openstlinux/linux-st
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a4e893e802e6a807df2e2f3f660f7399bc7e104e
linux-st/include/net
History
Eric Dumazet ee8d153d46 net: annotate lockless accesses to sk->sk_napi_id 
We already annotated most accesses to sk->sk_napi_id

We missed sk_mark_napi_id() and sk_mark_napi_id_once()
which might be called without socket lock held in UDP stack.

KCSAN reported :
BUG: KCSAN: data-race in udpv6_queue_rcv_one_skb / udpv6_queue_rcv_one_skb

write to 0xffff888121c6d108 of 4 bytes by interrupt on cpu 0:
 sk_mark_napi_id include/net/busy_poll.h:125 [inline]
 __udpv6_queue_rcv_skb net/ipv6/udp.c:571 [inline]
 udpv6_queue_rcv_one_skb+0x70c/0xb40 net/ipv6/udp.c:672
 udpv6_queue_rcv_skb+0xb5/0x400 net/ipv6/udp.c:689
 udp6_unicast_rcv_skb.isra.0+0xd7/0x180 net/ipv6/udp.c:832
 __udp6_lib_rcv+0x69c/0x1770 net/ipv6/udp.c:913
 udpv6_rcv+0x2b/0x40 net/ipv6/udp.c:1015
 ip6_protocol_deliver_rcu+0x22a/0xbe0 net/ipv6/ip6_input.c:409
 ip6_input_finish+0x30/0x50 net/ipv6/ip6_input.c:450
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ip6_input+0x177/0x190 net/ipv6/ip6_input.c:459
 dst_input include/net/dst.h:442 [inline]
 ip6_rcv_finish+0x110/0x140 net/ipv6/ip6_input.c:76
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ipv6_rcv+0x1a1/0x1b0 net/ipv6/ip6_input.c:284
 __netif_receive_skb_one_core+0xa7/0xe0 net/core/dev.c:5010
 __netif_receive_skb+0x37/0xf0 net/core/dev.c:5124
 process_backlog+0x1d3/0x420 net/core/dev.c:5955
 napi_poll net/core/dev.c:6392 [inline]
 net_rx_action+0x3ae/0xa90 net/core/dev.c:6460

write to 0xffff888121c6d108 of 4 bytes by interrupt on cpu 1:
 sk_mark_napi_id include/net/busy_poll.h:125 [inline]
 __udpv6_queue_rcv_skb net/ipv6/udp.c:571 [inline]
 udpv6_queue_rcv_one_skb+0x70c/0xb40 net/ipv6/udp.c:672
 udpv6_queue_rcv_skb+0xb5/0x400 net/ipv6/udp.c:689
 udp6_unicast_rcv_skb.isra.0+0xd7/0x180 net/ipv6/udp.c:832
 __udp6_lib_rcv+0x69c/0x1770 net/ipv6/udp.c:913
 udpv6_rcv+0x2b/0x40 net/ipv6/udp.c:1015
 ip6_protocol_deliver_rcu+0x22a/0xbe0 net/ipv6/ip6_input.c:409
 ip6_input_finish+0x30/0x50 net/ipv6/ip6_input.c:450
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ip6_input+0x177/0x190 net/ipv6/ip6_input.c:459
 dst_input include/net/dst.h:442 [inline]
 ip6_rcv_finish+0x110/0x140 net/ipv6/ip6_input.c:76
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ipv6_rcv+0x1a1/0x1b0 net/ipv6/ip6_input.c:284
 __netif_receive_skb_one_core+0xa7/0xe0 net/core/dev.c:5010
 __netif_receive_skb+0x37/0xf0 net/core/dev.c:5124
 process_backlog+0x1d3/0x420 net/core/dev.c:5955

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 10890 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011

