From patchwork Thu Apr 28 21:07:41 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Craig Gallek X-Patchwork-Id: 616427 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3qwqD472Wlz9t8t for ; Fri, 29 Apr 2016 07:07:48 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753525AbcD1VHq (ORCPT ); Thu, 28 Apr 2016 17:07:46 -0400 Received: from mail-ig0-f179.google.com ([209.85.213.179]:38727 "EHLO mail-ig0-f179.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753070AbcD1VHp (ORCPT ); Thu, 28 Apr 2016 17:07:45 -0400 Received: by mail-ig0-f179.google.com with SMTP id m9so3744598ige.1 for ; Thu, 28 Apr 2016 14:07:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=mPSPZGR9a3frL7iK1AHKj+Xrb7BLfYa+uQhaHrMfF4M=; b=jAMGqAEYa2NHiimxiUiF9cvRF3aXLo39raK/iyGzIcKxRKJ+4m30Jcec6XvwogEXIq +HVsZmspmeKoX0CLwTrm4cSnZ9+5VZEgToS26N9fnRhvPN17FNSSNi3U5xzzs95O0zRo aQzOQF3t61C7wxK2xXbqyzUx4IS6tfTmwv40MnPAqOL23Az5Vv3A9cYblvRT/WLZQ7q/ lqZgYZSCJkSOVE62HJLqUEZkj1ha9hy6GBTfVgVCSDpIHPXJG2SL3VWTXtY55WU+nAPQ YQMuAK9dVyJ+B/HrjXLWyGga1XqRx2iKFkk0a+dvrd2vS8yxKdCmceKsqvZMLgX2hXLV oNrQ== X-Gm-Message-State: AOPr4FVAlLNmOWLIwhDRdiKawPNPALEImy5/3KDA0TDFa2+p9Ugvz8VcimCF7FdbYwhDPGdd X-Received: by 10.50.154.10 with SMTP id vk10mr12968igb.15.1461877664459; Thu, 28 Apr 2016 14:07:44 -0700 (PDT) Received: from cgallek-warp18.nyc.corp.google.com ([172.29.18.56]) by smtp.gmail.com with ESMTPSA id k4sm8253823igf.11.2016.04.28.14.07.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Apr 2016 14:07:42 -0700 (PDT) From: Craig Gallek To: davem@davemloft.net Cc: netdev@vger.kernel.org Subject: [PATCH v2 net] soreuseport: Fix TCP listener hash collision Date: Thu, 28 Apr 2016 17:07:41 -0400 Message-Id: <1461877661-21282-1-git-send-email-kraigatgoog@gmail.com> X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Craig Gallek I forgot to include a check for listener port equality when deciding if two sockets should belong to the same reuseport group. This was not caught previously because it's only necessary when two listening sockets for the same user happen to hash to the same listener bucket. This change also includes a check for network namespace equality. The same error does not exist in the UDP path. Fixes: c125e80b8868("soreuseport: fast reuseport TCP socket selection") Signed-off-by: Craig Gallek Acked-by: Eric Dumazet --- v2 Changes - Suggestions from Eric Dumazet to include network namespace equality check and to avoid a dreference by simply checking inet_bind_bucket pointer equality. --- net/ipv4/inet_hashtables.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index bc68eced0105..5c5658268d5e 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -470,15 +470,19 @@ static int inet_reuseport_add_sock(struct sock *sk, const struct sock *sk2, bool match_wildcard)) { + struct inet_bind_bucket *tb = inet_csk(sk)->icsk_bind_hash; + struct net *net = sock_net(sk); struct sock *sk2; struct hlist_nulls_node *node; kuid_t uid = sock_i_uid(sk); sk_nulls_for_each_rcu(sk2, node, &ilb->head) { - if (sk2 != sk && + if (net_eq(sock_net(sk2), net) && + sk2 != sk && sk2->sk_family == sk->sk_family && ipv6_only_sock(sk2) == ipv6_only_sock(sk) && sk2->sk_bound_dev_if == sk->sk_bound_dev_if && + inet_csk(sk2)->icsk_bind_hash == tb && sk2->sk_reuseport && uid_eq(uid, sock_i_uid(sk2)) && saddr_same(sk, sk2, false)) return reuseport_add_sock(sk, sk2);