From patchwork Thu Oct 10 17:48:13 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 13830593 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-yw1-f201.google.com (mail-yw1-f201.google.com [209.85.128.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B00C619ABC6 for ; Thu, 10 Oct 2024 17:48:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582504; cv=none; b=pAaOKpE/eDvJ8Uv2nfYuK73kqasQcVAcbhkNPe0u2+73STTK5wk7DKMRy0M/wm2xlc3CKQbGx1Ea/tG2UiaaztTfCawxyEdN0N04kXTydMxEHCRSUYVtBqSqo5UATr9EnU8TGsHDwwH/ujDSVhBDJRVa6pvJNDKoRUlGZt3mfCY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582504; c=relaxed/simple; bh=q0ymEh3R3/S4uNyQ5q7zY0/XLw3g0RXbIdEqLudYaJs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=cCIu7Lnr5oENT3g8ouwFNBHBuvLkhdr5r4hnAmXqVu0dvDa4ckKSLeXZlRUoRX5rCTrYcCEtLPh7B+tx+m10DEkqYdXV1cJ9qVupTvoHDDSTZNVGnbB6a8smJ+5XXc/gAZqwLgvuYpt0ZfS6G2aESZy7DuqmCYYQUHPAmLaHZrU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=1scUtVZL; arc=none smtp.client-ip=209.85.128.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="1scUtVZL" Received: by mail-yw1-f201.google.com with SMTP id 00721157ae682-6dbbeee08f0so34194807b3.0 for ; Thu, 10 Oct 2024 10:48:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1728582501; x=1729187301; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=XoMnp4Nry8CjnjfsHz9gkcWW9bq3s6INmjM+kPdCiJU=; b=1scUtVZLOjJQTn2968wZXg2iLQMSOabVt42By88qfGTqRoDg+9gC37gWyB+LNZCkjK WqelCHIKpC1LijjaKdhsWfkk+bEWQUCxxROMGOc5qRiOVTfMQcfG0kmm6OCDnBFCPUlr LzXseiyYvFetGRcQAnV6i3cufQjUrJcqOzqPFLvqusJO0ePmwmu1H1qrRJ54mFml2esq EpDbltrTOGbCwTANr+5ooNyiIZWGsazfBDq2EnzVlTlygv34THTV9PBrXaMVNOpInyFo ploq/FEKyGkWp9iThk7zyn+NsyeW0MPyye9AYlep67Tglrhm9jJk7onW2amnXwJsC9Bh jvBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728582502; x=1729187302; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=XoMnp4Nry8CjnjfsHz9gkcWW9bq3s6INmjM+kPdCiJU=; b=N1METCiZS7uyplNvOEUEJw0NVJoAiHfuiHChA+3NuDq/bUVy/6ecZB648nngrKbGY5 dg5LqGEWttE/zSDFHTW0nVEubyMQcZcgsCGTw7SCsGUjFFXhYZqHHTEKp9MmfiI/Tnbo lxG4O3/o5cglZAWGnaZleO6EpkjqSIzlgeqap9d8Ji8fOL9clcxpUqwDiJPf7I7Y0NRU w1xT9ASiPrmXYi5Uswwv4IuOB98zkJM6joxBRmxom3jxJts1ie5SM7GAFA0jv9OwD+/h Gg+tv36LeqqG7I2Wv71hhboLVNIKE1rqFyVnayRdCTCmTsg+9uaaRT6JSaE/KLirUrwF 0cnA== X-Forwarded-Encrypted: i=1; AJvYcCVw0Vpfp9229jCFTa62BAxZJ6XHjfUn2lTpOBi9W2TXWIhFwdh7gCxZOuv/Vf9xaHFE5Eb7mdg=@vger.kernel.org X-Gm-Message-State: AOJu0Ywedza12WtE9xdMG+Aan9t89oc8mNbBXDEGVc6sY6nQngivZfkm xoo9XSQ+Yj4XRPRS49oARTBXhBeeGuF5HB9AL4JWFjz7Fb20bjbzIEkFuFUCyqXaLYJknYJFABT M7fYVm222Mw== X-Google-Smtp-Source: AGHT+IFd7PW72o3mET4chvQ8yYX2VyrAC6Vk/+fDf2YEWXTAmLfbdh8G9K7tEOjUFcQ8EI23xWRjS+0SxCTisg== X-Received: from edumazet1.c.googlers.com ([fda3:e722:ac3:cc00:f7:ea0b:ac12:11d6]) (user=edumazet job=sendgmr) by 2002:a05:6902:1813:b0:e24:b971:c4cb with SMTP id 3f1490d57ef6-e290b7d67f3mr53411276.2.1728582501526; Thu, 10 Oct 2024 10:48:21 -0700 (PDT) Date: Thu, 10 Oct 2024 17:48:13 +0000 In-Reply-To: <20241010174817.1543642-1-edumazet@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241010174817.1543642-1-edumazet@google.com> X-Mailer: git-send-email 2.47.0.rc1.288.g06298d1525-goog Message-ID: <20241010174817.1543642-2-edumazet@google.com> Subject: [PATCH v3 net-next 1/5] net: add TIME_WAIT logic to sk_to_full_sk() From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski , Paolo Abeni Cc: Martin KaFai Lau , Kuniyuki Iwashima , Neal Cardwell , Brian Vazquez , netdev@vger.kernel.org, eric.dumazet@gmail.com, Eric Dumazet X-Patchwork-Delegate: kuba@kernel.org TCP will soon attach TIME_WAIT sockets to some ACK and RST. Make sure sk_to_full_sk() detects this and does not return a non full socket. v3: also changed