OpenE2K
/
linux
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
linux/net/sched
History
Eric Dumazet 90b2be27bb net/sched: annotate lockless accesses to qdisc->empty 
KCSAN reported the following race [1]

BUG: KCSAN: data-race in __dev_queue_xmit / net_tx_action

read to 0xffff8880ba403508 of 1 bytes by task 21814 on cpu 1:
 __dev_xmit_skb net/core/dev.c:3389 [inline]
 __dev_queue_xmit+0x9db/0x1b40 net/core/dev.c:3761
 dev_queue_xmit+0x21/0x30 net/core/dev.c:3825
 neigh_hh_output include/net/neighbour.h:500 [inline]
 neigh_output include/net/neighbour.h:509 [inline]
 ip6_finish_output2+0x873/0xec0 net/ipv6/ip6_output.c:116
 __ip6_finish_output net/ipv6/ip6_output.c:142 [inline]
 __ip6_finish_output+0x2d7/0x330 net/ipv6/ip6_output.c:127
 ip6_finish_output+0x41/0x160 net/ipv6/ip6_output.c:152
 NF_HOOK_COND include/linux/netfilter.h:294 [inline]
 ip6_output+0xf2/0x280 net/ipv6/ip6_output.c:175
 dst_output include/net/dst.h:436 [inline]
 ip6_local_out+0x74/0x90 net/ipv6/output_core.c:179
 ip6_send_skb+0x53/0x110 net/ipv6/ip6_output.c:1795
 udp_v6_send_skb.isra.0+0x3ec/0xa70 net/ipv6/udp.c:1173
 udpv6_sendmsg+0x1906/0x1c20 net/ipv6/udp.c:1471
 inet6_sendmsg+0x6d/0x90 net/ipv6/af_inet6.c:576
 sock_sendmsg_nosec net/socket.c:637 [inline]
 sock_sendmsg+0x9f/0xc0 net/socket.c:657
 ___sys_sendmsg+0x2b7/0x5d0 net/socket.c:2311
 __sys_sendmmsg+0x123/0x350 net/socket.c:2413
 __do_sys_sendmmsg net/socket.c:2442 [inline]
 __se_sys_sendmmsg net/socket.c:2439 [inline]
 __x64_sys_sendmmsg+0x64/0x80 net/socket.c:2439
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

write to 0xffff8880ba403508 of 1 bytes by interrupt on cpu 0:
 qdisc_run_begin include/net/sch_generic.h:160 [inline]
 qdisc_run include/net/pkt_sched.h:120 [inline]
 net_tx_action+0x2b1/0x6c0 net/core/dev.c:4551
 __do_softirq+0x115/0x33f kernel/softirq.c:292
 do_softirq_own_stack+0x2a/0x40 arch/x86/entry/entry_64.S:1082
 do_softirq.part.0+0x6b/0x80 kernel/softirq.c:337
 do_softirq kernel/softirq.c:329 [inline]
 __local_bh_enable_ip+0x76/0x80 kernel/softirq.c:189
 local_bh_enable include/linux/bottom_half.h:32 [inline]
 rcu_read_unlock_bh include/linux/rcupdate.h:688 [inline]
 ip6_finish_output2+0x7bb/0xec0 net/ipv6/ip6_output.c:117
 __ip6_finish_output net/ipv6/ip6_output.c:142 [inline]
 __ip6_finish_output+0x2d7/0x330 net/ipv6/ip6_output.c:127
 ip6_finish_output+0x41/0x160 net/ipv6/ip6_output.c:152
 NF_HOOK_COND include/linux/netfilter.h:294 [inline]
 ip6_output+0xf2/0x280 net/ipv6/ip6_output.c:175
 dst_output include/net/dst.h:436 [inline]
 ip6_local_out+0x74/0x90 net/ipv6/output_core.c:179
 ip6_send_skb+0x53/0x110 net/ipv6/ip6_output.c:1795
 udp_v6_send_skb.isra.0+0x3ec/0xa70 net/ipv6/udp.c:1173
 udpv6_sendmsg+0x1906/0x1c20 net/ipv6/udp.c:1471
 inet6_sendmsg+0x6d/0x90 net/ipv6/af_inet6.c:576
 sock_sendmsg_nosec net/socket.c:637 [inline]
 sock_sendmsg+0x9f/0xc0 net/socket.c:657
 ___sys_sendmsg+0x2b7/0x5d0 net/socket.c:2311
 __sys_sendmmsg+0x123/0x350 net/socket.c:2413
 __do_sys_sendmmsg net/socket.c:2442 [inline]
 __se_sys_sendmmsg net/socket.c:2439 [inline]
 __x64_sys_sendmmsg+0x64/0x80 net/socket.c:2439
 do_syscall_64+0xcc/0x370 arch/x86/entry/common.c:290
 entry_SYSCALL_64_after_hwframe+0x44/0xa9

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 21817 Comm: syz-executor.2 Not tainted 5.4.0-rc6+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011

