From: Taehee Yoo <ap420073@gmail.com>
To: davem@davemloft.net, netdev@vger.kernel.org,
j.vosburgh@gmail.com, vfalico@gmail.com, andy@greyhouse.net,
jiri@resnulli.us, sd@queasysnail.net, roopa@cumulusnetworks.com,
saeedm@mellanox.com, manishc@marvell.com, rahulv@marvell.com,
kys@microsoft.com, haiyangz@microsoft.com,
stephen@networkplumber.org, sashal@kernel.org, hare@suse.de,
varun@chelsio.com, ubraun@linux.ibm.com, kgraul@linux.ibm.com,
jay.vosburgh@canonical.com
Cc: ap420073@gmail.com
Subject: [PATCH net v3 06/11] macsec: use dynamic lockdep key instead of subclass
Date: Mon, 16 Sep 2019 22:47:57 +0900 [thread overview]
Message-ID: <20190916134802.8252-7-ap420073@gmail.com> (raw)
In-Reply-To: <20190916134802.8252-1-ap420073@gmail.com>
All macsec device has same lockdep key and subclass is initialized with
nest_level.
But actual nest_level value can be changed when a lower device is attached.
And at this moment, the subclass should be updated but it seems to be
unsafe.
So this patch makes macsec use dynamic lockdep key instead of the subclass.
Test commands:
ip link add bond0 type bond
ip link add dummy0 type dummy
ip link add macsec0 link bond0 type macsec
ip link add macsec1 link dummy0 type macsec
ip link set bond0 mtu 1000
ip link set macsec1 master bond0
ip link set bond0 up
ip link set macsec0 up
ip link set dummy0 up
ip link set macsec1 up
Splat looks like:
[ 57.903193] WARNING: possible recursive locking detected
[ 57.913011] 5.3.0-rc8+ #179 Not tainted
[ 57.915008] --------------------------------------------
[ 57.916707] ip/964 is trying to acquire lock:
[ 57.917102] 000000007f1963bf (&macsec_netdev_addr_lock_key/1){+...}, at: dev_uc_sync_multiple+0xfa/0x1a0
[ 57.918476]
[ 57.918476] but task is already holding lock:
[ 57.918996] 000000006f6fbc66 (&macsec_netdev_addr_lock_key/1){+...}, at: dev_set_rx_mode+0x19/0x30
[ 57.919790]
[ 57.919790] other info that might help us debug this:
[ 57.920367] Possible unsafe locking scenario:
[ 57.920367]
[ 57.920894] CPU0
[ 57.921119] ----
[ 57.921366] lock(&macsec_netdev_addr_lock_key/1);
[ 57.921813] lock(&macsec_netdev_addr_lock_key/1);
[ 57.922250]
[ 57.922250] *** DEADLOCK ***
[ 57.922250]
[ 57.924742] May be due to missing lock nesting notation
[ 57.924742]
[ 57.925620] 4 locks held by ip/964:
[ 57.926067] #0: 00000000bf0ca196 (rtnl_mutex){+.+.}, at: rtnetlink_rcv_msg+0x466/0x8a0
[ 57.927070] #1: 000000006f6fbc66 (&macsec_netdev_addr_lock_key/1){+...}, at: dev_set_rx_mode+0x19/0x30
[ 57.928241] #2: 00000000e5b874a1 (&dev_addr_list_lock_key/3){+...}, at: dev_mc_sync+0xfa/0x1a0
[ 57.929851] #3: 000000002c43dd91 (rcu_read_lock){....}, at: bond_set_rx_mode+0x5/0x3c0 [bonding]
[ 57.930983]
[ 57.930983] stack backtrace:
[ 57.931582] CPU: 1 PID: 964 Comm: ip Not tainted 5.3.0-rc8+ #179
[ 57.932439] Hardware name: innotek GmbH VirtualBox/VirtualBox, BIOS VirtualBox 12/01/2006