sk_const_to_full_sk() Signed-off-by: Eric Dumazet Reviewed-by: Kuniyuki Iwashima Reviewed-by: Martin KaFai Lau Reviewed-by: Brian Vazquez --- include/linux/bpf-cgroup.h | 2 +- include/net/inet_sock.h | 8 ++++++-- net/core/filter.c | 6 +----- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/include/linux/bpf-cgroup.h b/include/linux/bpf-cgroup.h index ce91d9b2acb9f8991150ceead4475b130bead438..f0f219271daf4afea2666c4d09fd4d1a8091f844 100644 --- a/include/linux/bpf-cgroup.h +++ b/include/linux/bpf-cgroup.h @@ -209,7 +209,7 @@ static inline bool cgroup_bpf_sock_enabled(struct sock *sk, int __ret = 0; \ if (cgroup_bpf_enabled(CGROUP_INET_EGRESS) && sk) { \ typeof(sk) __sk = sk_to_full_sk(sk); \ - if (sk_fullsock(__sk) && __sk == skb_to_full_sk(skb) && \ + if (__sk && __sk == skb_to_full_sk(skb) && \ cgroup_bpf_sock_enabled(__sk, CGROUP_INET_EGRESS)) \ __ret = __cgroup_bpf_run_filter_skb(__sk, skb, \ CGROUP_INET_EGRESS); \ diff --git a/include/net/inet_sock.h b/include/net/inet_sock.h index f01dd273bea69d2eaf7a1d28274d7f980942b78a..56d8bc5593d3dfffd5f94cf7c6383948881917df 100644 --- a/include/net/inet_sock.h +++ b/include/net/inet_sock.h @@ -321,8 +321,10 @@ static inline unsigned long inet_cmsg_flags(const struct inet_sock *inet) static inline struct sock *sk_to_full_sk(struct sock *sk) { #ifdef CONFIG_INET - if (sk && sk->sk_state == TCP_NEW_SYN_RECV) + if (sk && READ_ONCE(sk->sk_state) == TCP_NEW_SYN_RECV) sk = inet_reqsk(sk)->rsk_listener; + if (sk && READ_ONCE(sk->sk_state) == TCP_TIME_WAIT) + sk = NULL; #endif return sk; } @@ -331,8 +333,10 @@ static inline struct sock *sk_to_full_sk(struct sock *sk) static inline const struct sock *sk_const_to_full_sk(const struct sock *sk) { #ifdef CONFIG_INET - if (sk && sk->sk_state == TCP_NEW_SYN_RECV) + if (sk && READ_ONCE(sk->sk_state) == TCP_NEW_SYN_RECV) sk = ((const struct request_sock *)sk)->rsk_listener; + if (sk && READ_ONCE(sk->sk_state) == TCP_TIME_WAIT) + sk = NULL; #endif return sk; } diff --git a/net/core/filter.c b/net/core/filter.c index bd0d08bf76bb8de39ca2ca89cda99a97c9b0a034..202c1d386e19599e9fc6e0a0d4a95986ba6d0ea8 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -6778,8 +6778,6 @@ __bpf_sk_lookup(struct sk_buff *skb, struct bpf_sock_tuple *tuple, u32 len, /* sk_to_full_sk() may return (sk)->rsk_listener, so make sure the original sk * sock refcnt is decremented to prevent a request_sock leak. */ - if (!sk_fullsock(sk2)) - sk2 = NULL; if (sk2 != sk) { sock_gen_put(sk); /* Ensure there is no need to bump sk2 refcnt */ @@ -6826,8 +6824,6 @@ bpf_sk_lookup(struct sk_buff *skb, struct bpf_sock_tuple *tuple, u32 len, /* sk_to_full_sk() may return (sk)->rsk_listener, so make sure the original sk * sock refcnt is decremented to prevent a request_sock leak. */ - if (!sk_fullsock(sk2)) - sk2 = NULL; if (sk2 != sk) { sock_gen_put(sk); /* Ensure there is no need to bump sk2 refcnt */ @@ -7276,7 +7272,7 @@ BPF_CALL_1(bpf_get_listener_sock, struct sock *, sk) { sk = sk_to_full_sk(sk); - if (sk->sk_state == TCP_LISTEN && sock_flag(sk, SOCK_RCU_FREE)) + if (sk && sk->sk_state == TCP_LISTEN && sock_flag(sk, SOCK_RCU_FREE)) return (unsigned long)sk; return (unsigned long)NULL; From patchwork Thu Oct 10 17:48:14 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 13830594 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-yb1-f201.google.com (mail-yb1-f201.google.com [209.85.219.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7D73719D8A4 for ; Thu, 10 Oct 2024 17:48:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.219.