Kernel/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2025-01-04 04:06:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ae53d09f11
linux-stable/net
History
Eric Dumazet ae53d09f11 genetlink: hold RCU in genlmsg_mcast() 
[ Upstream commit 56440d7ec2 ]

While running net selftests with CONFIG_PROVE_RCU_LIST=y I saw
one lockdep splat [1].

genlmsg_mcast() uses for_each_net_rcu(), and must therefore hold RCU.

Instead of letting all callers guard genlmsg_multicast_allns()
with a rcu_read_lock()/rcu_read_unlock() pair, do it in genlmsg_mcast().

This also means the @flags parameter is useless, we need to always use
GFP_ATOMIC.

[1]
[10882.424136] =============================
[10882.424166] WARNING: suspicious RCU usage
[10882.424309] 6.12.0-rc2-virtme #1156 Not tainted
[10882.424400] -----------------------------
[10882.424423] net/netlink/genetlink.c:1940 RCU-list traversed in non-reader section!!
[10882.424469]
other info that might help us debug this:

[10882.424500]
rcu_scheduler_active = 2, debug_locks = 1
[10882.424744] 2 locks held by ip/15677:
[10882.424791] #0: ffffffffb6b491b0 (cb_lock){++++}-{3:3}, at: genl_rcv (net/netlink/genetlink.c:1219)
[10882.426334] #1: ffffffffb6b49248 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209)
[10882.426465]
stack backtrace:
[10882.426805] CPU: 14 UID: 0 PID: 15677 Comm: ip Not tainted 6.12.0-rc2-virtme #1156
[10882.426919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[10882.427046] Call Trace:
[10882.427131]  <TASK>
[10882.427244] dump_stack_lvl (lib/dump_stack.c:123)
[10882.427335] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)
[10882.427387] genlmsg_multicast_allns (net/netlink/genetlink.c:1940 (discriminator 7) net/netlink/genetlink.c:1977 (discriminator 7))
[10882.427436] l2tp_tunnel_notify.constprop.0 (net/l2tp/l2tp_netlink.c:119) l2tp_netlink
[10882.427683] l2tp_nl_cmd_tunnel_create (net/l2tp/l2tp_netlink.c:253) l2tp_netlink
[10882.427748] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1115)
[10882.427834] genl_rcv_msg (net/netlink/genetlink.c:1195 net/netlink/genetlink.c:1210)
[10882.427877] ? __pfx_l2tp_nl_cmd_tunnel_create (net/l2tp/l2tp_netlink.c:186) l2tp_netlink
[10882.427927] ? __pfx_genl_rcv_msg (net/netlink/genetlink.c:1201)
[10882.427959] netlink_rcv_skb (net/netlink/af_netlink.c:2551)
[10882.428069] genl_rcv (net/netlink/genetlink.c:1220)
[10882.428095] netlink_unicast (net/netlink/af_netlink.c:1332 net/netlink/af_netlink.c:1357)
[10882.428140] netlink_sendmsg (net/netlink/af_netlink.c:1901)
[10882.428210] ____sys_sendmsg (net/socket.c:729 (discriminator 1) net/socket.c:744 (discriminator 1) net/socket.c:2607 (discriminator 1))