Fixes: e68b6e50fa ("udp: enable busy polling for all sockets")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-10-30 17:34:35 -07:00
..
9p
bluetooth
Bluetooth: Add support for utilizing Fast Advertising Interval
2019-09-05 17:27:21 +02:00
caif
iucv
netfilter
netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush
2019-09-25 11:01:19 +02:00
netns
can: netns: remove "can_" prefix from members struct netns_can
2019-09-04 13:29:14 +02:00
nfc
phonet
sctp
sctp: add chunks to sk_backlog when the newsk sk_socket is not set
2019-10-09 16:27:04 -07:00
tc_act
net: sched: take reference to psample group in flow_action infra
2019-09-16 09:18:03 +02:00
6lowpan.h
act_api.h
net: sched: use get_dev() action API in flow_action infra
2019-09-16 09:18:03 +02:00
addrconf.h
ipv6: Fix return value of ipv6_mc_may_pull() for malformed packets
2019-08-19 17:19:46 -07:00
af_ieee802154.h
af_rxrpc.h
af_unix.h
af_vsock.h
ah.h
arp.h
atmclip.h
ax25.h
ax88796.h
bond_3ad.h
bond_alb.h
bond_options.h
bonding: add an option to specify a delay between peer notifications
2019-07-04 12:30:48 -07:00
bonding.h
net: remove unnecessary variables and callback
2019-10-24 14:53:49 -07:00
bpf_sk_storage.h
bpf: support cloning sk storage on accept()
2019-08-17 23:18:54 +02:00
busy_poll.h
net: annotate lockless accesses to sk->sk_napi_id
2019-10-30 17:34:35 -07:00
calipso.h
cfg80211-wext.h
cfg80211.h
mac80211: fix scan when operating on DFS channels in ETSI domains
2019-10-07 22:10:50 +02:00
cfg802154.h
checksum.h
cipso_ipv4.h
cls_cgroup.h
codel_impl.h
codel_qdisc.h
codel.h
compat.h
datalink.h
dcbevent.h
dcbnl.h
devlink.h
net: devlink: move reload fail indication to devlink core and expose to user
2019-09-13 22:11:14 +02:00
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h
dn_route.h
dn.h
drop_monitor.h
drop_monitor: Add basic infrastructure for hardware drops
2019-08-17 12:40:08 -07:00
dsa.h
net: dsa: Pass ndo_setup_tc slave callback to drivers
2019-09-16 21:32:57 +02:00
dsfield.h
dst_cache.h
dst_metadata.h
dst_ops.h
dst.h
net: dst.h: Fix shifting signed 32-bit value by 31 bits problem
2019-07-01 10:48:34 -07:00
erspan.h
esp.h
ethoc.h
failover.h
fib_notifier.h
fib_rules.h
net: fib_rules: do not flow dissect local packets
2019-07-11 14:22:53 -07:00
firewire.h
flow_dissector.h
net/flow_dissector: switch to siphash
2019-10-23 20:13:22 -07:00
flow_offload.h
net: sched: extend flow_action_entry with destructor
2019-09-16 09:18:02 +02:00
flow.h
fou.h
fq_impl.h
net/flow_dissector: switch to siphash
2019-10-23 20:13:22 -07:00
fq.h
net/flow_dissector: switch to siphash
2019-10-23 20:13:22 -07:00
garp.h
gen_stats.h
genetlink.h
geneve.h
gre.h
gro_cells.h
gtp.h
gue.h
net:gue.h:Fix shifting signed 32-bit value by 31 bits problem
2019-07-01 10:58:23 -07:00
hwbm.h
net: hwbm: if CONFIG_NET_HWBM unset, make stub functions static
2019-10-25 16:24:32 -07:00
icmp.h
ieee80211_radiotap.h
ieee802154_netdev.h
if_inet6.h
ipv6: shrink struct ipv6_mc_socklist
2019-08-28 14:43:03 -07:00
ife.h
ila.h
inet6_connection_sock.h
inet6_hashtables.h
inet_common.h
inet: factor out inet_send_prepare()
2019-07-03 13:51:54 -07:00
inet_connection_sock.h
net/tls: use RCU protection on icsk->icsk_ulp_data
2019-08-31 23:44:28 -07:00
inet_ecn.h
inet_frag.h
inet: frags: re-introduce skb coalescing for local delivery
2019-08-08 15:55:10 -07:00
inet_hashtables.h