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582506; cv=none; b=FGdrV9jk96gUlCI6BuhicGEUnqKxgQ1TOwXja/7Wgg5r/ULTZbrsx55obYh2IQmHk7wlzlNiJ+PyMeWAarYzMJ78h4cc2/mqSAZ9szaKoX8bF5cqrL3kMMTn/hWixt4s4/rO0o3zyf0quBbAll2gY8tDtPP5OX2/6flyzA/Krbw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582506; c=relaxed/simple; bh=EW8rjCw/z5f98YSJSWfWxCIbXkq4lwiqQFR/qJ+ctus=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=rYRMm42D8qacxF5xDD1QckJa0TThN2Gs9Gud1VWgl79IU7dJBAgRpGK3yW7xOgbZa4oeceFj/+z9IANibX2j1CjDTFHmn2STTIngs5xJW2CMg8+BvvUVk60wi56PHK9tiix5uAG3OzR6jYQP7V2pN033KMSecBkb3U9uxmRhgZs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=QNNVGcVJ; arc=none smtp.client-ip=209.85.219.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="QNNVGcVJ" Received: by mail-yb1-f201.google.com with SMTP id 3f1490d57ef6-e29135d1d0cso789859276.1 for ; Thu, 10 Oct 2024 10:48:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1728582503; x=1729187303; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=OuHZY684PM6JvayTAnAVyb/OrKemqXhLytf5nIKhzFY=; b=QNNVGcVJvMBpyjcKo3Hez7KupdX3sz5PLY4lLkk16noecwrhFp5g4bzEweid4Gu3lv x/PXbRN9W6vucNd5QUCiYTK1qMSQp4BbbTH9MZu7T3T1Jsy/WkeDvGCrTVL3Xxl1Gt89 XZLijF07WM6wm5vuoMAHYRLCSC/EdeGaq8957gzpX62bEZWnZUR9FfDkSFv13WwfKCqY fhy0O4fHCezG9LhDYyOnabUj7m79aSO+3obMtoGVoYX8wiUmawHdirqEu9r+6VY0MnYi 0Wnn5bKrQcCKxVdP5mvJPbpEPojhWCMeDp5ecK2X18wEGqWWnNg42JAQAIFHNmOsLKIb RDFQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728582503; x=1729187303; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=OuHZY684PM6JvayTAnAVyb/OrKemqXhLytf5nIKhzFY=; b=VH8RHGyUhb65VpZNJ76wV9u0/Yz3zUj60hmPOLUEWUO1jt/zQAldWr4NDb1EMg0S3V 7AcBmlrWbs338+SLFNFrkXkz2EwP0KQwXEwjmCvGnaDPmzFPrqBCaKUVqUZ6DaBCiGip eRIB2h7CBhWptcfamajzNzN5abLaudYVV1w1QP/JcdDH4lg1VrsEmkkn4GUFI21NWaPZ 8UCNdg0AO//JjV7n5NXhhrO5elIEMz/w99WJMIkCzWj5m5+zwS2PuvQOS/fRZye+uexS wFtt/TfJrP5lb8ZmJVqw2Fu+GnxwXiC75uo4G6RvIk8OboqlUh0A7TZjaf1ww3mf3Zh0 aAKQ== X-Forwarded-Encrypted: i=1; AJvYcCXNGiriv5AyrVQwiT8tx6a0FrVL2X7SfTf4aRjD9KqxQ54mJildKT7k5RtJrnUVQTXKQe3e99A=@vger.kernel.org X-Gm-Message-State: AOJu0Yxl9H/R38zn+bP0cPrxWspY7uqxh9e6VrqA/NME7oEsIxCSdjtO ppR4bbAc8oGJmt+q3CYNAF4i+t6o2gHXpeYZS/Z1koUp6GK39iUuON6GPXjCzc5zoTGQ24HKODD j7GgpFo8HMA== X-Google-Smtp-Source: AGHT+IFEZ50kjCgKcORP4ujltXM2aiUDBiXap4TybmlJC/M0ATsWiOLSgJ7Zeopjm17NOqUr2SKb6FKBIB9OTg== X-Received: from edumazet1.c.googlers.com ([fda3:e722:ac3:cc00:f7:ea0b:ac12:11d6]) (user=edumazet job=sendgmr) by 2002:a25:9206:0:b0:e29:142:86b6 with SMTP id 3f1490d57ef6-e29014286f5mr4903276.10.1728582503374; Thu, 10 Oct 2024 10:48:23 -0700 (PDT) Date: Thu, 10 Oct 2024 17:48:14 +0000 In-Reply-To: <20241010174817.1543642-1-edumazet@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241010174817.1543642-1-edumazet@google.com> X-Mailer: git-send-email 2.47.0.rc1.288.g06298d1525-goog Message-ID: <20241010174817.1543642-3-edumazet@google.com> Subject: [PATCH v3 net-next 2/5] net_sched: sch_fq: prepare for TIME_WAIT sockets From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski , Paolo Abeni Cc: Martin KaFai Lau , Kuniyuki Iwashima , Neal Cardwell , Brian Vazquez , netdev@vger.kernel.org, eric.dumazet@gmail.com, Eric Dumazet X-Patchwork-Delegate: kuba@kernel.org TCP stack is not attaching skb to TIME_WAIT sockets yet, but we would like to allow this in the future. Add sk_listener_or_tw() helper to detect the three states that FQ needs to take care. Like NEW_SYN_RECV, TIME_WAIT are not full sockets and do not contain sk->sk_pacing_status, sk->sk_pacing_rate. Signed-off-by: Eric Dumazet Reviewed-by: Kuniyuki Iwashima Reviewed-by: Brian Vazquez --- include/net/sock.h | 10 ++++++++++ net/sched/sch_fq.c | 3 ++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/include/net/sock.h b/include/net/sock.h index b32f1424ecc52e4a299a207c029192475c1b6a65..703ec6aef927337f7ca6798ff3c3970529af53f9 