From patchwork Mon Mar 29 10:54:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Geliang Tang X-Patchwork-Id: 1459527 X-Patchwork-Delegate: mathew.j.martineau@linux.intel.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.01.org (client-ip=198.145.21.10; helo=ml01.01.org; envelope-from=mptcp-bounces@lists.01.org; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=dKSvRBbQ; dkim-atps=neutral Received: from ml01.01.org (ml01.01.org [198.145.21.10]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4F88cM38Ndz9sVb for ; Mon, 29 Mar 2021 21:55:15 +1100 (AEDT) Received: from ml01.vlan13.01.org (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id 6A641100ED480 for ; Mon, 29 Mar 2021 03:55:13 -0700 (PDT) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=2607:f8b0:4864:20::1031; helo=mail-pj1-x1031.google.com; envelope-from=geliangtang@gmail.com; receiver= Received: from mail-pj1-x1031.google.com (mail-pj1-x1031.google.com [IPv6:2607:f8b0:4864:20::1031]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 0DB87100ED4AE for ; Mon, 29 Mar 2021 03:55:11 -0700 (PDT) Received: by mail-pj1-x1031.google.com with SMTP id w8so5803764pjf.4 for ; Mon, 29 Mar 2021 03:55:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+fnwKaEn4WFRm9/uQhzdU5bCVnr0x2VyGVBlZxje6zY=; b=dKSvRBbQqBXSPpgDD9YTPeaTkN65BYPvlc8s81yZYGolsKlfSulkz6qal5kKHDeGSb FfzqPUgg0wfYEiNnje2tBsbP+3xFq4ZKUCjVzTfmseOWSr7jMaPZs0iZNyuMb/waeGxb lqRoBqLBdHgfBakarmazh5uYCFkQL/Fk9/2NG1zuIaCFnrtn0KhxjODWRrnv9S/adf/c g7bjia8BBsCFBVZa0wlzsH5bMhfTr6TpGfiKP6wTMUWr3x6qoeyMP8MmDt23i06xCxjo 3BgOQZvjRutcUzkPTC8L+LdA5FbKLD4ghQAo5aT1xkL4vwroTbOWTfogaeMcJ9M0wteO RBbw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+fnwKaEn4WFRm9/uQhzdU5bCVnr0x2VyGVBlZxje6zY=; b=k8M0bQrxEFdyLNL4OrnWQwC0GR58UE4YPjc+4At2jLkV+Vz0YidoeWR3DXwsW3SDDt DTjum2eQwbN7tC8FISkNoyhRGZoWziAdc0FrTR40iqFbemBeyoZ004nRGIHyNAOKDu6Y CcnxEYJKCdW7y4ijOgOdyz6bZV1HiluI3j0hn1bLTw8MpUmjVXecHZRNjOaBD+B/pNOW +geCB8w2oMD6MiEamXRjzXRzdal+l/QXquuI1ItaT+T7QDhr1a9Lr61plL4tyNUTaspF KEmAOIK4rfpAbBxRA+Jyh0Tzs4o6auI6Ia3UH8Te10vOO/hODyT39IHMvUcsjq+CVlAH p6ig== X-Gm-Message-State: AOAM533rJYb3Reb5ya7hih6i2vYoclAsxsMrko3Mfbje/Q50MOGx7S64 E7V0Ipqfbnx5Pe35x09f5me+MULxIppAag== X-Google-Smtp-Source: ABdhPJyfjqpEqyicpWphUwOplqkU3/srfG4ndccThc+fIVvn+i7eS42BcFXf86YfFEv82565PQgYpg== X-Received: by 2002:a17:902:9a45:b029:e6:1444:5287 with SMTP id x5-20020a1709029a45b02900e614445287mr28121426plv.54.1617015310326; Mon, 29 Mar 2021 03:55:10 -0700 (PDT) Received: from localhost ([43.224.245.180]) by smtp.gmail.com with ESMTPSA id 132sm17004951pfu.158.2021.03.29.03.55.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 29 Mar 2021 03:55:09 -0700 (PDT) From: Geliang Tang To: mptcp@lists.01.org Date: Mon, 29 Mar 2021 18:54:17 +0800 Message-Id: <07856073b42a0343f81e6b6e468d6965b693fc5d.1617014019.git.geliangtang@gmail.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <4a289b981d90fcfda872ade12ec94d27d47bc01f.1617014019.git.geliangtang@gmail.com> References: <26ccf630ac9be0aee87f4ccfcefc46515c9d61e8.1617014019.git.geliangtang@gmail.com> <14b6923c9fd052b140d5af261dfd2575d94b3e05.1617014019.git.geliangtang@gmail.com> <08ab4ce9f13e954b45d24c9e7842f7a6a9798d54.1617014019.git.geliangtang@gmail.com> <1c0a240472edcc1afbcb822bd9af3cf03800759e.1617014019.git.geliangtang@gmail.com> <4c7e346e9d1005e8838dd8cf742d8324ef7553c0.1617014019.git.geliangtang@gmail.com> <4a289b981d90fcfda872ade12ec94d27d47bc01f.1617014019.git.geliangtang@gmail.com> MIME-Version: 