tcp: Fix data-races around sysctl_tcp_syn(ack)?_retries.

author Kuniyuki Iwashima <kuniyu@amazon.com>

Fri, 15 Jul 2022 17:17:46 +0000 (10:17 -0700)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fri, 29 Jul 2022 15:25:18 +0000 (17:25 +0200)
author Kuniyuki Iwashima <kuniyu@amazon.com>
Fri, 15 Jul 2022 17:17:46 +0000 (10:17 -0700)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 29 Jul 2022 15:25:18 +0000 (17:25 +0200)
diff --git a/net/ipv4/inet_connection_sock.c b/net/ipv4/inet_connection_sock.c

index d3bbb344bbe12bc86bb0a5e7a85cf0850e4110f8..a53f9bf7886f081ce675da5ab3158ebd6fccb8f2 100644 (file)
--- a/net/ipv4/inet_connection_sock.c
+++ b/net/ipv4/inet_connection_sock.c
@@ -829,7 +829,8 @@ static void reqsk_timer_handler(struct timer_list *t)
  
         icsk = inet_csk(sk_listener);
         net = sock_net(sk_listener);
-       max_syn_ack_retries = icsk->icsk_syn_retries ? : net->ipv4.sysctl_tcp_synack_retries;
+       max_syn_ack_retries = icsk->icsk_syn_retries ? :
+               READ_ONCE(net->ipv4.sysctl_tcp_synack_retries);
         /* Normally all the openreqs are young and become mature
          * (i.e. converted to established socket) for first timeout.
          * If synack was not acknowledged for 1 second, it means
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c

index 4ac53c8f0583a91c579e9bd88627b2046c37e7d5..e22a61b2ba82c8a33d93f6d24c7dde5e273eb83a 100644 (file)
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -3974,7 +3974,8 @@ static int do_tcp_getsockopt(struct sock *sk, int level,
                 val = keepalive_probes(tp);
                 break;
         case TCP_SYNCNT:
-               val = icsk->icsk_syn_retries ? : net->ipv4.sysctl_tcp_syn_retries;
+               val = icsk->icsk_syn_retries ? :
+                       READ_ONCE(net->ipv4.sysctl_tcp_syn_retries);
                 break;
         case TCP_LINGER2:
                 val = tp->linger2;
diff --git a/net/ipv4/tcp_timer.c b/net/ipv4/tcp_timer.c

index 4f3b9ab222b6e06f74315deed828ae320af0a9ee..a234704e8163ffa653317ba1273a70a8b4dc4308 100644 (file)
--- a/net/ipv4/tcp_timer.c
+++ b/net/ipv4/tcp_timer.c
@@ -239,7 +239,8 @@ static int tcp_write_timeout(struct sock *sk)
         if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) {
                 if (icsk->icsk_retransmits)
                         __dst_negative_advice(sk);
-               retry_until = icsk->icsk_syn_retries ? : net->ipv4.sysctl_tcp_syn_retries;
+               retry_until = icsk->icsk_syn_retries ? :
+                       READ_ONCE(net->ipv4.sysctl_tcp_syn_retries);
                 expired = icsk->icsk_retransmits >= retry_until;
         } else {
                 if (retransmits_timed_out(sk, net->ipv4.sysctl_tcp_retries1, 0)) {
@@ -406,12 +407,15 @@ abort:            tcp_write_err(sk);
  static void tcp_fastopen_synack_timer(struct sock *sk, struct request_sock *req)
  {
         struct inet_connection_sock *icsk = inet_csk(sk);
-       int max_retries = icsk->icsk_syn_retries ? :
-           sock_net(sk)->ipv4.sysctl_tcp_synack_retries + 1; /* add one more retry for fastopen */
         struct tcp_sock *tp = tcp_sk(sk);
+       int max_retries;
  
         req->rsk_ops->syn_ack_timeout(req);
  
+       /* add one more retry for fastopen */
+       max_retries = icsk->icsk_syn_retries ? :
+               READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_synack_retries) + 1;
+
         if (req->num_timeout >= max_retries) {
                 tcp_write_err(sk);
                 return;
author	Kuniyuki Iwashima <kuniyu@amazon.com>
	Fri, 15 Jul 2022 17:17:46 +0000 (10:17 -0700)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 29 Jul 2022 15:25:18 +0000 (17:25 +0200)
net/ipv4/inet_connection_sock.c		patch \| blob \| history
net/ipv4/tcp.c		patch \| blob \| history
net/ipv4/tcp_timer.c		patch \| blob \| history