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -2800,6 +2800,16 @@ static inline bool sk_listener(const struct sock *sk) return (1 << sk->sk_state) & (TCPF_LISTEN | TCPF_NEW_SYN_RECV); } +/* This helper checks if a socket is a LISTEN or NEW_SYN_RECV or TIME_WAIT + * TCP SYNACK messages can be attached to LISTEN or NEW_SYN_RECV (depending on SYNCOOKIE) + * TCP RST and ACK can be attached to TIME_WAIT. + */ +static inline bool sk_listener_or_tw(const struct sock *sk) +{ + return (1 << READ_ONCE(sk->sk_state)) & + (TCPF_LISTEN | TCPF_NEW_SYN_RECV | TCPF_TIME_WAIT); +} + void sock_enable_timestamp(struct sock *sk, enum sock_flags flag); int sock_recv_errqueue(struct sock *sk, struct msghdr *msg, int len, int level, int type); diff --git a/net/sched/sch_fq.c b/net/sched/sch_fq.c index aeabf45c9200c4aea75fb6c63986e37eddfea5f9..a97638bef6da5be8a84cc572bf2372551f4b7f96 100644 --- a/net/sched/sch_fq.c +++ b/net/sched/sch_fq.c @@ -362,8 +362,9 @@ static struct fq_flow *fq_classify(struct Qdisc *sch, struct sk_buff *skb, * 3) We do not want to rate limit them (eg SYNFLOOD attack), * especially if the listener set SO_MAX_PACING_RATE * 4) We pretend they are orphaned + * TCP can also associate TIME_WAIT sockets with RST or ACK packets. */ - if (!sk || sk_listener(sk)) { + if (!sk || sk_listener_or_tw(sk)) { unsigned long hash = skb_get_hash(skb) & q->orphan_mask; /* By forcing low order bit to 1, we make sure to not From patchwork Thu Oct 10 17:48:15 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 13830595 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-qk1-f201.google.com (mail-qk1-f201.google.com [209.85.222.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id F3C1E19ABC6 for ; Thu, 10 Oct 2024 17:48:25 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.222.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582507; cv=none; b=fQDqdOZcwd6FNeRgd5tV0VmmLpVtM4hL67S63fgEGdMGFaotVcM/6bKohRBQ1Sf4zRD6twCB+ujcd6YnLaAJO1/w5FE8ba7+m5w6q7bnj4y3b632flI54pANa017VfovZQUppu0oiXOh/dI9wvlkrLZGEpW/FxrlugolpdmwyAk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582507; c=relaxed/simple; bh=sKfvKok3fq3eyG/tK+2hXfkWNQA6GdeD6b6mflzlR3I=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=G0R9y+8paXoSr8P5zXC7tZjdvKf7Egbvr4d1G15OiJE0fanAPIaKrQn5FGQ/Q59qgUddBKVbweXkpkk9lWHEcUgC1mtra2fpooWLH+VdyAHr6199CwiTHnlnsLr39P1Y1skR/Ssc2MuPNYS9LrQJSf4jC65s6nCcE2JvSgaPJLs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=nIlIFBN0; arc=none smtp.client-ip=209.85.222.201 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="nIlIFBN0" Received: by mail-qk1-f201.google.com with SMTP id af79cd13be357-7b117cdb27bso105783485a.2 for ; Thu, 10 Oct 2024 10:48:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1728582505; x=1729187305; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=toLrgx1ltD35Rto733JypjJAuYnc+WvmBoor6BwKd1w=; b=nIlIFBN0RegfILQyIoBJXjYGAjbcULXxOhRyAiV/7zf7YGcUwZwau8awVPrH3ZYGmh CcCW3LquNw09x15VulJNeXMFAVv1WNorfSsTbp+pPHgQqhAzYjRbrUqYpdWIWIKLo7AD sZVMA2KjqmPnP8bsd5rtiGJP3uryzqvv5dEVfY8XYij1uYt8vsaudKm/UF1cvpNCA+07 usSaA2WxqXohgCmuIhxOBsSm44CC1eCJMdnI+hW5L+Z4pXyVoBQv1gKJFz+l5Kby3RKI PFG/MDVI1phPE1NewZW/lHNcriqXJ1YbSlz3qrN8XmZZvapWSF+j577MIV7czz1THV3L k7rw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728582505; x=1729187305; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=toLrgx1ltD35Rto733JypjJAuYnc+WvmBoor6BwKd1w=; b=Tt7vkxe9GMc9mmLGAtNnUcoJJNBr8aE09xA9qg/JntjiSOzZhIlzhqER+iwW0xdnwN CjU/QWadShK1AfdBW8vwRrDhr+Q1em3CE2gWxYonacfHy+B6aJ3CuyvKtLQ1rGOerM4z dxKq1HmCQUXKKzMCmv4HWNmn88nozkmTbmfq3dyVwjNCtss2TOI4kmZXOb4giE4Scz03 TriVTm7zPwRrpy5kL7p7elEPdGdr1mmExaSr6n04Sq1CTPCLD8QaT40nDqE/R5VaGZ5K