From 9c9166b944072d14e82653dfce8b499bc09f4d85 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 1 Aug 2023 09:42:59 +0200 Subject: [PATCH] 6.1-stable patches added patches: mptcp-ensure-subflow-is-unhashed-before-cleaning-the-backlog.patch selftests-mptcp-sockopt-use-iptables-legacy-if-available.patch --- ...unhashed-before-cleaning-the-backlog.patch | 42 +++++++++ ...opt-use-iptables-legacy-if-available.patch | 93 +++++++++++++++++++ queue-6.1/series | 2 + 3 files changed, 137 insertions(+) create mode 100644 queue-6.1/mptcp-ensure-subflow-is-unhashed-before-cleaning-the-backlog.patch create mode 100644 queue-6.1/selftests-mptcp-sockopt-use-iptables-legacy-if-available.patch diff --git a/queue-6.1/mptcp-ensure-subflow-is-unhashed-before-cleaning-the-backlog.patch b/queue-6.1/mptcp-ensure-subflow-is-unhashed-before-cleaning-the-backlog.patch new file mode 100644 index 00000000000..f2e193754aa --- /dev/null +++ b/queue-6.1/mptcp-ensure-subflow-is-unhashed-before-cleaning-the-backlog.patch @@ -0,0 +1,42 @@ +From 3fffa15bfef48b0ad6424779c03e68ae8ace5acb Mon Sep 17 00:00:00 2001 +From: Paolo Abeni +Date: Tue, 4 Jul 2023 22:44:33 +0200 +Subject: mptcp: ensure subflow is unhashed before cleaning the backlog + +From: Paolo Abeni + +commit 3fffa15bfef48b0ad6424779c03e68ae8ace5acb upstream. + +While tacking care of the mptcp-level listener I unintentionally +moved the subflow level unhash after the subflow listener backlog +cleanup. + +That could cause some nasty race and makes the code harder to read. + +Address the issue restoring the proper order of operations. + +Fixes: 57fc0f1ceaa4 ("mptcp: ensure listener is unhashed before updating the sk status") +Cc: stable@vger.kernel.org +Signed-off-by: Paolo Abeni +Reviewed-by: Matthieu Baerts +Signed-off-by: Matthieu Baerts +Signed-off-by: David S. Miller +Signed-off-by: Matthieu Baerts +Signed-off-by: Greg Kroah-Hartman +--- + net/mptcp/protocol.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/net/mptcp/protocol.c ++++ b/net/mptcp/protocol.c +@@ -2945,9 +2945,9 @@ static void mptcp_check_listen_stop(stru + return; + + lock_sock_nested(ssk, SINGLE_DEPTH_NESTING); ++ tcp_set_state(ssk, TCP_CLOSE); + mptcp_subflow_queue_clean(sk, ssk); + inet_csk_listen_stop(ssk); +- tcp_set_state(ssk, TCP_CLOSE); + release_sock(ssk); + } + diff --git a/queue-6.1/selftests-mptcp-sockopt-use-iptables-legacy-if-available.patch b/queue-6.1/selftests-mptcp-sockopt-use-iptables-legacy-if-available.patch new file mode 100644 index 00000000000..56d5a3462da --- /dev/null +++ b/queue-6.1/selftests-mptcp-sockopt-use-iptables-legacy-if-available.patch @@ -0,0 +1,93 @@ +From a5a5990c099dd354e05e89ee77cd2dbf6655d4a1 Mon Sep 17 00:00:00 2001 +From: Matthieu Baerts +Date: Tue, 4 Jul 2023 22:44:36 +0200 +Subject: selftests: mptcp: sockopt: use 'iptables-legacy' if available + +From: Matthieu Baerts + +commit a5a5990c099dd354e05e89ee77cd2dbf6655d4a1 upstream. + +IPTables commands using 'iptables-nft' fail on old kernels, at least +on v5.15 because it doesn't see the default IPTables chains: + + $ iptables -L + iptables/1.8.2 Failed to initialize nft: Protocol not supported + +As a first step before switching to NFTables, we can use iptables-legacy +if available. + +Link: https://github.com/multipath-tcp/mptcp_net-next/issues/368 +Fixes: dc65fe82fb07 ("selftests: mptcp: add packet mark test case") +Cc: stable@vger.kernel.org +Acked-by: Paolo Abeni +Signed-off-by: Matthieu Baerts +Signed-off-by: David S. Miller +Signed-off-by: Greg Kroah-Hartman +--- + tools/testing/selftests/net/mptcp/mptcp_sockopt.sh | 24 +++++++++++---------- + 1 file changed, 13 insertions(+), 11 deletions(-) + +--- a/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh ++++ b/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh +@@ -13,13 +13,15 @@ timeout_poll=30 + timeout_test=$((timeout_poll * 2 + 1)) + mptcp_connect="" + do_all_tests=1 ++iptables="iptables" ++ip6tables="ip6tables" + + add_mark_rules() + { + local ns=$1 + local m=$2 + +- for t in iptables ip6tables; do ++ for t in ${iptables} ${ip6tables}; do + # just to debug: check we have multiple subflows connection requests + ip netns exec $ns $t -A OUTPUT -p tcp --syn -m mark --mark $m -j ACCEPT + +@@ -92,14 +94,14 @@ if [ $? -ne 0 ];then + exit $ksft_skip + fi + +-iptables -V > /dev/null 2>&1 +-if [ $? -ne 0 ];then ++# Use the legacy version if available to support old kernel versions ++if iptables-legacy -V &> /dev/null; then ++ iptables="iptables-legacy" ++ ip6tables="ip6tables-legacy" ++elif ! iptables -V &> /dev/null; then + echo "SKIP: Could not run all tests without iptables tool" + exit $ksft_skip +-fi +- +-ip6tables -V > /dev/null 2>&1 +-if [ $? -ne 0 ];then ++elif ! ip6tables -V &> /dev/null; then + echo "SKIP: Could not run all tests without ip6tables tool" + exit $ksft_skip + fi +@@ -109,10 +111,10 @@ check_mark() + local ns=$1 + local af=$2 + +- tables=iptables ++ tables=${iptables} + + if [ $af -eq 6 ];then +- tables=ip6tables ++ tables=${ip6tables} + fi + + counters=$(ip netns exec $ns $tables -v -L OUTPUT | grep DROP) +@@ -314,8 +316,8 @@ do_tcpinq_tests() + { + local lret=0 + +- ip netns exec "$ns1" iptables -F +- ip netns exec "$ns1" ip6tables -F ++ ip netns exec "$ns1" ${iptables} -F ++ ip netns exec "$ns1" ${ip6tables} -F + + if ! mptcp_lib_kallsyms_has "mptcp_ioctl$"; then + echo "INFO: TCP_INQ not supported: SKIP" diff --git a/queue-6.1/series b/queue-6.1/series index 502adffa931..8353f33f3d3 100644 --- a/queue-6.1/series +++ b/queue-6.1/series @@ -221,3 +221,5 @@ drm-amd-display-write-to-correct-dirty_rect.patch acpi-processor-perflib-use-the-no-limit-frequency-qos.patch acpi-processor-perflib-avoid-updating-frequency-qos-unnecessarily.patch cpufreq-intel_pstate-drop-acpi-_pss-states-table-patching.patch +mptcp-ensure-subflow-is-unhashed-before-cleaning-the-backlog.patch +selftests-mptcp-sockopt-use-iptables-legacy-if-available.patch -- 2.47.3