50
 l2cap_sock_recv_cb+0x21/0xa0
 l2cap_recv_frame+0x55b/0x30a0
 ? psi_task_switch+0xeb/0x270
 ? finish_task_switch.isra.0+0x93/0x2a0
 hci_rx_work+0x33a/0x3f0
 process_one_work+0x13a/0x2f0
 worker_thread+0x2f0/0x410
 ? __pfx_worker_thread+0x10/0x10
 kthread+0xe0/0x110
 ? __pfx_kthread+0x10/0x10
 ret_from_fork+0x2c/0x50
 ? __pfx_kthread+0x10/0x10
 ret_from_fork_asm+0x1b/0x30
 </TASK>

Fixes: 2e07e83 ("Bluetooth: af_bluetooth: Fix Use-After-Free in bt_sock_recvmsg")
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@geliangtang geliangtang

Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@matttbe @geliangtang @mjmartineau