AZ6Z6dXqX5qiBY9qugWboFHYCvY//vREeH8H7viBDNNr72/aBIZ6U7V05bVsAYoAy+Ya rJLQ== X-Forwarded-Encrypted: i=1; AJvYcCW+GBxRV/V/nK3jjXgIte4l2Q+5HeYNYN0GveyYVUPnruuwrg2s64DjLLq6oZQntWh0c/FB99o=@vger.kernel.org X-Gm-Message-State: AOJu0YxLKV2yvzntWhrPjh+yeSN2bnMBFg7Y7xl1XRmv+7QzT5YrZPZC xbia/LIM16XzccgSt8Lw3RRtDIqoT3f1Qto3C5gw3xsaBY3VDI8nj1oKaHz1jUcqqhmQw35A08o HL7ii1moc4w== X-Google-Smtp-Source: AGHT+IH62eArbiEmYhE6g3pKu9rRM3SROHYyzoXcn8OCPe3+NNi33Y3J8FjiF8vYfWho59d5iBGzDei+OgJa9Q== X-Received: from edumazet1.c.googlers.com ([fda3:e722:ac3:cc00:f7:ea0b:ac12:11d6]) (user=edumazet job=sendgmr) by 2002:a05:620a:137a:b0:7b1:11a1:ab6c with SMTP id af79cd13be357-7b111a1b804mr226285a.5.1728582504963; Thu, 10 Oct 2024 10:48:24 -0700 (PDT) Date: Thu, 10 Oct 2024 17:48:15 +0000 In-Reply-To: <20241010174817.1543642-1-edumazet@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241010174817.1543642-1-edumazet@google.com> X-Mailer: git-send-email 2.47.0.rc1.288.g06298d1525-goog Message-ID: <20241010174817.1543642-4-edumazet@google.com> Subject: [PATCH v3 net-next 3/5] net: add skb_set_owner_edemux() helper From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski , Paolo Abeni Cc: Martin KaFai Lau , Kuniyuki Iwashima , Neal Cardwell , Brian Vazquez , netdev@vger.kernel.org, eric.dumazet@gmail.com, Eric Dumazet X-Patchwork-Delegate: kuba@kernel.org This can be used to attach a socket to an skb, taking a reference on sk->sk_refcnt. This helper might be a NOP if sk->sk_refcnt is zero. Use it from tcp_make_synack(). Signed-off-by: Eric Dumazet Reviewed-by: Kuniyuki Iwashima Reviewed-by: Brian Vazquez --- include/net/sock.h | 9 +++++++++ net/core/sock.c | 9 +++------ net/ipv4/tcp_output.c | 2 +- 3 files changed, 13 insertions(+), 7 deletions(-) diff --git a/include/net/sock.h b/include/net/sock.h index 703ec6aef927337f7ca6798ff3c3970529af53f9..e5bb64ad92c769f3edb8c2dc72cafb336837cabb 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -1758,6 +1758,15 @@ void sock_efree(struct sk_buff *skb); #ifdef CONFIG_INET void sock_edemux(struct sk_buff *skb); void sock_pfree(struct sk_buff *skb); + +static inline void skb_set_owner_edemux(struct sk_buff *skb, struct sock *sk) +{ + skb_orphan(skb); + if (refcount_inc_not_zero(&sk->sk_refcnt)) { + skb->sk = sk; + skb->destructor = sock_edemux; + } +} #else #define sock_edemux sock_efree #endif diff --git a/net/core/sock.c b/net/core/sock.c index 083d438d8b6faff60e2e3cf1f982eb306a923cf7..f8c0d4eda888cf190b87fb42e94eef4fb950bf1f 100644 --- a/net/core/sock.c +++ b/net/core/sock.c @@ -2592,14 +2592,11 @@ void __sock_wfree(struct sk_buff *skb) void skb_set_owner_w(struct sk_buff *skb, struct sock *sk) { skb_orphan(skb); - skb->sk = sk; #ifdef CONFIG_INET - if (unlikely(!sk_fullsock(sk))) { - skb->destructor = sock_edemux; - sock_hold(sk); - return; - } + if (unlikely(!sk_fullsock(sk))) + return skb_set_owner_edemux(skb, sk); #endif + skb->sk = sk; skb->destructor = sock_wfree; skb_set_hash_from_sk(skb, sk); /* diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 1251510f0e58da6b6403d2097b498f3e4cb6d255..4cf64ed13609fdcb72b3858ca9e20a1e65bd3d94 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -3731,7 +3731,7 @@ struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst, switch (synack_type) { case TCP_SYNACK_NORMAL: - skb_set_owner_w(skb, req_to_sk(req)); + skb_set_owner_edemux(skb, req_to_sk(req)); break; case TCP_SYNACK_COOKIE: /* Under synflood, we do not attach skb to a socket, From patchwork Thu Oct 10 17:48:16 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 13830596 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 69B371CB309 for ; Thu, 10 Oct 2024 