Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/net
History
Eric Dumazet 7c13002e9b xfrm: interface: use DEV_STATS_INC() 
commit f7c4e3e5d4f6609b4725a97451948ca2e425379a upstream.

syzbot/KCSAN reported data-races in xfrm whenever dev->stats fields
are updated.

It appears all of these updates can happen from multiple cpus.

Adopt SMP safe DEV_STATS_INC() to update dev->stats fields.

BUG: KCSAN: data-race in xfrmi_xmit / xfrmi_xmit

read-write to 0xffff88813726b160 of 8 bytes by task 23986 on cpu 1:
xfrmi_xmit+0x74e/0xb20 net/xfrm/xfrm_interface_core.c:583
__netdev_start_xmit include/linux/netdevice.h:4889 [inline]
netdev_start_xmit include/linux/netdevice.h:4903 [inline]
xmit_one net/core/dev.c:3544 [inline]
dev_hard_start_xmit+0x11b/0x3f0 net/core/dev.c:3560
__dev_queue_xmit+0xeee/0x1de0 net/core/dev.c:4340
dev_queue_xmit include/linux/netdevice.h:3082 [inline]
neigh_connected_output+0x231/0x2a0 net/core/neighbour.c:1581
neigh_output include/net/neighbour.h:542 [inline]
ip_finish_output2+0x74a/0x850 net/ipv4/ip_output.c:230
ip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:318
NF_HOOK_COND include/linux/netfilter.h:293 [inline]
ip_output+0xe5/0x1b0 net/ipv4/ip_output.c:432
dst_output include/net/dst.h:458 [inline]
ip_local_out net/ipv4/ip_output.c:127 [inline]
ip_send_skb+0x72/0xe0 net/ipv4/ip_output.c:1487
udp_send_skb+0x6a4/0x990 net/ipv4/udp.c:963
udp_sendmsg+0x1249/0x12d0 net/ipv4/udp.c:1246
inet_sendmsg+0x63/0x80 net/ipv4/af_inet.c:840
sock_sendmsg_nosec net/socket.c:730 [inline]
sock_sendmsg net/socket.c:753 [inline]
____sys_sendmsg+0x37c/0x4d0 net/socket.c:2540
___sys_sendmsg net/socket.c:2594 [inline]
__sys_sendmmsg+0x269/0x500 net/socket.c:2680
__do_sys_sendmmsg net/socket.c:2709 [inline]
__se_sys_sendmmsg net/socket.c:2706 [inline]
__x64_sys_sendmmsg+0x57/0x60 net/socket.c:2706
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd

read-write to 0xffff88813726b160 of 8 bytes by task 23987 on cpu 0:
xfrmi_xmit+0x74e/0xb20 net/xfrm/xfrm_interface_core.c:583
__netdev_start_xmit include/linux/netdevice.h:4889 [inline]
netdev_start_xmit include/linux/netdevice.h:4903 [inline]
xmit_one net/core/dev.c:3544 [inline]
dev_hard_start_xmit+0x11b/0x3f0 net/core/dev.c:3560
__dev_queue_xmit+0xeee/0x1de0 net/core/dev.c:4340
dev_queue_xmit include/linux/netdevice.h:3082 [inline]
neigh_connected_output+0x231/0x2a0 net/core/neighbour.c:1581
neigh_output include/net/neighbour.h:542 [inline]
ip_finish_output2+0x74a/0x850 net/ipv4/ip_output.c:230
ip_finish_output+0xf4/0x240 net/ipv4/ip_output.c:318
NF_HOOK_COND include/linux/netfilter.h:293 [inline]
ip_output+0xe5/0x1b0 net/ipv4/ip_output.c:432
dst_output include/net/dst.h:458 [inline]
ip_local_out net/ipv4/ip_output.c:127 [inline]
ip_send_skb+0x72/0xe0 net/ipv4/ip_output.c:1487
udp_send_skb+0x6a4/0x990 net/ipv4/udp.c:963
udp_sendmsg+0x1249/0x12d0 net/ipv4/udp.c:1246
inet_sendmsg+0x63/0x80 net/ipv4/af_inet.c:840
sock_sendmsg_nosec net/socket.c:730 [inline]
sock_sendmsg net/socket.c:753 [inline]
____sys_sendmsg+0x37c/0x4d0 net/socket.c:2540
___sys_sendmsg net/socket.c:2594 [inline]
__sys_sendmmsg+0x269/0x500 net/socket.c:2680
__do_sys_sendmmsg net/socket.c:2709 [inline]
__se_sys_sendmmsg net/socket.c:2706 [inline]
__x64_sys_sendmmsg+0x57/0x60 net/socket.c:2706
do_syscall_x64 arch/x86/entry/common.c:50 [inline]
do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
entry_SYSCALL_64_after_hwframe+0x63/0xcd

value changed: 0x00000000000010d7 -> 0x00000000000010d8

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 23987 Comm: syz-executor.5 Not tainted 6.5.0-syzkaller-10885-g0468be89b3fa 
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023

Fixes: f203b76d7809 ("xfrm: Add virtual xfrm interfaces")
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2024-11-08 11:26:10 +01:00
..
6lowpan Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
9p Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
802 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
8021q Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
appletalk Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
atm Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ax25 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
batman-adv Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
bluetooth Bluetooth: avoid memcmp() out of bounds warning 2024-11-08 11:26:08 +01:00
bpf Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
bpfilter Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
bridge Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
caif Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
can Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ceph libceph: use kernel_connect() 2024-11-08 11:25:50 +01:00
core Backport mac80211 patches from linux-6.1.y 2024-06-15 16:29:20 -03:00
dcb Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dccp Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
decnet Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dns_resolver Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
dsa Backport mac80211 patches from linux-6.1.y 2024-06-15 16:29:20 -03:00
ethernet Backport mac80211 patches from linux-6.1.y 2024-06-15 16:29:20 -03:00
ethtool Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
hsr Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ieee802154 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ife Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ipv4 tcp: check mptcp-level constraints for backlog coalescing 2024-11-08 11:26:09 +01:00
ipv6 net: release reference to inet6_dev pointer 2024-11-08 11:25:47 +01:00
iucv Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
kcm Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
key Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
l2tp Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
l3mdev Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
lapb Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
llc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mac80211 Backport mac80211 patches from linux-6.1.y 2024-06-15 16:29:20 -03:00
mac802154 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mpls Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
mptcp Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ncm Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ncsi Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
netfilter netfilter: nft_payload: fix wrong mac header matching 2024-11-08 11:26:09 +01:00
netlabel Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
netlink Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
netrom Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
nfc nfc: nci: fix possible NULL pointer dereference in send_acknowledge() 2024-11-08 11:26:08 +01:00
nsh Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
openvswitch Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
packet Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
phonet Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
psample Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
qrtr Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
rds net: prevent address rewrite in kernel_bind() 2024-11-08 11:25:44 +01:00
rfkill Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
rose Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
rxrpc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sched Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sctp Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
skb_tracer Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
smc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
strparser Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
sunrpc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
switchdev Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tipc Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tls Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
unix Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
vmw_vsock Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
wimax Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
wireless net: reg: Unlock all channels 2024-06-15 16:29:21 -03:00
x25 Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
xdp Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
xfrm xfrm: interface: use DEV_STATS_INC() 2024-11-08 11:26:10 +01:00
compat.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
devres.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Kconfig Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
Makefile Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
socket.c net: prevent address rewrite in kernel_bind() 2024-11-08 11:25:44 +01:00
sysctl_net.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
TEST_MAPPING Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00