From d954f945b3e4022197e875319d4daa00e8551a51 Mon Sep 17 00:00:00 2001
From: Paolo Abeni <pabeni@redhat.com>
Date: Sun, 30 Jul 2023 09:34:12 +0200
Subject: [PATCH] DO-NOT-MERGE: mptcp: improve code coverage for CI

mptcp: use kmalloc on kasan build

  Helps detection UaF, which apparently kasan misses with kmem_cache
  allocator.

  We also need to always set the SOCK_RCU_FREE flag, to preserved the
  current code leveraging SLAB_TYPESAFE_BY_RCU. This latter change will
  make unreachable some existing errors path, but I don't see other
  options.

tcp: warn if tcp_done() is called on a closed socket

  This is an extra check mainly for the CIs: to make sure we don't call
  tcp_done() on an already closed socket as it happened in the past. If
  we do such call, better to catch the error earlier.

Co-developed-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Matthieu Baerts <matthieu.baerts@tessares.net>
Signed-off-by: Paolo Abeni <pabeni@redhat.com>
---
 net/ipv4/tcp.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index aca5620cf3ba20..e0632445b00fec 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -4536,6 +4536,8 @@ void tcp_done(struct sock *sk)
 	 */
 	req = rcu_dereference_protected(tcp_sk(sk)->fastopen_rsk, 1);
 
+	WARN_ON_ONCE(sk->sk_state == TCP_CLOSE);
+
 	if (sk->sk_state == TCP_SYN_SENT || sk->sk_state == TCP_SYN_RECV)
 		TCP_INC_STATS(sock_net(sk), TCP_MIB_ATTEMPTFAILS);