17:48:27 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582508; cv=none; b=EzIQbWGbzr6hkiRX1O2SvfktWAFM3VOjeGmEfhUBwQprXYGo82iw1H7mpXtcN4uuGfhvOAw2dofoaG7IFqsbBTzBdJ2SCahWtvvilWrM8nrgd+Q+Ewhjf8cyUog6xbU7v6CEC/U2gHQb97aD08Fc9/AbD+VjjCF7Yofhb46/kG0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582508; c=relaxed/simple; bh=NzATUbh43EuFGnCyQ3XlFjHgissJsk7ZS5HmjCC4Frs=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=QDkPGnln/XwY3LTCpaZYVcrmXSPxqIIg/NPoGKJ4Q4rfvAzjAALmrY9DgD3v5Z/sZwuWA9rguPu5pxoJoLYn614oulI1Pb/2hxZ4EIXNLRbQEsquRFBnSjb6taMJlXxNcC/E8L23fuvKPD9xSgEp747ROrsROtczr2KZslhHVuI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=WI6SQKTB; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="WI6SQKTB" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6e3231725c9so22705827b3.1 for ; Thu, 10 Oct 2024 10:48:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1728582506; x=1729187306; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=h3wiCBXZ8nr1yKT9yyi5IAvXAKwwla0kpy0xY/U0HUc=; b=WI6SQKTB+qyl+hG+CfMcgJG2cgiiQwzZdOCuvV7HMPushJBLFdlmH3gGHsw+NKohf4 mIKS0fM/T+IVn1V50MKiE7dJhazUyQ/npnuCQTvkixzhH3S+GAkyS3cIf+inV1tAfn3B 0G4fbdMb9MUMZJjgqdda3BEzlLlCJoNnLedyqP58OCycV7fOI/2KIvjeies9Qs7AaG74 m0RRpIFW/rrkVm9RrC8vWLBZt5SQnrTw1J/Olz2V/WFC6czjkMz+7vIbf99IbfuWuG5J PQCRSQF1X8i5e9pw4uvtSdq8WbrpSjmHuYM/K4cESSM6B8KcLEhFsVBScZoqV+/LncxL wTXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728582506; x=1729187306; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=h3wiCBXZ8nr1yKT9yyi5IAvXAKwwla0kpy0xY/U0HUc=; b=vhwwKJ4mSENpvB4evIj2xyF/kFEdNE6b0jU0dOmZSqaC5RrhHuI/gQODp3fpwrtwBp 1SuH7K9u0GMwOZ+egcjxtgS2wClpOXkMbxaG1PSxxRijowg+1MXzG8OxAfDFiBg4mHg+ rUn9rGkUHcnrXm+iuKaRkpiKXHqCvOT6cFTtZTAlvOQ2eHqIdIKL4RPceEjovJE1kmT0 DyA/EPpguaWErAfZEb12zBre7mPvnSVqBFOOWZHdYpAp0KaU1NAKfDXyHpL0plXhJj2d vsHeR2re3O8/AX8Ko4DKXHmd8zwCgPw+xO/2XFmlHh1vWondW0NdiYbt43mFjODVDK8d /iHQ== X-Forwarded-Encrypted: i=1; AJvYcCXJQjikS32q/Jsm7Ctp+vR+CP6fekiZpCsFnZMkOLt+QRzcwOmLl/mo5J1sGCawjoem0KAJMhs=@vger.kernel.org X-Gm-Message-State: AOJu0Yxrq7wHPNbF/ubqrW29QTnlv6UcEEE/FyAk8zSZklGg89wA34+n /AO1cNusCYBFrmyWXd1NXmQc7f1jgYSd/W7fTQ25X/nKKBAJJyXVeBSoJXEARjaY4R6GPDwhcSt 8oxR/H2swDw== X-Google-Smtp-Source: AGHT+IHO0CfV6PAIF8JSqKWhMs+641yhNfHS7BSmwz6Iu0/Zx+TbUUkxwh6rPx/tVbJyg3FEnGABjMXnZYaDMg== X-Received: from edumazet1.c.googlers.com ([fda3:e722:ac3:cc00:f7:ea0b:ac12:11d6]) (user=edumazet job=sendgmr) by 2002:a05:690c:4046:b0:6e2:1eba:ac07 with SMTP id 00721157ae682-6e32216f5b0mr732147b3.5.1728582506406; Thu, 10 Oct 2024 10:48:26 -0700 (PDT) Date: Thu, 10 Oct 2024 17:48:16 +0000 In-Reply-To: <20241010174817.1543642-1-edumazet@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241010174817.1543642-1-edumazet@google.com> X-Mailer: git-send-email 2.47.0.rc1.288.g06298d1525-goog Message-ID: <20241010174817.1543642-5-edumazet@google.com> Subject: [PATCH v3 net-next 4/5] ipv6: tcp: give socket pointer to control skbs From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski , Paolo Abeni Cc: Martin KaFai Lau , Kuniyuki Iwashima , Neal Cardwell , Brian Vazquez , netdev@vger.kernel.org, eric.dumazet@gmail.com, Eric Dumazet X-Patchwork-Delegate: kuba@kernel.org tcp_v6_send_response() send orphaned 'control packets'. These are RST packets and also ACK packets sent from TIME_WAIT. Some eBPF programs would prefer to have a meaningful skb->sk pointer as much as possible. This means that TCP can now attach TIME_WAIT sockets to outgoing skbs. Signed-off-by: Eric Dumazet Reviewed-by: Kuniyuki Iwashima Reviewed-by: Brian Vazquez --- net/ipv6/tcp_ipv6.