inet_sock.h
ip: support SO_MARK cmsg
2019-09-13 21:44:19 +02:00
inet_timewait_sock.h
tcp: honor SO_PRIORITY in TIME_WAIT state
2019-09-27 12:05:02 +02:00
inetpeer.h
ip6_checksum.h
ip6_fib.h
ipv6: Dump route exceptions if requested
2019-06-24 10:18:49 -07:00
ip6_route.h
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2019-06-27 21:06:39 -07:00
ip6_tunnel.h
ip_fib.h
net: Properly update v4 routes with v6 nexthop
2019-09-05 12:35:58 +02:00
ip_tunnels.h
ip_vs.h
ipvs: move old_secure_tcp into struct netns_ipvs
2019-10-24 11:56:02 +02:00
ip.h
ipv4: fix IPSKB_FRAG_PMTU handling with fragmentation
2019-10-21 10:46:42 -07:00
ipcomp.h
ipconfig.h
ipv6_frag.h
ipv6_stubs.h
ipv6.h
ipv6: add priority parameter to ip6_xmit()
2019-09-27 12:05:02 +02:00
ipx.h
iw_handler.h
kcm.h
l3mdev.h
lag.h
lapb.h
lib80211.h
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h
llc: fix sk_buff leak in llc_conn_service()
2019-10-08 13:23:05 -07:00
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
llc.h
lwtunnel.h
mac80211.h
mac80211: allow drivers to set max MTU
2019-09-11 09:33:29 +02:00
mac802154.h
mip6.h
mld.h
mpls_iptunnel.h
mpls.h
mrp.h
ncsi.h
ndisc.h
net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier
2019-07-22 12:10:54 -07:00
neighbour.h
net_failover.h
net_namespace.h
netns: fix GFP flags in rtnl_net_notifyid()
2019-10-25 20:14:42 -07:00
net_ratelimit.h
netevent.h
netlabel.h
netlink.h
netlink: Fix nlmsg_parse as a wrapper for strict message parsing
2019-08-13 20:37:16 -07:00
netprio_cgroup.h
netrom.h
nexthop.h
net: Properly update v4 routes with v6 nexthop
2019-09-05 12:35:58 +02:00
nl802154.h
nsh.h
p8022.h
page_pool.h
net: core: page_pool: add user refcnt and reintroduce page_pool_destroy
2019-07-08 14:58:04 -07:00
ping.h
pkt_cls.h
net: sched: take reference to action dev before calling offloads
2019-08-26 14:17:43 -07:00
pkt_sched.h
Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net
2019-09-17 23:51:10 +02:00
pptp.h
protocol.h
psample.h
net: sched: take reference to psample group in flow_action infra
2019-09-16 09:18:03 +02:00
psnap.h
raw.h
rawv6.h
red.h
regulatory.h
request_sock.h
net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head
2019-10-09 21:34:31 -07:00
rose.h
route.h
ipv4: Revert removal of rt_uses_gateway
2019-09-20 18:23:33 -07:00
rsi_91x.h
rtnetlink.h
rtnh.h
sch_generic.h
sch_netem: fix rcu splat in netem_enqueue()
2019-09-27 10:29:11 +02:00
scm.h
secure_seq.h
seg6_hmac.h
seg6_local.h
seg6.h
slhc_vj.h
smc.h
snmp.h
sock_reuseport.h
udp: correct reuseport selection with connected sockets
2019-09-16 09:02:18 +02:00
sock.h
net: annotate accesses to sk->sk_incoming_cpu
2019-10-30 13:24:25 -07:00
Space.h
stp.h
strparser.h
switchdev.h
tcp_states.h
tcp.h
tcp: annotate sk->sk_rcvbuf lockless reads
2019-10-13 10:13:08 -07:00
timewait_sock.h
tipc.h
tls.h
net/tls: clean up the number of #ifdefs for CONFIG_TLS_DEVICE
2019-09-05 09:49:49 +02:00
transp_v6.h
tso.h
tun_proto.h
udp_tunnel.h
udp.h
udp: Remove unlikely() from IS_ERR*() condition
2019-08-30 19:49:37 -07:00
udplite.h
vsock_addr.h
vxlan.h
vxlan: add adjacent link to limit depth level
2019-10-24 14:53:49 -07:00
wext.h
wimax.h
x25.h
x25device.h
xdp_priv.h
xdp_sock.h
xsk: add support to allow unaligned chunk placement
2019-08-31 01:08:26 +02:00
xdp.h
xfrm.h
xfrm interface: fix management of phydev
2019-07-17 10:03:54 +02:00