system/linux
system/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux synced 2024-09-20 19:17:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
linux/net
History
Eric Dumazet 4c971d2f35 net: annotate races around sk->sk_bound_dev_if 
UDP sendmsg() is lockless, and reads sk->sk_bound_dev_if while
this field can be changed by another thread.

Adds minimal annotations to avoid KCSAN splats for UDP.
Following patches will add more annotations to potential lockless readers.

BUG: KCSAN: data-race in __ip6_datagram_connect / udpv6_sendmsg

write to 0xffff888136d47a94 of 4 bytes by task 7681 on cpu 0:
 __ip6_datagram_connect+0x6e2/0x930 net/ipv6/datagram.c:221
 ip6_datagram_connect+0x2a/0x40 net/ipv6/datagram.c:272
 inet_dgram_connect+0x107/0x190 net/ipv4/af_inet.c:576
 __sys_connect_file net/socket.c:1900 [inline]
 __sys_connect+0x197/0x1b0 net/socket.c:1917
 __do_sys_connect net/socket.c:1927 [inline]
 __se_sys_connect net/socket.c:1924 [inline]
 __x64_sys_connect+0x3d/0x50 net/socket.c:1924
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff888136d47a94 of 4 bytes by task 7670 on cpu 1:
 udpv6_sendmsg+0xc60/0x16e0 net/ipv6/udp.c:1436
 inet6_sendmsg+0x5f/0x80 net/ipv6/af_inet6.c:652
 sock_sendmsg_nosec net/socket.c:705 [inline]
 sock_sendmsg net/socket.c:725 [inline]
 ____sys_sendmsg+0x39a/0x510 net/socket.c:2413
 ___sys_sendmsg net/socket.c:2467 [inline]
 __sys_sendmmsg+0x267/0x4c0 net/socket.c:2553
 __do_sys_sendmmsg net/socket.c:2582 [inline]
 __se_sys_sendmmsg net/socket.c:2579 [inline]
 __x64_sys_sendmmsg+0x53/0x60 net/socket.c:2579
 do_syscall_x64 arch/x86/entry/common.c:50 [inline]
 do_syscall_64+0x2b/0x50 arch/x86/entry/common.c:80
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000 -> 0xffffff9b

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 7670 Comm: syz-executor.3 Tainted: G        W         5.18.0-rc1-syzkaller-dirty #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011

I chose to not add Fixes: tag because race has minor consequences
and stable teams busy enough.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2022-05-16 10:31:05 +01:00
..
6lowpan
9p
802
8021q net: add netif_inherit_tso_max() 2022-05-06 12:07:56 +01:00
appletalk
atm net: SO_RCVMARK socket option for SO_MARK with recvmsg() 2022-04-28 13:08:15 -07:00
ax25
batman-adv Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
bluetooth Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
bpf net: allow gso_max_size to exceed 65536 2022-05-16 10:18:55 +01:00
bpfilter
bridge rtnetlink: add extack support in fdb del handlers 2022-05-09 11:58:20 +01:00
caif
can Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-05 13:03:18 -07:00
ceph libceph: disambiguate cluster/pool full log message 2022-04-25 10:45:15 +02:00
core net: allow gro_max_size to exceed 65536 2022-05-16 10:18:56 +01:00
dcb
dccp net: inet: Retire port only listening_hash 2022-05-12 16:52:18 -07:00
decnet decnet: Use container_of() for struct dn_neigh casts 2022-05-10 12:21:51 +02:00
dns_resolver
dsa net: dsa: remove port argument from ->change_tag_protocol() 2022-05-12 16:38:55 -07:00
ethernet net: ethernet: set default assignment identifier to NET_NAME_ENUM 2022-04-07 21:04:03 -07:00
ethtool ethtool: Add 10base-T1L link mode entry 2022-05-01 17:45:35 +01:00
hsr
ieee802154 net: SO_RCVMARK socket option for SO_MARK with recvmsg() 2022-04-28 13:08:15 -07:00
ife
ipv4 tcp_cubic: make hystart_ack_delay() aware of BIG TCP 2022-05-16 10:18:56 +01:00
ipv6 net: annotate races around sk->sk_bound_dev_if 2022-05-16 10:31:05 +01:00
iucv
kcm
key net: SO_RCVMARK socket option for SO_MARK with recvmsg() 2022-04-28 13:08:15 -07:00
l2tp net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
l3mdev l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu 2022-04-15 14:27:24 -07:00
lapb
llc
mac80211 Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
mac802154 net: mac802154: Fix symbol durations 2022-04-30 20:29:47 +02:00
mctp net: SO_RCVMARK socket option for SO_MARK with recvmsg() 2022-04-28 13:08:15 -07:00
mpls net: mpls: fix memdup.cocci warning 2022-04-07 21:06:41 -07:00
mptcp net: inet: Retire port only listening_hash 2022-05-12 16:52:18 -07:00
ncsi
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/netfilter/nf-next 2022-05-16 10:10:37 +01:00
netlabel
netlink Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
netrom
nfc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-05 13:03:18 -07:00
nsh
openvswitch openvswitch: fix OOB access in reserve_sfa_size() 2022-04-15 11:50:02 +01:00
packet net: SO_RCVMARK socket option for SO_MARK with recvmsg() 2022-04-28 13:08:15 -07:00
phonet net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
psample
qrtr
rds net: rds: use maybe_get_net() when acquiring refcount on TCP sockets 2022-05-05 16:44:49 -07:00
rfkill
rose ROSE: Remove unused code and clean up some inconsistent indenting 2022-05-09 17:19:27 -07:00
rxrpc rxrpc: Enable IPv6 checksums on transport socket 2022-04-30 13:59:34 +01:00
sched Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
sctp net: allow gso_max_size to exceed 65536 2022-05-16 10:18:55 +01:00
smc net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending 2022-05-12 10:01:36 -07:00
strparser
sunrpc Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
switchdev
tipc
tls Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
unix net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
vmw_vsock vsock/virtio: add support for device suspend/resume 2022-05-02 16:04:34 -07:00
wireless Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-05-12 16:15:30 -07:00
x25 x25: remove redundant pointer dev 2022-05-10 11:59:22 +02:00
xdp Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-04-28 13:02:01 -07:00
xfrm xfrm: drop not needed flags variable in XFRM offload struct 2022-05-06 08:35:46 +02:00
compat.c
devres.c
Kconfig
Kconfig.debug net: add CONFIG_DEBUG_NET 2022-05-11 12:43:10 +01:00
Makefile
socket.c ptp: Support late timestamp determination 2022-05-10 09:48:08 +02:00
sysctl_net.c