From: Carlos Llamas <cmllamas@google.com>
To: Yenchia Chen <yenchia.chen@mediatek.com>
Cc: stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Matthias Brugger <matthias.bgg@gmail.com>,
Sasha Levin <sashal@kernel.org>, Simon Horman <horms@kernel.org>,
Zhengchao Shao <shaozhengchao@huawei.com>,
Pedro Tammela <pctammela@mojatatu.com>,
Ryosuke Yasuoka <ryasuoka@redhat.com>,
Thomas Graf <tgraf@suug.ch>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org
Subject: Re: [PATCH 5.15 2/2] netlink: annotate data-races around sk->sk_err
Date: Wed, 15 May 2024 17:45:31 +0000 [thread overview]
Message-ID: <ZkT0u3RMc89Fe6PV@google.com> (raw)
In-Reply-To: <20240515073644.32503-3-yenchia.chen@mediatek.com>
On Wed, May 15, 2024 at 03:36:38PM +0800, Yenchia Chen wrote:
> From: Eric Dumazet <edumazet@google.com>
>
> syzbot caught another data-race in netlink when
> setting sk->sk_err.
>
> Annotate all of them for good measure.
>
> BUG: KCSAN: data-race in netlink_recvmsg / netlink_recvmsg
>
> write to 0xffff8881613bb220 of 4 bytes by task 28147 on cpu 0:
> netlink_recvmsg+0x448/0x780 net/netlink/af_netlink.c:1994
> sock_recvmsg_nosec net/socket.c:1027 [inline]
> sock_recvmsg net/socket.c:1049 [inline]
> __sys_recvfrom+0x1f4/0x2e0 net/socket.c:2229
> __do_sys_recvfrom net/socket.c:2247 [inline]
> __se_sys_recvfrom net/socket.c:2243 [inline]
> __x64_sys_recvfrom+0x78/0x90 net/socket.c:2243
> do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
> entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> write to 0xffff8881613bb220 of 4 bytes by task 28146 on cpu 1:
> netlink_recvmsg+0x448/0x780 net/netlink/af_netlink.c:1994
> sock_recvmsg_nosec net/socket.c:1027 [inline]
> sock_recvmsg net/socket.c:1049 [inline]
> __sys_recvfrom+0x1f4/0x2e0 net/socket.c:2229
> __do_sys_recvfrom net/socket.c:2247 [inline]
> __se_sys_recvfrom net/socket.c:2243 [inline]
> __x64_sys_recvfrom+0x78/0x90 net/socket.c:2243
> do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
> entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> value changed: 0x00000000 -> 0x00000016
>
> Reported by Kernel Concurrency Sanitizer on:
> CPU: 1 PID: 28146 Comm: syz-executor.0 Not tainted 6.6.0-rc3-syzkaller-00055-g9ed22ae6be81 #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
>
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Reported-by: syzbot <syzkaller@googlegroups.com>
> Reviewed-by: Simon Horman <horms@kernel.org>
> Link: https://lore.kernel.org/r/20231003183455.3410550-1-edumazet@google.com
> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
> Signed-off-by: yenchia.chen <yenchia.chen@mediatek.com>
> ---
The conflict resolution looks good to me, thanks!
Reviewed-by: Carlos Llamas <cmllamas@google.com>
WARNING: multiple messages have this Message-ID (diff)
From: Carlos Llamas <cmllamas@google.com>
To: Yenchia Chen <yenchia.chen@mediatek.com>
Cc: stable@vger.kernel.org, Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Matthias Brugger <matthias.bgg@gmail.com>,
Sasha Levin <sashal@kernel.org>, Simon Horman <horms@kernel.org>,
Zhengchao Shao <shaozhengchao@huawei.com>,
Pedro Tammela <pctammela@mojatatu.com>,
Ryosuke Yasuoka <ryasuoka@redhat.com>,
Thomas Graf <tgraf@suug.ch>,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-mediatek@lists.infradead.org
Subject: Re: [PATCH 5.15 2/2] netlink: annotate data-races around sk->sk_err
Date: Wed, 15 May 2024 17:45:31 +0000 [thread overview]
Message-ID: <ZkT0u3RMc89Fe6PV@google.com> (raw)
In-Reply-To: <20240515073644.32503-3-yenchia.chen@mediatek.com>
On Wed, May 15, 2024 at 03:36:38PM +0800, Yenchia Chen wrote:
> From: Eric Dumazet <edumazet@google.com>
>
> syzbot caught another data-race in netlink when
> setting sk->sk_err.