[ 57.935333] Call Trace:
[ 57.935659] dump_stack+0x7c/0xbb
[ 57.936088] __lock_acquire+0x26a9/0x3de0
[ 57.936590] ? register_lock_class+0x14d0/0x14d0
[ 57.937694] ? register_lock_class+0x14d0/0x14d0
[ 57.938269] lock_acquire+0x164/0x3b0
[ 57.938734] ? dev_uc_sync_multiple+0xfa/0x1a0
[ 57.939291] _raw_spin_lock_nested+0x2e/0x60
[ 57.940112] ? dev_uc_sync_multiple+0xfa/0x1a0
[ 57.940672] dev_uc_sync_multiple+0xfa/0x1a0
[ 57.941730] bond_set_rx_mode+0x269/0x3c0 [bonding]
[ 57.942340] ? bond_init+0x6f0/0x6f0 [bonding]
[ 57.942895] ? do_raw_spin_trylock+0xa9/0x170
[ 57.943435] dev_mc_sync+0x15a/0x1a0
[ 57.943891] macsec_dev_set_rx_mode+0x3a/0x50 [macsec]
[ 57.944560] dev_set_rx_mode+0x21/0x30
[ 57.945051] __dev_open+0x202/0x310
[ ... ]
Fixes: e20038724552 ("macsec: fix lockdep splats when nesting devices")
Signed-off-by: Taehee Yoo <ap420073@gmail.com>
---
v2 -> v3 :
- This patch is not changed
v1 -> v2 :
- This patch is not changed
drivers/net/macsec.c | 37 ++++++++++++++++++++++++++++++++-----
1 file changed, 32 insertions(+), 5 deletions(-)
diff --git a/drivers/net/macsec.c b/drivers/net/macsec.c
index 8f46aa1ddec0..25a4fc88145d 100644
--- a/drivers/net/macsec.c
+++ b/drivers/net/macsec.c
@@ -267,6 +267,8 @@ struct macsec_dev {
struct pcpu_secy_stats __percpu *stats;
struct list_head secys;
struct gro_cells gro_cells;
+ struct lock_class_key xmit_lock_key;
+ struct lock_class_key addr_lock_key;
unsigned int nest_level;
};
@@ -2749,7 +2751,32 @@ static netdev_tx_t macsec_start_xmit(struct sk_buff *skb,
#define MACSEC_FEATURES \
(NETIF_F_SG | NETIF_F_HIGHDMA | NETIF_F_FRAGLIST)
-static struct lock_class_key macsec_netdev_addr_lock_key;
+
+static void macsec_dev_set_lockdep_one(struct net_device *dev,
+ struct netdev_queue *txq,
+ void *_unused)
+{
+ struct macsec_dev *macsec = macsec_priv(dev);
+
+ lockdep_set_class(&txq->_xmit_lock, &macsec->xmit_lock_key);
+}
+
+static struct lock_class_key qdisc_tx_busylock_key;
+static struct lock_class_key qdisc_running_key;
+
+static void macsec_dev_set_lockdep_class(struct net_device *dev)
+{
+ struct macsec_dev *macsec = macsec_priv(dev);
+
+ dev->qdisc_tx_busylock = &qdisc_tx_busylock_key;
+ dev->qdisc_running_key = &qdisc_running_key;
+
+ lockdep_register_key(&macsec->addr_lock_key);
+ lockdep_set_class(&dev->addr_list_lock, &macsec->addr_lock_key);
+
+ lockdep_register_key(&macsec->xmit_lock_key);
+ netdev_for_each_tx_queue(dev, macsec_dev_set_lockdep_one, NULL);
+}
static int macsec_dev_init(struct net_device *dev)
{
@@ -2780,6 +2807,7 @@ static int macsec_dev_init(struct net_device *dev)
if (is_zero_ether_addr(dev->broadcast))
memcpy(dev->broadcast, real_dev->broadcast, dev->addr_len);
+ macsec_dev_set_lockdep_class(dev);
return 0;
}
@@ -2789,6 +2817,9 @@ static void macsec_dev_uninit(struct net_device *dev)
gro_cells_destroy(&macsec->gro_cells);
free_percpu(dev->tstats);
