mptcp: annotate lockless access for token

The token field is manipulated under the msk socket lock
and accessed lockless in a few spots, add proper ONCE annotation

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Mat Martineau <martineau@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 4ae19113b8eb2227378c7ef10ce43dd5728b5c61..53e0b08b11232e21e258515326dd63149f60d04b 100644 (file)
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -77,7 +77,7 @@ void mptcp_pm_new_connection(struct mptcp_sock *msk, const struct sock *ssk, int
 {
        struct mptcp_pm_data *pm = &msk->pm;
 
-       pr_debug("msk=%p, token=%u side=%d", msk, msk->token, server_side);
+       pr_debug("msk=%p, token=%u side=%d", msk, READ_ONCE(msk->token), server_side);
 
        WRITE_ONCE(pm->server_side, server_side);
        mptcp_event(MPTCP_EVENT_CREATED, msk, ssk, GFP_ATOMIC);

diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index 287a60381eae6e39c68d49a65530ea5bdc8a6675..d9ad45959219383a757bc4e52794f49dda18fe1f 100644 (file)
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -1997,7 +1997,7 @@ static int mptcp_event_put_token_and_ssk(struct sk_buff *skb,
        const struct mptcp_subflow_context *sf;
        u8 sk_err;
 
-       if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, msk->token))
+       if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, READ_ONCE(msk->token)))
                return -EMSGSIZE;
 
        if (mptcp_event_add_subflow(skb, ssk))
@@ -2055,7 +2055,7 @@ static int mptcp_event_created(struct sk_buff *skb,
                               const struct mptcp_sock *msk,
                               const struct sock *ssk)
 {
-       int err = nla_put_u32(skb, MPTCP_ATTR_TOKEN, msk->token);
+       int err = nla_put_u32(skb, MPTCP_ATTR_TOKEN, READ_ONCE(msk->token));
 
        if (err)
                return err;
@@ -2083,7 +2083,7 @@ void mptcp_event_addr_removed(const struct mptcp_sock *msk, uint8_t id)
        if (!nlh)
                goto nla_put_failure;
 
-       if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, msk->token))
+       if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, READ_ONCE(msk->token)))
                goto nla_put_failure;
 
        if (nla_put_u8(skb, MPTCP_ATTR_REM_ID, id))
@@ -2118,7 +2118,7 @@ void mptcp_event_addr_announced(const struct sock *ssk,
        if (!nlh)
                goto nla_put_failure;
 
-       if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, msk->token))
+       if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, READ_ONCE(msk->token)))
                goto nla_put_failure;
 
        if (nla_put_u8(skb, MPTCP_ATTR_REM_ID, info->id))
@@ -2234,7 +2234,7 @@ void mptcp_event(enum mptcp_event_type type, const struct mptcp_sock *msk,
                        goto nla_put_failure;
                break;
        case MPTCP_EVENT_CLOSED:
-               if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, msk->token) < 0)
+               if (nla_put_u32(skb, MPTCP_ATTR_TOKEN, READ_ONCE(msk->token)) < 0)
                        goto nla_put_failure;
                break;
        case MPTCP_EVENT_ANNOUNCED:

diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 90804e7fb7f6f3fff3c4be00e8baf9de3b0a000b..4478ddd3b5fa762e14701d2eac48afe93435ca51 100644 (file)
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -3199,7 +3199,7 @@ struct sock *mptcp_sk_clone_init(const struct sock *sk,
 
        msk = mptcp_sk(nsk);
        WRITE_ONCE(msk->local_key, subflow_req->local_key);
-       msk->token = subflow_req->token;
+       WRITE_ONCE(msk->token, subflow_req->token);
        msk->in_accept_queue = 1;
        WRITE_ONCE(msk->fully_established, false);
        if (mp_opt->suboptions & OPTION_MPTCP_CSUMREQD)