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 7634c0be6acbdb67bb378cc81bdbf184552d2afc..597920061a3a061a878bf0f7a1b03ac4898918a9 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -967,6 +967,9 @@ static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 } if (sk) { + /* unconstify the socket only to attach it to buff with care. */ + skb_set_owner_edemux(buff, (struct sock *)sk); + if (sk->sk_state == TCP_TIME_WAIT) mark = inet_twsk(sk)->tw_mark; else From patchwork Thu Oct 10 17:48:17 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 13830597 X-Patchwork-Delegate: kuba@kernel.org Received: from mail-yw1-f202.google.com (mail-yw1-f202.google.com [209.85.128.202]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B76031C9B6F for ; Thu, 10 Oct 2024 17:48:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.202 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582510; cv=none; b=R08cws5A1jwbTCzFcVTDiOPB5SqwNFKN/QC+usf8V47P/7kDq/QyP2nBk5LN61WbmjTL7AGRRk2wquUGgAKJsfRRSbc5PADLwNOCnj1nj02ZfzfSabHGTG26QrU/fxneEMgASnWnXArr1j/ydZIIyB3fkAwII9EEniGBjBdpM6M= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1728582510; c=relaxed/simple; bh=zonKsBU1GurMAmpIRhwC/D9RxGan+tC92g9iQoZgywc=; h=Date:In-Reply-To:Mime-Version:References:Message-ID:Subject:From: To:Cc:Content-Type; b=HerhDAUjDQUOcQEHV+4+Fhps0Dk4kbl7rhLuhEuYhjrO/HxdG/kHx4r7ghBa/iy/TS9Ahl6Tg4lLvBfVold1sTKO2lrTzyVvkBI64D4e1EEL7IVa51xLWsK4tOBt2vapVnWq2H6b9VoXu0XGJGy2qGY6jbJ211PpngRkY0gwjVI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b=L+P+PIu5; arc=none smtp.client-ip=209.85.128.202 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=google.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=flex--edumazet.bounces.google.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="L+P+PIu5" Received: by mail-yw1-f202.google.com with SMTP id 00721157ae682-6e3204db795so20872427b3.2 for ; Thu, 10 Oct 2024 10:48:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1728582508; x=1729187308; darn=vger.kernel.org; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:from:to:cc:subject:date:message-id:reply-to; bh=tKR4YNRuy3v3002HCuwc8XsJfvyuPUaTnDkfawn1JOM=; b=L+P+PIu5hQfeiduSb6P2U8xvVspccfKCKT11UUnjzSGZxxK38zRDSCPminXCcuAI3U pfHfbqWk0MAkPvhnMyIKl5AP4ekSGBWr4OrPai/BmuHWrt/9JDdTA2pyeVUGt1FiPfsk nbWLuvMFL/KEgzFTLOdyvqeGDvZ94w6t1GP3zi2lI1yjG90w2Y6JgiL9WqhAg6KyTtsD 4I0B0gTG0F6jwZbclzjAyifO3v9UsQjK5ODcmJ4OEpTdVScK+4en1WHMKkbIJZdDJy9N Q2J7vvFFti+XIJYnip+uFo2xUDgXOtDD76nS9xUjlqJWu7QN+c0T9tUUsGjW0/fHIL7V J1hw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1728582508; x=1729187308; h=cc:to:from:subject:message-id:references:mime-version:in-reply-to :date:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=tKR4YNRuy3v3002HCuwc8XsJfvyuPUaTnDkfawn1JOM=; b=ZOV454SfMHTuriM56Fenh7KbZ1EGO9xkWVpSlMKsavKetkpIbWWD8+C7L9tKlc32wp AnBocyEqrzbgg13h0S7TA4GHy4KsEDQf52CbMuqB3mJctlMZlIh/xn+STPLfZvUBaYUB 99vrFTsUmtZ6eKnt9NhrZsbLeElCLSEwuX5S/VEPDR8k6Skj0uETqknXn7P1Eq0q7HUn +G36E//d4i9ZrAYUd3d8Bhe2ZWtEvyWF5wps9Z603S0GkxHsYq6E2vbVACHyJZuTeSSJ Yo9MuTBvpd0bbp/n9IVQmkyBbSy4OmmgeL4XvfNwPw+JhSv3lTPwlQZyvDMZB+cNpNXW W+qg== X-Forwarded-Encrypted: i=1; AJvYcCXf0DNqx2u14EEw2HCy8Y/TrW4ScqMIq032rg2QDMJH7fqKlLcyjCEfocov4Aua++W4qrTWnWc=@vger.kernel.org X-Gm-Message-State: AOJu0Yyje6/QojXFT8GYDXn3RFGotsT6iVl0MDy79hmS25+8fLJPFsSq 0YGPEK38bP5cU1zEkzS0HbZznj/2RtzPSDOODxzVFnVcNXL5sw52blMwpwHrOZsMOyGmyhpwhkV ptt06ZwtQkQ== X-Google-Smtp-Source: AGHT+IGsQbetn9j7kXw+KnQ8FI4jlj3mf2IdaikLQuDPQGnnS8jTpwpDCkhBGduabrUTRvKH3aNTK2w4TMWrQg== X-Received: from edumazet1.c.googlers.com ([fda3:e722:ac3:cc00:f7:ea0b:ac12:11d6]) (user=edumazet job=sendgmr) by 2002:a05:690c:460d:b0:6db:89f0:b897 with SMTP id 00721157ae682-6e3221683d8mr173547b3.4.1728582507790; Thu, 10 Oct 2024 10:48:27 -0700 (PDT) Date: Thu, 10 