Fixes: d518d2ed86 ("net/sched: fix race between deactivation and dequeue for NOLOCK qdisc")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Cc: Paolo Abeni <pabeni@redhat.com>
Cc: Davide Caratti <dcaratti@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
 		2019-11-08 12:21:55 -08:00
..
Kconfig net/sched: Set default of CONFIG_NET_TC_SKB_EXT to N 2019-09-27 20:08:28 +02:00
Makefile net/sched: Introduce action ct 2019-07-09 12:11:59 -07:00
act_api.c net_sched: add TCA_STATS_PKT64 attribute 2019-11-05 18:20:55 -08:00
act_bpf.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_connmark.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_csum.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_ct.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_ctinfo.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_gact.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_ife.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_ipt.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_meta_mark.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
act_meta_skbprio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
act_meta_skbtcindex.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
act_mirred.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_mpls.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_nat.c icmp: remove duplicate code 2019-11-05 14:03:11 -08:00
act_pedit.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_police.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_sample.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_simple.c net_sched: extend packet counter to 64bit 2019-11-05 18:20:55 -08:00
act_skbedit.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_skbmod.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_tunnel_key.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
act_vlan.c net: sched: update action implementations to support flags 2019-10-30 18:07:51 -07:00
cls_api.c net_sched: fix backward compatibility for TCA_KIND 2019-10-08 16:21:58 -07:00
cls_basic.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_bpf.c net: cls_bpf: fix NULL deref on offload filter removal 2019-11-01 15:16:01 -07:00
cls_cgroup.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_flow.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_flower.c net: sched: flower: don't take rtnl lock for cls hw offloads API 2019-08-26 14:17:43 -07:00
cls_fw.c net: sched: remove NET_CLS_IND config option 2019-06-15 14:06:13 -07:00
cls_matchall.c net: sched: cls_matchall: cleanup flow_action before deallocating 2019-08-30 15:12:05 -07:00
cls_route.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_rsvp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_rsvp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_rsvp6.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cls_tcindex.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
cls_u32.c net: sched: refactor block offloads counter usage 2019-08-26 14:17:43 -07:00
em_canid.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 11 2019-05-21 11:28:45 +02:00
em_cmp.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
em_ipset.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
em_ipt.c net: sched: em_ipt: add support for addrtype matching 2019-06-29 11:15:12 -07:00
em_meta.c net: annotate lockless accesses to sk->sk_max_ack_backlog 2019-11-06 16:14:48 -08:00
em_nbyte.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
em_text.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
em_u32.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ematch.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_api.c net_sched: fix backward compatibility for TCA_KIND 2019-10-08 16:21:58 -07:00
sch_atm.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
sch_blackhole.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_cake.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
sch_cbq.c sch_cbq: validate TCA_CBQ_WRROPT to avoid crash 2019-09-30 11:07:46 -07:00
sch_cbs.c net: sched: cbs: Avoid division by zero when calculating the port rate 2019-10-01 09:51:39 -07:00
sch_choke.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sch_codel.c net: sched: Fix a possible null-pointer dereference in dequeue_func() 2019-07-29 09:46:58 -07:00
sch_drr.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sch_dsmark.c sch_dsmark: fix potential NULL deref in dsmark_init() 2019-10-04 18:28:30 -07:00
sch_etf.c sched: etf: Fix ordering of packets with same txtime 2019-10-15 20:32:04 -07:00
sch_fifo.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_fq.c net_sched: sch_fq: remove one obsolete check in fq_dequeue() 2019-10-15 20:19:20 -07:00
sch_fq_codel.c fq_codel: do not include <linux/jhash.h> 2019-10-22 15:31:42 -07:00
sch_generic.c net/sched: annotate lockless accesses to qdisc->empty 2019-11-08 12:21:55 -08:00
sch_gred.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_hfsc.c netlink: make validation more configurable for future strictness 2019-04-27 17:07:21 -04:00
sch_hhf.c net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
sch_htb.c net: sched: sch_htb: don't call qdisc_put() while holding tree lock 2019-09-27 12:13:55 +02:00
sch_ingress.c net: flow_offload: rename TCF_BLOCK_BINDER_TYPE_* to FLOW_BLOCK_BINDER_TYPE_* 2019-07-09 14:38:50 -07:00
sch_mq.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sch_mqprio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sch_multiq.c net: sched: multiq: don't call qdisc_put() while holding tree lock 2019-09-27 12:13:55 +02:00
sch_netem.c net: netem: correct the parent's backlog when corrupted packet was dropped 2019-10-19 12:12:36 -07:00
sch_pie.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 235 2019-06-19 17:09:07 +02:00
sch_plug.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_prio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_qfq.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
sch_red.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_sfb.c net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
sch_sfq.c net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
sch_skbprio.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_taprio.c net: sched: taprio: fix -Wmissing-prototypes warnings 2019-10-22 13:35:07 -07:00
sch_tbf.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sch_teql.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00