[PATCH] bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6

[PATCH] bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6

[Jiawei Ye]

In the bpf_out_neigh_v6 function, rcu_read_lock() is used to begin an RCU
read-side critical section. However, when unlocking, one branch
incorrectly uses a different RCU unlock flavour rcu_read_unlock_bh()
instead of rcu_read_unlock(). This mismatch in RCU locking flavours can
lead to unexpected behavior and potential concurrency issues.

This possible bug was identified using a static analysis tool developed
by myself, specifically designed to detect RCU-related issues.

This patch corrects the mismatched unlock flavour by replacing the
incorrect rcu_read_unlock_bh() with the appropriate rcu_read_unlock(),
ensuring that the RCU critical section is properly exited. This change
prevents potential synchronization issues and aligns with proper RCU
usage patterns.

Fixes: 09eed1192cec ("neighbour: switch to standard rcu, instead of rcu_bh")
Signed-off-by: Jiawei Ye <jiawei.ye@foxmail.com>
---
 net/core/filter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/filter.c b/net/core/filter.c
index 64248d0ac4ad..44bbc1dbfb50 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -2232,7 +2232,7 @@ static int bpf_out_neigh_v6(struct net *net, struct sk_buff *skb,
 		rcu_read_unlock();
 		return ret;
 	}
-	rcu_read_unlock_bh();
+	rcu_read_unlock();
 	if (dst)
 		IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
 out_drop:
-- 
2.34.1

Re: [PATCH] bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6

[Yonghong Song]

On 11/8/24 12:18 AM, Jiawei Ye wrote:
> In the bpf_out_neigh_v6 function, rcu_read_lock() is used to begin an RCU
> read-side critical section. However, when unlocking, one branch
> incorrectly uses a different RCU unlock flavour rcu_read_unlock_bh()
> instead of rcu_read_unlock(). This mismatch in RCU locking flavours can
> lead to unexpected behavior and potential concurrency issues.
>
> This possible bug was identified using a static analysis tool developed
> by myself, specifically designed to detect RCU-related issues.
>
> This patch corrects the mismatched unlock flavour by replacing the
> incorrect rcu_read_unlock_bh() with the appropriate rcu_read_unlock(),
> ensuring that the RCU critical section is properly exited. This change
> prevents potential synchronization issues and aligns with proper RCU
> usage patterns.
>
> Fixes: 09eed1192cec ("neighbour: switch to standard rcu, instead of rcu_bh")
> Signed-off-by: Jiawei Ye <jiawei.ye@foxmail.com>

Acked-by: Yonghong Song <yonghong.song@linux.dev>

Re: [PATCH] bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6

[patchwork-bot+netdevbpf]

Hello:

This patch was applied to bpf/bpf.git (master)
by Martin KaFai Lau <martin.lau@kernel.org>:

On Fri,  8 Nov 2024 08:18:52 +0000 you wrote:
> In the bpf_out_neigh_v6 function, rcu_read_lock() is used to begin an RCU
> read-side critical section. However, when unlocking, one branch
> incorrectly uses a different RCU unlock flavour rcu_read_unlock_bh()
> instead of rcu_read_unlock(). This mismatch in RCU locking flavours can
> lead to unexpected behavior and potential concurrency issues.
> 
> This possible bug was identified using a static analysis tool developed
> by myself, specifically designed to detect RCU-related issues.
> 
> [...]

Here is the summary with links:
  - bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6
    https://git.kernel.org/bpf/bpf/c/fb86c42a2a5d

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html