1.0 Message-ID-Hash: IH5KDLJHBHIGQ4CBP5HPQVOZGIARZWGI X-Message-ID-Hash: IH5KDLJHBHIGQ4CBP5HPQVOZGIARZWGI X-MailFrom: geliangtang@gmail.com X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation CC: Geliang Tang X-Mailman-Version: 3.1.1 Precedence: list Subject: [MPTCP] [MPTCP][PATCH v2 mptcp-next 10/16] mptcp: validate the data checksum List-Id: Discussions regarding MPTCP upstreaming Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: This patch add three new members named data_csum, csum_len and map_csum in struct mptcp_subflow_context, implemented a new function named mptcp_validate_data_checksum(). Validate the data checksum in the function __mptcp_move_skbs_from_subflow. Signed-off-by: Geliang Tang --- net/mptcp/protocol.c | 35 +++++++++++++++++++++++++++++++++++ net/mptcp/protocol.h | 3 +++ net/mptcp/subflow.c | 7 +++++-- 3 files changed, 43 insertions(+), 2 deletions(-) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 436969d95e36..0b4ab35e234a 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -532,6 +532,35 @@ static bool mptcp_check_data_fin(struct sock *sk) return ret; } +static bool mptcp_validate_data_checksum(struct sock *ssk) +{ + struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); + struct mptcp_sock *msk = mptcp_sk(subflow->conn); + struct csum_pseudo_header header; + __wsum csum; + + if (__mptcp_check_fallback(msk)) + goto out; + + if (subflow->csum_len < subflow->map_data_len) + goto out; + + header.data_seq = subflow->map_seq; + header.subflow_seq = subflow->map_subflow_seq; + header.data_len = subflow->map_data_len; + header.csum = subflow->map_csum; + + csum = csum_partial(&header, sizeof(header), subflow->data_csum); + + if (csum_fold(csum)) + return false; + subflow->data_csum = 0; + subflow->csum_len = 0; + +out: + return true; +} + static bool __mptcp_move_skbs_from_subflow(struct mptcp_sock *msk, struct sock *ssk, unsigned int *bytes) @@ -600,6 +629,12 @@ static bool __mptcp_move_skbs_from_subflow(struct mptcp_sock *msk, if (tp->urg_data) done = true; + if (READ_ONCE(msk->csum_enabled)) { + subflow->data_csum = skb_checksum(skb, offset, len, + subflow->data_csum); + subflow->csum_len += len; + mptcp_validate_data_checksum(ssk); + } if (__mptcp_move_skb(msk, ssk, skb, offset, len)) moved += len; seq += len; diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 6be10ebabcd5..d4bf264d16cc 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -394,6 +394,9 @@ struct mptcp_subflow_context { u32 map_subflow_seq; u32 ssn_offset; u32 map_data_len; + __wsum data_csum; + u32 csum_len; + __sum16 map_csum; u32 request_mptcp : 1, /* send MP_CAPABLE */ request_join : 1, /* send MP_JOIN */ request_bkup : 1, diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 75664da251a6..df7ad478bb2e 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -944,9 +944,12 @@ static enum mapping_status get_mapping_status(struct sock *ssk, subflow->map_data_len = data_len; subflow->map_valid = 1; subflow->mpc_map = mpext->mpc_map; - pr_debug("new map seq=%llu subflow_seq=%u data_len=%u", + subflow->data_csum = 0; + subflow->csum_len = 0; + subflow->map_csum = mpext->csum; + pr_debug("new map seq=%llu subflow_seq=%u data_len=%u csum=%u", subflow->map_seq, subflow->map_subflow_seq, - subflow->map_data_len); + subflow->map_data_len, subflow->map_csum); validate_seq: /* we revalidate valid mapping on new skb, because we must ensure