>
> Annotate all of them for good measure.
>
> BUG: KCSAN: data-race in netlink_recvmsg / netlink_recvmsg
>
> write to 0xffff8881613bb220 of 4 bytes by task 28147 on cpu 0:
> netlink_recvmsg+0x448/0x780 net/netlink/af_netlink.c:1994
> sock_recvmsg_nosec net/socket.c:1027 [inline]
> sock_recvmsg net/socket.c:1049 [inline]
> __sys_recvfrom+0x1f4/0x2e0 net/socket.c:2229
> __do_sys_recvfrom net/socket.c:2247 [inline]
> __se_sys_recvfrom net/socket.c:2243 [inline]
> __x64_sys_recvfrom+0x78/0x90 net/socket.c:2243
> do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
> entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> write to 0xffff8881613bb220 of 4 bytes by task 28146 on cpu 1:
> netlink_recvmsg+0x448/0x780 net/netlink/af_netlink.c:1994
> sock_recvmsg_nosec net/socket.c:1027 [inline]
> sock_recvmsg net/socket.c:1049 [inline]
> __sys_recvfrom+0x1f4/0x2e0 net/socket.c:2229
> __do_sys_recvfrom net/socket.c:2247 [inline]
> __se_sys_recvfrom net/socket.c:2243 [inline]
> __x64_sys_recvfrom+0x78/0x90 net/socket.c:2243
> do_syscall_x64 arch/x86/entry/common.c:50 [inline]
> do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80
> entry_SYSCALL_64_after_hwframe+0x63/0xcd
>
> value changed: 0x00000000 -> 0x00000016
>
> Reported by Kernel Concurrency Sanitizer on:
> CPU: 1 PID: 28146 Comm: syz-executor.0 Not tainted 6.6.0-rc3-syzkaller-00055-g9ed22ae6be81 #0
> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/06/2023
>
> Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2")
> Signed-off-by: Eric Dumazet <edumazet@google.com>
> Reported-by: syzbot <syzkaller@googlegroups.com>
> Reviewed-by: Simon Horman <horms@kernel.org>
> Link: https://lore.kernel.org/r/20231003183455.3410550-1-edumazet@google.com
> Signed-off-by: Jakub Kicinski <kuba@kernel.org>
> Signed-off-by: yenchia.chen <yenchia.chen@mediatek.com>
> ---
The conflict resolution looks good to me, thanks!
Reviewed-by: Carlos Llamas <cmllamas@google.com>
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2024-05-15 17:45 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-15 7:36 [PATCH 5.15 0/2] netlink, fix issues caught by syzbot Yenchia Chen
2024-05-15 7:36 ` Yenchia Chen
2024-05-15 7:36 ` [PATCH 5.15 1/2] netlink: annotate lockless accesses to nlk->max_recvmsg_len Yenchia Chen
2024-05-15 7:36 ` Yenchia Chen
2024-05-15 7:50 ` kernel test robot
2024-05-15 17:44 ` Carlos Llamas
2024-05-15 17:44 ` Carlos Llamas
2024-05-15 7:36 ` [PATCH 5.15 2/2] netlink: annotate data-races around sk->sk_err Yenchia Chen
2024-05-15 7:36 ` Yenchia Chen
2024-05-15 17:45 ` Carlos Llamas [this message]
2024-05-15 17:45 ` Carlos Llamas
2024-05-23 11:51 ` [PATCH 5.15 0/2] netlink, fix issues caught by syzbot Greg KH
2024-05-23 11:51 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZkT0u3RMc89Fe6PV@google.com \
--to=cmllamas@google.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=horms@kernel.org \
--cc=kuba@kernel.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=matthias.bgg@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=pctammela@mojatatu.com \
--cc=ryasuoka@redhat.com \
--cc=sashal@kernel.org \
--cc=shaozhengchao@huawei.com \
--cc=stable@vger.kernel.org \
--cc=tgraf@suug.ch \
--cc=yenchia.chen@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.