git.ipfire.org Git - thirdparty/kernel/stable.git/commit

mptcp: blackhole only if 1st SYN retrans w/o MPC is accepted

commit e598d8981fd34470b78a1ae777dbf131b15d5bf2 upstream.

The Fixes commit mentioned this:

> An MPTCP firewall blackhole can be detected if the following SYN
> retransmission after a fallback to "plain" TCP is accepted.

But in fact, this blackhole was detected if any following SYN
retransmissions after a fallback to TCP was accepted.

That's because 'mptcp_subflow_early_fallback()' will set 'request_mptcp'
to 0, and 'mpc_drop' will never be reset to 0 after.

This is an issue, because some not so unusual situations might cause the
kernel to detect a false-positive blackhole, e.g. a client trying to
connect to a server while the network is not ready yet, causing a few
SYN retransmissions, before reaching the end server.

Fixes: 27069e7cb3d1 ("mptcp: disable active MPTCP in case of blackhole")
Cc: stable@vger.kernel.org
Reviewed-by: Mat Martineau <martineau@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

author	Matthieu Baerts (NGI0) <matttbe@kernel.org>
	Wed, 29 Jan 2025 12:24:32 +0000 (13:24 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Sat, 8 Feb 2025 09:02:23 +0000 (10:02 +0100)
commit	be2c5f7ff6b60946c8abf26893859a9be4f4377a
tree	8e80c861f86b4da5699a59850f8beaa059267f8b	tree \| snapshot
parent	6ec806762318a4adde0ea63342d42d0feae95079	commit \| diff