archives/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-03-13 22:36:17 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
linux/net/mptcp
History
Paolo Abeni ffb8c27b05 mptcp: avoid deadlock on fallback while reinjecting 
Jakub reported an MPTCP deadlock at fallback time:

 WARNING: possible recursive locking detected
 6.18.0-rc7-virtme #1 Not tainted
 --------------------------------------------
 mptcp_connect/20858 is trying to acquire lock:
 ff1100001da18b60 (&msk->fallback_lock){+.-.}-{3:3}, at: __mptcp_try_fallback+0xd8/0x280

 but task is already holding lock:
 ff1100001da18b60 (&msk->fallback_lock){+.-.}-{3:3}, at: __mptcp_retrans+0x352/0xaa0

 other info that might help us debug this:
  Possible unsafe locking scenario:

        CPU0
        ----
   lock(&msk->fallback_lock);
   lock(&msk->fallback_lock);

  *** DEADLOCK ***

  May be due to missing lock nesting notation

 3 locks held by mptcp_connect/20858:
  #0: ff1100001da18290 (sk_lock-AF_INET){+.+.}-{0:0}, at: mptcp_sendmsg+0x114/0x1bc0
  #1: ff1100001db40fd0 (k-sk_lock-AF_INET#2){+.+.}-{0:0}, at: __mptcp_retrans+0x2cb/0xaa0
  #2: ff1100001da18b60 (&msk->fallback_lock){+.-.}-{3:3}, at: __mptcp_retrans+0x352/0xaa0

 stack backtrace:
 CPU: 0 UID: 0 PID: 20858 Comm: mptcp_connect Not tainted 6.18.0-rc7-virtme #1 PREEMPT(full)
 Hardware name: Bochs, BIOS Bochs 01/01/2011
 Call Trace:
  <TASK>
  dump_stack_lvl+0x6f/0xa0
  print_deadlock_bug.cold+0xc0/0xcd
  validate_chain+0x2ff/0x5f0
  __lock_acquire+0x34c/0x740
  lock_acquire.part.0+0xbc/0x260
  _raw_spin_lock_bh+0x38/0x50
  __mptcp_try_fallback+0xd8/0x280
  mptcp_sendmsg_frag+0x16c2/0x3050
  __mptcp_retrans+0x421/0xaa0
  mptcp_release_cb+0x5aa/0xa70
  release_sock+0xab/0x1d0
  mptcp_sendmsg+0xd5b/0x1bc0
  sock_write_iter+0x281/0x4d0
  new_sync_write+0x3c5/0x6f0
  vfs_write+0x65e/0xbb0
  ksys_write+0x17e/0x200
  do_syscall_64+0xbb/0xfd0
  entry_SYSCALL_64_after_hwframe+0x4b/0x53
 RIP: 0033:0x7fa5627cbc5e
 Code: 4d 89 d8 e8 14 bd 00 00 4c 8b 5d f8 41 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 11 c9 c3 0f 1f 80 00 00 00 00 48 8b 45 10 0f 05 <c9> c3 83 e2 39 83 fa 08 75 e7 e8 13 ff ff ff 0f 1f 00 f3 0f 1e fa
 RSP: 002b:00007fff1fe14700 EFLAGS: 00000202 ORIG_RAX: 0000000000000001
 RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00007fa5627cbc5e
 RDX: 0000000000001f9c RSI: 00007fff1fe16984 RDI: 0000000000000005
 RBP: 00007fff1fe14710 R08: 0000000000000000 R09: 0000000000000000
 R10: 0000000000000000 R11: 0000000000000202 R12: 00007fff1fe16920
 R13: 0000000000002000 R14: 0000000000001f9c R15: 0000000000001f9c

The packet scheduler could attempt a reinjection after receiving an
MP_FAIL and before the infinite map has been transmitted, causing a
deadlock since MPTCP needs to do the reinjection atomically from WRT
fallback.

Address the issue explicitly avoiding the reinjection in the critical
scenario. Note that this is the only fallback critical section that
could potentially send packets and hit the double-lock.

Reported-by: Jakub Kicinski <kuba@kernel.org>
Closes: https://netdev-ctrl.bots.linux.dev/logs/vmksft/mptcp-dbg/results/412720/1-mptcp-join-sh/stderr
Fixes: f8a1d9b18c ("mptcp: make fallback action and fallback decision atomic")
Cc: stable@vger.kernel.org
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Reviewed-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Signed-off-by: Matthieu Baerts (NGI0) <matttbe@kernel.org>
Link: https://patch.msgid.link/20251205-net-mptcp-misc-fixes-6-19-rc1-v1-4-9e4781a6c1b8@kernel.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2025-12-08 23:54:03 -08:00
..
bpf.c bpf: Add update_socket_protocol hook 2023-08-16 10:22:16 -07:00
crypto.c mptcp: use HMAC-SHA256 library instead of open-coded HMAC 2025-09-03 15:08:20 -07:00
crypto_test.c mptcp: fill in missing MODULE_DESCRIPTION() 2023-12-17 20:54:22 +00:00
ctrl.c mptcp: reset blackhole on success with non-loopback ifaces 2025-09-19 07:06:19 -07:00
diag.c tcp: ulp: diag: more info without CAP_NET_ADMIN 2025-03-07 19:39:53 -08:00
fastopen.c mptcp: borrow forward memory from subflow 2025-11-24 19:49:42 -08:00
Kconfig mptcp: select CRYPTO_LIB_UTILS instead of CRYPTO 2025-12-08 23:44:16 -08:00
Makefile mptcp: pm: split in-kernel PM specific code 2025-03-10 13:35:50 -07:00
mib.c mptcp: borrow forward memory from subflow 2025-11-24 19:49:42 -08:00
mib.h mptcp: borrow forward memory from subflow 2025-11-24 19:49:42 -08:00
mptcp_diag.c mptcp: introduce mptcp-level backlog 2025-11-24 19:49:43 -08:00
mptcp_pm_gen.c tools: ynl-gen: add regeneration comment 2025-11-25 19:20:42 -08:00
mptcp_pm_gen.h tools: ynl-gen: add regeneration comment 2025-11-25 19:20:42 -08:00
options.c mptcp: avoid unneeded subflow-level drops 2025-11-19 20:07:14 -08:00
pm.c mptcp: ensure the kernel PM does not take action too late 2025-11-24 19:49:42 -08:00
pm_kernel.c mptcp: ensure the kernel PM does not take action too late 2025-11-24 19:49:42 -08:00
pm_netlink.c mptcp: pm: ignore unknown endpoint flags 2025-12-08 23:54:02 -08:00
pm_userspace.c mptcp: pm: rename 'subflows' to 'extra_subflows' 2025-09-26 17:44:04 -07:00
protocol.c mptcp: avoid deadlock on fallback while reinjecting 2025-12-08 23:54:03 -08:00
protocol.h tcp: introduce icsk->icsk_keepalive_timer 2025-11-25 19:28:29 -08:00
sched.c mptcp: sched: split validation part 2025-04-15 08:21:46 -07:00
sockopt.c mptcp: pm: in-kernel: record fullmesh endp nb 2025-11-04 17:15:06 -08:00
subflow.c mptcp: cleanup fallback dummy mapping generation 2025-11-24 19:49:41 -08:00
syncookies.c mptcp: don't return sockets in foreign netns 2021-09-24 10:51:36 +01:00
token.c mptcp: add statistics for mptcp socket in use 2023-01-09 07:30:50 +00:00
token_test.c mptcp: token kunit: set protocol 2024-02-26 18:42:12 -08:00