Fixes: 33f72e6f0c ("l2tp : multicast notification to the registered listeners")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: James Chapman <jchapman@katalix.com>
Cc: Tom Parkin <tparkin@katalix.com>
Cc: Johannes Berg <johannes.berg@intel.com>
Link: https://patch.msgid.link/20241011171217.3166614-1-edumazet@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-11-01 01:56:00 +01:00
..
6lowpan net: 6lowpan: constify lowpan_nhc structures 2022-06-09 21:53:28 +02:00
9p net/9p: fix uninit-value in p9_client_rpc() 2024-06-16 13:41:38 +02:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2022-12-31 13:33:02 +01:00
8021q vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING 2024-01-31 16:17:04 -08:00
appletalk appletalk: Fix Use-After-Free in atalk_ioctl 2023-12-20 17:00:19 +01:00
atm atm: Fix Use-After-Free in do_vcc_ioctl 2023-12-20 17:00:17 +01:00
ax25 ax25: Replace kfree() in ax25_dev_free() with ax25_dev_put() 2024-06-21 14:35:32 +02:00
batman-adv batman-adv: Don't accept TT entries for out-of-spec VIDs 2024-07-05 09:31:58 +02:00
bluetooth Bluetooth: ISO: Fix multiple init when debugfs is disabled 2024-10-22 15:56:48 +02:00
bpf bpf: Set run context for rawtp test_run callback 2024-06-21 14:35:33 +02:00
bpfilter uaccess: remove CONFIG_SET_FS 2022-02-25 09:36:06 +01:00
bridge netfilter: br_netfilter: fix panic with metadata_dst skb 2024-10-17 15:22:19 +02:00
caif net: caif: Fix use-after-free in cfusbl_device_notify() 2023-03-17 08:50:24 +01:00
can can: bcm: Clear bo->bcm_proc_read after remove_proc_entry(). 2024-10-17 15:20:42 +02:00
ceph libceph: fix race between delayed_work() and ceph_monc_stop() 2024-07-18 13:18:41 +02:00
core bpf: Make sure internal and UAPI bpf_redirect flags don't overlap 2024-11-01 01:55:56 +01:00
dcb net: dcb: choose correct policy to parse DCB_ATTR_BCN 2023-08-11 12:08:17 +02:00
dccp tcp/dccp: do not care about families in inet_twsk_purge() 2024-08-29 17:30:44 +02:00
devlink devlink: bump the instance index directly when iterating 2024-10-22 15:56:43 +02:00
dns_resolver keys, dns: Fix size check of V1 server-list header 2024-01-25 15:27:38 -08:00
dsa net: mscc: ocelot: use ocelot_xmit_get_vlan_info() also for FDMA and register injection 2024-08-29 17:30:43 +02:00
ethernet ethernet: Add helper for assigning packet type when dest address does not match device address 2024-05-02 16:29:29 +02:00
ethtool ethtool: check device is present when getting link settings 2024-09-04 13:25:01 +02:00
hsr hsr: Simplify code for announcing HSR nodes timer setup 2024-05-17 11:56:13 +02:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-10-07 09:29:17 +02:00
ife net: sched: ife: fix potential use-after-free 2024-01-01 12:38:56 +00:00
ipv4 tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). 2024-11-01 01:56:00 +01:00
ipv6 netfilter: fib: check correct rtable in vrf setups 2024-10-17 15:22:22 +02:00
iucv s390/iucv: fix receive buffer virtual vs physical address confusion 2024-08-29 17:30:39 +02:00
kcm kcm: Serialise kcm_sendmsg() for the same socket. 2024-08-29 17:30:44 +02:00
key net: af_key: fix sadb_x_filter validation 2023-08-23 17:52:32 +02:00
l2tp genetlink: hold RCU in genlmsg_mcast() 2024-11-01 01:56:00 +01:00
l3mdev l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu 2022-04-15 14:27:24 -07:00
lapb
llc llc: call sock_orphan() at release time 2024-02-05 20:13:01 +00:00
mac80211 wifi: mac80211: Avoid address calculations via out of bounds array indexing 2024-10-17 15:22:24 +02:00