Oct 2024 17:48:17 +0000 In-Reply-To: <20241010174817.1543642-1-edumazet@google.com> Precedence: bulk X-Mailing-List: netdev@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 References: <20241010174817.1543642-1-edumazet@google.com> X-Mailer: git-send-email 2.47.0.rc1.288.g06298d1525-goog Message-ID: <20241010174817.1543642-6-edumazet@google.com> Subject: [PATCH v3 net-next 5/5] ipv4: tcp: give socket pointer to control skbs From: Eric Dumazet To: "David S . Miller" , Jakub Kicinski , Paolo Abeni Cc: Martin KaFai Lau , Kuniyuki Iwashima , Neal Cardwell , Brian Vazquez , netdev@vger.kernel.org, eric.dumazet@gmail.com, Eric Dumazet X-Patchwork-Delegate: kuba@kernel.org ip_send_unicast_reply() send orphaned 'control packets'. These are RST packets and also ACK packets sent from TIME_WAIT. Some eBPF programs would prefer to have a meaningful skb->sk pointer as much as possible. This means that TCP can now attach TIME_WAIT sockets to outgoing skbs. Signed-off-by: Eric Dumazet Reviewed-by: Kuniyuki Iwashima Reviewed-by: Brian Vazquez --- include/net/ip.h | 3 ++- net/ipv4/ip_output.c | 5 ++++- net/ipv4/tcp_ipv4.c | 4 ++-- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/include/net/ip.h b/include/net/ip.h index bab084df15677543b7400bb2832c0e83988884cb..4be0a6a603b2b5d5cfddc045a7d49d0d77be9570 100644 --- a/include/net/ip.h +++ b/include/net/ip.h @@ -288,7 +288,8 @@ static inline __u8 ip_reply_arg_flowi_flags(const struct ip_reply_arg *arg) return (arg->flags & IP_REPLY_ARG_NOSRCCHECK) ? FLOWI_FLAG_ANYSRC : 0; } -void ip_send_unicast_reply(struct sock *sk, struct sk_buff *skb, +void ip_send_unicast_reply(struct sock *sk, const struct sock *orig_sk, + struct sk_buff *skb, const struct ip_options *sopt, __be32 daddr, __be32 saddr, const struct ip_reply_arg *arg, diff --git a/net/ipv4/ip_output.c b/net/ipv4/ip_output.c index e5c55a95063dd8340f9a014102408e859b4eb755..0065b1996c947078bea210c9abe5c80fa0e0ab4f 100644 --- a/net/ipv4/ip_output.c +++ b/net/ipv4/ip_output.c @@ -1596,7 +1596,8 @@ static int ip_reply_glue_bits(void *dptr, char *to, int offset, * Generic function to send a packet as reply to another packet. * Used to send some TCP resets/acks so far. */ -void ip_send_unicast_reply(struct sock *sk, struct sk_buff *skb, +void ip_send_unicast_reply(struct sock *sk, const struct sock *orig_sk, + struct sk_buff *skb, const struct ip_options *sopt, __be32 daddr, __be32 saddr, const struct ip_reply_arg *arg, @@ -1662,6 +1663,8 @@ void ip_send_unicast_reply(struct sock *sk, struct sk_buff *skb, arg->csumoffset) = csum_fold(csum_add(nskb->csum, arg->csum)); nskb->ip_summed = CHECKSUM_NONE; + if (orig_sk) + skb_set_owner_edemux(nskb, (struct sock *)orig_sk); if (transmit_time) nskb->tstamp_type = SKB_CLOCK_MONOTONIC; if (txhash) diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 985028434f644c399e51d12ba8d9c2c5740dc6e1..9d3dd101ea713b14e13afe662baa49d21b3b716c 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c @@ -907,7 +907,7 @@ static void tcp_v4_send_reset(const struct sock *sk, struct sk_buff *skb, ctl_sk->sk_mark = 0; ctl_sk->sk_priority = 0; } - ip_send_unicast_reply(ctl_sk, + ip_send_unicast_reply(ctl_sk, sk, skb, &TCP_SKB_CB(skb)->header.h4.opt, ip_hdr(skb)->saddr, ip_hdr(skb)->daddr, &arg, arg.iov[0].iov_len, @@ -1021,7 +1021,7 @@ static void tcp_v4_send_ack(const struct sock *sk, ctl_sk->sk_priority = (sk->sk_state == TCP_TIME_WAIT) ? inet_twsk(sk)->tw_priority : READ_ONCE(sk->sk_priority); transmit_time = tcp_transmit_time(sk); - ip_send_unicast_reply(ctl_sk, + ip_send_unicast_reply(ctl_sk, sk, skb, &TCP_SKB_CB(skb)->header.h4.opt, ip_hdr(skb)->saddr, ip_hdr(skb)->daddr, &arg, arg.iov[0].iov_len,