From patchwork Thu Apr 28 23:24:32 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Craig Gallek X-Patchwork-Id: 616537 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3qwtFz6PT9z9t7R for ; Fri, 29 Apr 2016 09:24:39 +1000 (AEST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752701AbcD1XYh (ORCPT ); Thu, 28 Apr 2016 19:24:37 -0400 Received: from mail-ig0-f173.google.com ([209.85.213.173]:35617 "EHLO mail-ig0-f173.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752639AbcD1XYg (ORCPT ); Thu, 28 Apr 2016 19:24:36 -0400 Received: by mail-ig0-f173.google.com with SMTP id bi2so7129575igb.0 for ; Thu, 28 Apr 2016 16:24:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=xL3CLjWRhhX4TijIShav0nKR2x4shGcqB8zuDOMaygs=; b=gjYNqPdL4VFbkASbHpXo7nZZMRjW9YoHMD1VVqJn6ONlYud19/bNKfPKV/PdKpHL8r LxqflrjtiIIORKxx4W/f101yqPQCGJNTtglxmzC+pdreeeqAh9Dy7XQj1BDyax3ihB/H 2lBRXpdzgnrJSpynTyBb9YSVqtncAG9DW1SDCAKQSYAzAu8zc6OdLvxuxuhpe4g9LaOe lldPezY6rwjw8SMngkXTY7xCR3ss9ALyZiNnVAoVTucVKlkBqbzW82FsFMTVqokkYDNF GPXbgmqN2b12vDU1QServQZzgykWrvwhket5Wdo1uzeTvdpG6myWdzusU2Hz7fGimz8J rgWA== X-Gm-Message-State: AOPr4FUOyZkGsisxPLwP2IyhkhB0ALK/8BkhFr8FYhHv6eZZyMBD8qCJm3heL7hTQlYok6UC X-Received: by 10.50.132.36 with SMTP id or4mr614363igb.23.1461885875528; Thu, 28 Apr 2016 16:24:35 -0700 (PDT) Received: from cgallek-warp18.nyc.corp.google.com ([172.29.18.56]) by smtp.gmail.com with ESMTPSA id b67sm8601445iob.33.2016.04.28.16.24.34 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 28 Apr 2016 16:24:34 -0700 (PDT) From: Craig Gallek To: davem@davemloft.net Cc: netdev@vger.kernel.org Subject: [PATCH v3 net] soreuseport: Fix TCP listener hash collision Date: Thu, 28 Apr 2016 19:24:32 -0400 Message-Id: <1461885872-27358-1-git-send-email-kraigatgoog@gmail.com> X-Mailer: git-send-email 2.8.0.rc3.226.g39d4020 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Craig Gallek I forgot to include a check for listener port equality when deciding if two sockets should belong to the same reuseport group. This was not caught previously because it's only necessary when two listening sockets for the same user happen to hash to the same listener bucket. The same error does not exist in the UDP path. Fixes: c125e80b8868("soreuseport: fast reuseport TCP socket selection") Signed-off-by: Craig Gallek Acked-by: Eric Dumazet --- v3 Changes - Eric pointed out that the net namespace check isn't necessary when comparing bucket pointers. They can not be equal across namespaces. v2 Changes - Suggestions from Eric Dumazet to include network namespace equality check and to avoid a dreference by simply checking inet_bind_bucket pointer equality. --- net/ipv4/inet_hashtables.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/net/ipv4/inet_hashtables.c b/net/ipv4/inet_hashtables.c index bc68eced0105..0d9e9d7bb029 100644 --- a/net/ipv4/inet_hashtables.c +++ b/net/ipv4/inet_hashtables.c @@ -470,6 +470,7 @@ static int inet_reuseport_add_sock(struct sock *sk, const struct sock *sk2, bool match_wildcard)) { + struct inet_bind_bucket *tb = inet_csk(sk)->icsk_bind_hash; struct sock *sk2; struct hlist_nulls_node *node; kuid_t uid = sock_i_uid(sk); @@ -479,6 +480,7 @@ static int inet_reuseport_add_sock(struct sock *sk, sk2->sk_family == sk->sk_family && ipv6_only_sock(sk2) == ipv6_only_sock(sk) && sk2->sk_bound_dev_if == sk->sk_bound_dev_if && + inet_csk(sk2)->icsk_bind_hash == tb && sk2->sk_reuseport && uid_eq(uid, sock_i_uid(sk2)) && saddr_same(sk, sk2, false)) return reuseport_add_sock(sk, sk2);