mac802154 net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() 2024-07-25 09:49:17 +02:00
mctp mctp: Handle error of rtnl_register_module(). 2024-10-17 15:22:23 +02:00
mpls net: mpls: error out if inner headers are not set 2024-04-13 13:05:27 +02:00
mptcp mptcp: prevent MPC handshake on port-based signal endpoints 2024-10-22 15:56:51 +02:00
ncsi net/ncsi: Fix the multi thread manner of NCSI driver 2024-06-21 14:35:33 +02:00
netfilter netfilter: xtables: avoid NFPROTO_UNSPEC where needed 2024-10-17 15:22:22 +02:00
netlabel calipso: fix memory leak in netlbl_calipso_add_pass() 2024-01-25 15:27:20 -08:00
netlink genetlink: hold RCU in genlmsg_mcast() 2024-11-01 01:56:00 +01:00
netrom netrom: Fix a memory leak in nr_heartbeat_expiry() 2024-06-27 13:46:18 +02:00
nfc nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() 2024-06-12 11:03:53 +02:00
nsh nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). 2024-05-17 11:55:59 +02:00
openvswitch openvswitch: Set the skbuff pkt_type for proper pmtud support. 2024-06-12 11:03:51 +02:00
packet af_packet: Handle outgoing VLAN packets without hardware offloading 2024-08-03 08:49:31 +02:00
phonet phonet: fix rtm_phonet_notify() skb allocation 2024-05-17 11:56:12 +02:00
psample psample: Require 'CAP_NET_ADMIN' when joining "packets" group 2023-12-13 18:39:11 +01:00
qrtr net: qrtr: Update packets cloning when broadcasting 2024-10-17 15:21:13 +02:00
rds net:rds: Fix possible deadlock in rds_message_put 2024-08-29 17:30:20 +02:00
rfkill net: rfkill: gpio: set GPIO direction 2024-01-01 12:39:04 +00:00
rose net/rose: fix races in rose_kill_by_device() 2024-01-01 12:38:57 +00:00
rxrpc rxrpc: Fix response to PING RESPONSE ACKs to a dead call 2024-02-16 19:06:27 +01:00
sched net/sched: accept TCA_STAB only for root qdisc 2024-10-17 15:22:22 +02:00
sctp sctp: ensure sk_state is set to CLOSED if hashing fails in sctp_listen_start 2024-10-17 15:22:22 +02:00
smc net/smc: Fix searching in list of known pnetids in smc_pnet_add_pnetid 2024-11-01 01:55:59 +01:00
strparser strparser: pad sk_skb_cb to avoid straddling cachelines 2022-07-08 18:38:44 -07:00
sunrpc sunrpc: use the struct net as the svc proc private 2024-08-19 06:00:05 +02:00
switchdev net: bridge: switchdev: Skip MDB replays of deferred events on offload 2024-03-01 13:26:35 +01:00
tipc tipc: guard against string buffer overrun 2024-10-17 15:21:38 +02:00
tls tls: fix missing memory barrier in tls_init 2024-06-12 11:03:53 +02:00
unix af_unix: Remove put_pid()/put_cred() in copy_peercred(). 2024-09-12 11:10:19 +02:00
vmw_vsock vsock/virtio: fix packet delivery to tap device 2024-04-10 16:28:25 +02:00
wireless genetlink: hold RCU in genlmsg_mcast() 2024-11-01 01:56:00 +01:00
x25 net/x25: fix incorrect parameter validation in the x25_getsockopt() function 2024-03-26 18:20:42 -04:00
xdp xsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING 2024-04-17 11:18:23 +02:00
xfrm net: fix __dst_negative_advice() race 2024-06-16 13:41:40 +02:00
compat.c use less confusing names for iov_iter direction initializers 2023-02-09 11:28:04 +01:00
devres.c
Kconfig Remove DECnet support from kernel 2022-08-22 14:26:30 +01:00
Kconfig.debug net: make NET_(DEV|NS)_REFCNT_TRACKER depend on NET 2022-09-20 14:23:56 -07:00
Makefile devlink: move code to a dedicated directory 2023-08-30 16:11:00 +02:00
socket.c net: explicitly clear the sk pointer, when pf->create fails 2024-10-17 15:22:27 +02:00
sysctl_net.c sysctl: treewide: drop unused argument ctl_table_root::set_ownership(table) 2024-08-11 12:35:51 +02:00