Ksawlii/kernel_samsung_a53x
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
kernel_samsung_a53x/net/ipv4
History
Stanislav Fomichev 868e067240 net: set SOCK_RCU_FREE before inserting socket into hashtable 
commit 871019b22d1bcc9fab2d1feba1b9a564acbb6e99 upstream.

We've started to see the following kernel traces:

 WARNING: CPU: 83 PID: 0 at net/core/filter.c:6641 sk_lookup+0x1bd/0x1d0

 Call Trace:
  <IRQ>
  __bpf_skc_lookup+0x10d/0x120
  bpf_sk_lookup+0x48/0xd0
  bpf_sk_lookup_tcp+0x19/0x20
  bpf_prog_<redacted>+0x37c/0x16a3
  cls_bpf_classify+0x205/0x2e0
  tcf_classify+0x92/0x160
  __netif_receive_skb_core+0xe52/0xf10
  __netif_receive_skb_list_core+0x96/0x2b0
  napi_complete_done+0x7b5/0xb70
  <redacted>_poll+0x94/0xb0
  net_rx_action+0x163/0x1d70
  __do_softirq+0xdc/0x32e
  asm_call_irq_on_stack+0x12/0x20
  </IRQ>
  do_softirq_own_stack+0x36/0x50
  do_softirq+0x44/0x70

__inet_hash can race with lockless (rcu) readers on the other cpus:

  __inet_hash
    __sk_nulls_add_node_rcu
    <- (bpf triggers here)
    sock_set_flag(SOCK_RCU_FREE)

Let's move the SOCK_RCU_FREE part up a bit, before we are inserting
the socket into hashtables. Note, that the race is really harmless;
the bpf callers are handling this situation (where listener socket
doesn't have SOCK_RCU_FREE set) correctly, so the only
annoyance is a WARN_ONCE.

More details from Eric regarding SOCK_RCU_FREE timeline:

Commit 3b24d854cb35 ("tcp/dccp: do not touch listener sk_refcnt under
synflood") added SOCK_RCU_FREE. At that time, the precise location of
sock_set_flag(sk, SOCK_RCU_FREE) did not matter, because the thread calling
__inet_hash() owns a reference on sk. SOCK_RCU_FREE was only tested
at dismantle time.

Commit 6acc9b432e67 ("bpf: Add helper to retrieve socket in BPF")
started checking SOCK_RCU_FREE _after_ the lookup to infer whether
the refcount has been taken care of.