+
+ lockdep_unregister_key(&macsec->addr_lock_key);
+ lockdep_unregister_key(&macsec->xmit_lock_key);
}
static netdev_features_t macsec_fix_features(struct net_device *dev,
@@ -3263,10 +3294,6 @@ static int macsec_newlink(struct net *net, struct net_device *dev,
dev_hold(real_dev);
macsec->nest_level = dev_get_nest_level(real_dev) + 1;
- netdev_lockdep_set_classes(dev);
- lockdep_set_class_and_subclass(&dev->addr_list_lock,
- &macsec_netdev_addr_lock_key,
- macsec_get_nest_level(dev));
err = netdev_upper_dev_link(real_dev, dev, extack);
if (err < 0)
--
2.17.1
next prev parent reply other threads:[~2019-09-16 13:49 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-16 13:47 [PATCH net v3 00/11] net: fix nested device bugs Taehee Yoo
2019-09-16 13:47 ` [PATCH net v3 01/11] net: core: limit nested device depth Taehee Yoo
2019-09-16 13:47 ` [PATCH net v3 02/11] vlan: use dynamic lockdep key instead of subclass Taehee Yoo
2019-09-16 13:47 ` [PATCH net v3 03/11] bonding: fix unexpected IFF_BONDING bit unset Taehee Yoo
2019-09-16 14:16 ` Jay Vosburgh
2019-09-16 14:49 ` Jiri Pirko
2019-09-16 15:03 ` Jay Vosburgh
2019-09-16 13:47 ` [PATCH net v3 04/11] bonding: use dynamic lockdep key instead of subclass Taehee Yoo
2019-09-16 13:47 ` [PATCH net v3 05/11] team: use dynamic lockdep key instead of static key Taehee Yoo
2019-09-16 13:47 ` Taehee Yoo [this message]
2019-09-16 13:47 ` [PATCH net v3 07/11] macvlan: use dynamic lockdep key instead of subclass Taehee Yoo
2019-09-16 13:47 ` [PATCH net v3 08/11] macsec: fix refcnt leak in module exit routine Taehee Yoo
2019-09-16 13:48 ` [PATCH net v3 09/11] net: core: add ignore flag to netdev_adjacent structure Taehee Yoo
2019-09-20 23:24 ` Jakub Kicinski
2019-09-20 23:55 ` Jakub Kicinski
2019-09-22 12:54 ` Taehee Yoo
2019-09-16 13:48 ` [PATCH net v3 10/11] vxlan: add adjacent link to limit depth level Taehee Yoo
2019-09-20 23:48 ` Jakub Kicinski
2019-09-22 12:35 ` Taehee Yoo
2019-09-16 13:48 ` [PATCH net v3 11/11] net: remove unnecessary variables and callback Taehee Yoo
2019-09-20 23:59 ` [PATCH net v3 00/11] net: fix nested device bugs Jakub Kicinski
2019-09-22 14:36 ` Taehee Yoo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190916134802.8252-7-ap420073@gmail.com \
--to=ap420073@gmail.com \
--cc=andy@greyhouse.net \
--cc=davem@davemloft.net \
--cc=haiyangz@microsoft.com \
--cc=hare@suse.de \
--cc=j.vosburgh@gmail.com \
--cc=jay.vosburgh@canonical.com \
--cc=jiri@resnulli.us \
--cc=kgraul@linux.ibm.com \
--cc=kys@microsoft.com \
--cc=manishc@marvell.com \
--cc=netdev@vger.kernel.org \
--cc=rahulv@marvell.com \
--cc=roopa@cumulusnetworks.com \
--cc=saeedm@mellanox.com \
--cc=sashal@kernel.org \
--cc=sd@queasysnail.net \
--cc=stephen@networkplumber.org \
--cc=ubraun@linux.ibm.com \
--cc=varun@chelsio.com \
--cc=vfalico@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).