diff options
author | Xin Long <lucien.xin@gmail.com> | 2017-02-17 16:35:24 +0800 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-02-19 18:19:37 -0500 |
commit | cd2b708750582e327789d8fb07c6eb5f79f7759f (patch) | |
tree | d30cc71ebfccb529e703cf42605c9217adb47117 /net/sctp | |
parent | 7e1392fb94a7f35421eca52bedead284429f4fed (diff) | |
download | linux-cd2b708750582e327789d8fb07c6eb5f79f7759f.tar.bz2 |
sctp: check duplicate node before inserting a new transport
sctp has changed to use rhlist for transport rhashtable since commit
7fda702f9315 ("sctp: use new rhlist interface on sctp transport
rhashtable").
But rhltable_insert_key doesn't check the duplicate node when inserting
a node, unlike rhashtable_lookup_insert_key. It may cause duplicate
assoc/transport in rhashtable. like:
client (addr A, B) server (addr X, Y)
connect to X INIT (1)
------------>
connect to Y INIT (2)
------------>
INIT_ACK (1)
<------------
INIT_ACK (2)
<------------
After sending INIT (2), one transport will be created and hashed into
rhashtable. But when receiving INIT_ACK (1) and processing the address
params, another transport will be created and hashed into rhashtable
with the same addr Y and EP as the last transport. This will confuse
the assoc/transport's lookup.
This patch is to fix it by returning err if any duplicate node exists
before inserting it.
Fixes: 7fda702f9315 ("sctp: use new rhlist interface on sctp transport rhashtable")
Reported-by: Fabio M. Di Nitto <fdinitto@redhat.com>
Signed-off-by: Xin Long <lucien.xin@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/sctp')
-rw-r--r-- | net/sctp/input.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/net/sctp/input.c b/net/sctp/input.c index 704ad19c1565..fc458968fe4b 100644 --- a/net/sctp/input.c +++ b/net/sctp/input.c @@ -872,6 +872,8 @@ void sctp_transport_hashtable_destroy(void) int sctp_hash_transport(struct sctp_transport *t) { + struct sctp_transport *transport; + struct rhlist_head *tmp, *list; struct sctp_hash_cmp_arg arg; int err; @@ -882,8 +884,19 @@ int sctp_hash_transport(struct sctp_transport *t) arg.paddr = &t->ipaddr; arg.lport = htons(t->asoc->base.bind_addr.port); + list = rhltable_lookup(&sctp_transport_hashtable, &arg, + sctp_hash_params); + + rhl_for_each_entry_rcu(transport, tmp, list, node) + if (transport->asoc->ep == t->asoc->ep) { + err = -EEXIST; + goto out; + } + err = rhltable_insert_key(&sctp_transport_hashtable, &arg, &t->node, sctp_hash_params); + +out: if (err) pr_err_once("insert transport fail, errno %d\n", err); |