mptcp: introduce add_addr_v6_port_drop_ts sysctl knob

This sysctl is going to be used in the next commits to drop TCP
timestamps option, to be able to send an ADD_ADDR with a v6 IP address
and a port number. It is enabled by default.

This knob is explicitly disabled in the MPTCP Join selftest, with the
"signal addr list progresses after tx drop" subtest, to continue
verifying the previous behaviour where the ADD_ADDR is not sent due to a
lack of space.

While at it, move syn_retrans_before_tcp_fallback down from struct
mptcp_pernet, to avoid creating another 3 bytes hole.

Reviewed-by: Mat Martineau <martineau@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Link: https://patch.msgid.link/20260605-net-next-mptcp-add-addr6-port-ts-v2-4-758e7ca73f4d@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/Documentation/networking/mptcp-sysctl.rst b/Documentation/networking/mptcp-sysctl.rst
index 1eb6af26b4a7acdedd575a126c576210a78f0d4d..b9b5f58e06257c190ec74b1c4e96cfff06c7567e 100644 (file)
--- a/Documentation/networking/mptcp-sysctl.rst
+++ b/Documentation/networking/mptcp-sysctl.rst
@@ -21,6 +21,19 @@ add_addr_timeout - INTEGER (seconds)
 
        Default: 120
 
+add_addr_v6_port_drop_ts - BOOLEAN
+       Control whether preparing an ADD_ADDR with an IPv6 address and a port
+       should drop the TCP timestamps option to have enough option space to
+       send the signal.
+
+       If there is not enough option space, and the TCP timestamps option
+       cannot be dropped, the signal cannot be sent. Note that dropping the TCP
+       timestamps option for one packet of the connection could disrupt some
+       middleboxes: even if it should be unlikely, they could drop the packet
+       or block the connection. This is a per-namespace sysctl.
+
+       Default: 1 (enabled)
+
 allow_join_initial_addr_port - BOOLEAN
        Allow peers to send join requests to the IP address and port number used
        by the initial subflow if the value is 1. This controls a flag that is

diff --git a/net/mptcp/ctrl.c b/net/mptcp/ctrl.c
index d96130e49942e2fb878cd1897ad43c1d420fb233..63c5747f0f63cf75e516f68ac6cdde5ba5522278 100644 (file)
--- a/net/mptcp/ctrl.c
+++ b/net/mptcp/ctrl.c
@@ -32,12 +32,13 @@ struct mptcp_pernet {
        unsigned int close_timeout;
        unsigned int stale_loss_cnt;
        atomic_t active_disable_times;
-       u8 syn_retrans_before_tcp_fallback;
        unsigned long active_disable_stamp;
+       u8 syn_retrans_before_tcp_fallback;
        u8 mptcp_enabled;
        u8 checksum_enabled;
        u8 allow_join_initial_addr_port;
        u8 pm_type;
+       u8 add_addr_v6_port_drop_ts;
        char scheduler[MPTCP_SCHED_NAME_MAX];
        char path_manager[MPTCP_PM_NAME_MAX];
 };
@@ -94,6 +95,11 @@ const char *mptcp_get_scheduler(const struct net *net)
        return mptcp_get_pernet(net)->scheduler;
 }
 
+unsigned int mptcp_add_addr_v6_port_drop_ts(const struct net *net)
+{
+       return READ_ONCE(mptcp_get_pernet(net)->add_addr_v6_port_drop_ts);
+}
+
 static void mptcp_pernet_set_defaults(struct mptcp_pernet *pernet)
 {
        pernet->mptcp_enabled = 1;
@@ -108,6 +114,7 @@ static void mptcp_pernet_set_defaults(struct mptcp_pernet *pernet)
        pernet->pm_type = MPTCP_PM_TYPE_KERNEL;
        strscpy(pernet->scheduler, "default", sizeof(pernet->scheduler));
        strscpy(pernet->path_manager, "kernel", sizeof(pernet->path_manager));
+       pernet->add_addr_v6_port_drop_ts = 1;
 }
 
 #ifdef CONFIG_SYSCTL
@@ -362,6 +369,14 @@ static struct ctl_table mptcp_sysctl_table[] = {
                .mode = 0444,
                .proc_handler = proc_available_path_managers,
        },
+       {
+               .procname = "add_addr_v6_port_drop_ts",
+               .maxlen = sizeof(u8),
+               .mode = 0644,
+               .proc_handler = proc_dou8vec_minmax,
+               .extra1       = SYSCTL_ZERO,
+               .extra2       = SYSCTL_ONE
+       },
 };
 
 static int mptcp_pernet_new_table(struct net *net, struct mptcp_pernet *pernet)
@@ -389,6 +404,7 @@ static int mptcp_pernet_new_table(struct net *net, struct mptcp_pernet *pernet)
        table[10].data = &pernet->syn_retrans_before_tcp_fallback;
        table[11].data = &pernet->path_manager;
        /* table[12] is for available_path_managers which is read-only info */
+       table[13].data = &pernet->add_addr_v6_port_drop_ts;
 
        hdr = register_net_sysctl_sz(net, MPTCP_SYSCTL_PATH, table,
                                     ARRAY_SIZE(mptcp_sysctl_table));

diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 4dfea209ac165729d7edec341b9944f0c2e44ee7..b43dae72e7dee4175748e4a991f6ce359a531616 100644 (file)
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -798,6 +798,7 @@ unsigned int mptcp_close_timeout(const struct sock *sk);
 int mptcp_get_pm_type(const struct net *net);
 const char *mptcp_get_path_manager(const struct net *net);
 const char *mptcp_get_scheduler(const struct net *net);
+unsigned int mptcp_add_addr_v6_port_drop_ts(const struct net *net);
 
 void mptcp_active_disable(struct sock *sk);
 bool mptcp_active_should_disable(struct sock *ssk);

diff --git a/tools/testing/selftests/net/mptcp/mptcp_join.sh b/tools/testing/selftests/net/mptcp/mptcp_join.sh
index ac8dc7051aae04695eea3281e274792b5f00911b..70d5b26be4e0ccee94dcea417a8df6417aa93919 100755 (executable)
--- a/tools/testing/selftests/net/mptcp/mptcp_join.sh
+++ b/tools/testing/selftests/net/mptcp/mptcp_join.sh
@@ -3313,6 +3313,7 @@ add_addr_ports_tests()
        if reset "signal addr list progresses after tx drop"; then
                pm_nl_set_limits $ns1 0 2
                pm_nl_set_limits $ns2 1 0
+               ip netns exec $ns1 sysctl -q net.mptcp.add_addr_v6_port_drop_ts=0 2>/dev/null || true
                ip netns exec $ns1 sysctl -q net.ipv4.tcp_timestamps=1
                ip netns exec $ns2 sysctl -q net.ipv4.tcp_timestamps=1