Fixes: 6acc9b432e67 ("bpf: Add helper to retrieve socket in BPF")
Reviewed-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Stanislav Fomichev <sdf@google.com>
Reviewed-by: Kuniyuki Iwashima <kuniyu@amazon.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
[Resolved conflict for 5.10 and below.]
Signed-off-by: Siddh Raman Pant <siddh.raman.pant@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-01-19 14:52:20 +01:00
..
bpfilter Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
netfilter Revert "netfilter: nf_tables: prevent nf_skb_duplicated corruption" 2024-11-24 00:23:12 +01:00
af_inet.c gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers 2025-01-19 00:10:01 +01:00
ah4.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
arp.c arp: Prevent overflow in arp_req_get(). 2024-11-18 22:25:42 +01:00
bpf_tcp_ca.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
cipso_ipv4.c cipso: fix total option length computation 2024-11-19 14:19:08 +01:00
datagram.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
devinet.c Revert "ipv4: Check !in_dev earlier for ioctl(SIOCSIFADDR)." 2024-11-24 00:23:08 +01:00
esp4.c Revert "net: esp: cleanup esp_output_tail_tcp() in case of unsupported ESPINTCP" 2024-11-24 00:23:57 +01:00
esp4_offload.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
fib_frontend.c Revert "ipv4: Mask upper DSCP bits and ECN bits in NETLINK_FIB_LOOKUP family" 2024-11-24 00:23:08 +01:00
fib_lookup.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
fib_notifier.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
fib_rules.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
fib_semantics.c net: Add l3mdev index to flow struct and avoid oif reset for port devices 2024-11-23 23:21:52 +01:00
fib_trie.c net: Add l3mdev index to flow struct and avoid oif reset for port devices 2024-11-23 23:21:52 +01:00
fou.c fou: remove sparse errors 2025-01-19 00:10:01 +01:00
gre_demux.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
gre_offload.c gro: remove rcu_read_lock/rcu_read_unlock from gro_receive handlers 2025-01-19 00:10:01 +01:00
icmp.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
igmp.c bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument 2024-11-19 08:44:49 +01:00
inet_connection_sock.c tcp: properly terminate timers for kernel sockets 2024-11-19 09:22:44 +01:00
inet_diag.c inet_diag: Initialize pad field in struct inet_diag_req_v2 2024-11-19 14:19:41 +01:00
inet_fragment.c Revert "inet: inet_defrag: prevent sk release while still in use" 2024-11-24 00:23:32 +01:00
inet_hashtables.c net: set SOCK_RCU_FREE before inserting socket into hashtable 2025-01-19 14:52:20 +01:00
inet_timewait_sock.c tcp: Fix NEW_SYN_RECV handling in inet_twsk_purge() 2024-11-19 11:32:40 +01:00
inetpeer.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ip_forward.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ip_fragment.c Revert "inet: inet_defrag: prevent sk release while still in use" 2024-11-24 00:23:32 +01:00
ip_gre.c Revert "ipv4: ip_gre: Fix drops of small packets in ipgre_xmit" 2024-11-24 00:23:12 +01:00
ip_input.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ip_options.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ip_output.c net: ipv4: fix a memleak in ip_setup_cork 2024-11-18 12:13:22 +01:00
ip_sockglue.c bpf: net: Change do_ip_getsockopt() to take the sockptr_t argument 2024-11-19 08:44:49 +01:00
ip_tunnel.c net: Handle l3mdev in ip_tunnel_init_flow 2024-11-23 23:21:53 +01:00
ip_tunnel_core.c tunnels: fix out of bounds access when building IPv6 PMTU error 2024-11-18 12:13:24 +01:00
ip_vti.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ipcomp.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ipconfig.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ipip.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
ipmr.c ipmr: fix tables suspicious RCU usage 2024-12-17 13:24:16 +01:00
ipmr_base.c ipmr: Fix access to mfc_cache_list without lock held 2024-12-17 13:23:58 +01:00
Kconfig Revert "net: tcp: bbrplus for 5.10" 2025-01-17 22:17:46 +01:00
Makefile Revert "net: tcp: bbrplus for 5.10" 2025-01-17 22:17:46 +01:00
metrics.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
netfilter.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
netlink.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
nexthop.c Revert "net: nexthop: Initialize all fields in dumped nexthops" 2024-11-24 00:23:55 +01:00
ping.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
proc.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
protocol.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raw.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
raw_diag.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
route.c Revert "ipv4: Fix incorrect source address in Record Route option" 2024-11-24 00:23:56 +01:00
syncookies.c tcp: fix cookie_init_timestamp() overflows 2024-11-18 11:42:50 +01:00
sysctl_net_ipv4.c tcp: add sysctls for TCP PLB parameters 2024-12-18 15:08:12 +01:00
tcp.c Revert "tcp: add rcv_wnd and plb_rehash to TCP_INFO" 2024-12-18 15:32:40 +01:00
tcp_bbr.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_bic.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_bpf.c tcp_bpf: fix return value of tcp_bpf_sendmsg() 2025-01-19 00:10:01 +01:00
tcp_cdg.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_cong.c Revert "net-tcp: add fast_ack_mode=1: skip rwin check in tcp_fast_ack_mode__tcp_ack_snd_check()" 2024-12-18 15:32:27 +01:00
tcp_cubic.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_dctcp.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_dctcp.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tcp_diag.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tcp_fastopen.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tcp_highspeed.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_htcp.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_hybla.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_illinois.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_input.c Revert "tcp: tracking packets with CE marks in BW rate sample" 2024-12-18 15:36:41 +01:00
tcp_ipv4.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_lp.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_metrics.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_minisocks.c Revert "tcp: introduce per-route feature RTAX_FEATURE_ECN_LOW" 2024-12-18 15:36:29 +01:00
tcp_nv.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_offload.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tcp_output.c Revert "net: tcp: bbrplus for 5.10" 2025-01-17 22:17:46 +01:00
tcp_rate.c Revert "tcp: tracking packets with CE marks in BW rate sample" 2024-12-18 15:36:41 +01:00
tcp_recovery.c tcp: fix excessive TLP and RACK timeouts from HZ rounding 2024-11-08 11:26:10 +01:00
tcp_scalable.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_timer.c net-tcp_bbr: broaden app-limited rate sample detection 2024-12-18 15:07:30 +01:00
tcp_ulp.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tcp_vegas.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_vegas.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
tcp_veno.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_westwood.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tcp_yeah.c Revert "tcp: add accessors to read/set tp->snd_cwnd" 2024-12-18 15:30:18 +01:00
tunnel4.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udp.c udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). 2024-11-19 14:19:43 +01:00
udp_bpf.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udp_diag.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udp_impl.h Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udp_offload.c fou: remove sparse errors 2025-01-19 00:10:01 +01:00
udp_tunnel_core.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udp_tunnel_nic.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udp_tunnel_stub.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
udplite.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
xfrm4_input.c xfrm: Preserve vlan tags for transport mode software GRO 2024-11-19 11:32:45 +01:00
xfrm4_output.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
xfrm4_policy.c xfrm: respect ip protocols rules criteria when performing dst lookups 2024-11-23 23:22:00 +01:00
xfrm4_protocol.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
xfrm4_state.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00
xfrm4_tunnel.c Import A536BXXU9EXDC 2024-06-15 16:02:09 -03:00