[ Upstream commit e84cb860ac3ce67ec6ecc364433fd5b412c448bc ]
The special C-flag case expects the ADD_ADDR to be received when switching to 'fully-established'. But for various reasons, the ADD_ADDR could be sent after the "4th ACK", and the special case doesn't work.
On NIPA, the new test validating this special case for the C-flag failed a few times, e.g.
102 default limits, server deny join id 0 syn rx [FAIL] got 0 JOIN[s] syn rx expected 2
Server ns stats (...) MPTcpExtAddAddrTx 1 MPTcpExtEchoAdd 1
Client ns stats (...) MPTcpExtAddAddr 1 MPTcpExtEchoAddTx 1
synack rx [FAIL] got 0 JOIN[s] synack rx expected 2 ack rx [FAIL] got 0 JOIN[s] ack rx expected 2 join Rx [FAIL] see above syn tx [FAIL] got 0 JOIN[s] syn tx expected 2 join Tx [FAIL] see above
I had a suspicion about what the issue could be: the ADD_ADDR might have been received after the switch to the 'fully-established' state. The issue was not easy to reproduce. The packet capture shown that the ADD_ADDR can indeed be sent with a delay, and the client would not try to establish subflows to it as expected.
A simple fix is not to mark the endpoints as 'used' in the C-flag case, when looking at creating subflows to the remote initial IP address and port. In this case, there is no need to try.
Note: newly added fullmesh endpoints will still continue to be used as expected, thanks to the conditions behind mptcp_pm_add_addr_c_flag_case.
Fixes: 4b1ff850e0c1 ("mptcp: pm: in-kernel: usable client side with C-flag") Cc: stable@vger.kernel.org Reviewed-by: Geliang Tang geliang@kernel.org Signed-off-by: Matthieu Baerts (NGI0) matttbe@kernel.org Link: https://patch.msgid.link/20251020-net-mptcp-c-flag-late-add-addr-v1-1-820703... Signed-off-by: Jakub Kicinski kuba@kernel.org [ applied to pm_netlink.c instead of pm_kernel.c ] Signed-off-by: Sasha Levin sashal@kernel.org [ I took the version from Sasha from v6.1, and fixed an additional conflict in pm_netlink.c, because commit a88c9e496937 ("mptcp: do not block subflows creation on errors") is not in this version and changed the code around: check_work_pending() is now called directly, followed by a return instead of a goto. ] Signed-off-by: Matthieu Baerts (NGI0) matttbe@kernel.org --- net/mptcp/pm_netlink.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c index df46ca14ce23..e94b78a8b0ef 100644 --- a/net/mptcp/pm_netlink.c +++ b/net/mptcp/pm_netlink.c @@ -532,6 +532,12 @@ static void mptcp_pm_create_subflow_or_signal_addr(struct mptcp_sock *msk) check_work_pending(msk); }
+ /* No need to try establishing subflows to remote id0 if not allowed */ + if (mptcp_pm_add_addr_c_flag_case(msk)) { + check_work_pending(msk); + return; + } + /* check if should create a new subflow */ if (msk->pm.local_addr_used < local_addr_max && msk->pm.subflows < subflows_max &&