From: Vladimir Oltean <olteanv@gmail.com>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Jakub Kicinski <kuba@kernel.org>,
Eric Dumazet <edumazet@google.com>,
Stephen Hemminger <stephen@networkplumber.org>,
netdev <netdev@vger.kernel.org>,
Paul Gortmaker <paul.gortmaker@windriver.com>,
Jiri Benc <jbenc@redhat.com>, Or Gerlitz <ogerlitz@mellanox.com>,
Cong Wang <xiyou.wangcong@gmail.com>,
Jamal Hadi Salim <jhs@mojatatu.com>, Andrew Lunn <andrew@lunn.ch>,
Florian Fainelli <f.fainelli@gmail.com>,
fw@strlen.de
Subject: Re: Correct usage of dev_base_lock in 2020
Date: Tue, 1 Dec 2020 20:58:22 +0200 [thread overview]
Message-ID: <20201201185822.ggkdhnkmdh3wi5v2@skbuf> (raw)
In-Reply-To: <20201201144238.GA5970@salvia>
On Tue, Dec 01, 2020 at 03:42:38PM +0100, Pablo Neira Ayuso wrote:
> On Mon, Nov 30, 2020 at 08:48:28PM +0200, Vladimir Oltean wrote:
> [...]
> > There are 2 separate classes of problems:
> > - We already have two ways of protecting pure readers: via RCU and via
> > the rwlock. It doesn't help if we also add a second way of locking out
> > pure writers. We need to first clean up what we have. That's the
> > reason why I started the discussion about the rwlock.
> > - Some callers appear to not use any sort of protection at all. Does
> > this code path look ok to you?
> >
> > nfnetlink_rcv_batch
> > -> NFT_MSG_NEWCHAIN
>
> This path holds the nft commit mutex.
>
> > -> nf_tables_addchain
> > -> nft_chain_parse_hook
> > -> nft_chain_parse_netdev
> > -> nf_tables_parse_netdev_hooks
> > -> nft_netdev_hook_alloc
> > -> __dev_get_by_name
> > -> netdev_name_node_lookup: must be under RTNL mutex or dev_base_lock protection
>
> The nf_tables_netdev_event() notifier holds the nft commit mutex too.
> Assuming worst case, race between __dev_get_by_name() and device
> removal, the notifier waits for the NFT_MSG_NEWCHAIN path to finish.
> If the nf_tables_netdev_event() notifier wins race, then
> __dev_get_by_name() hits ENOENT.
>
> The idea is explained here:
>
> commit 90d2723c6d4cb2ace50fc3b932a2bcc77710450b
> Author: Pablo Neira Ayuso <pablo@netfilter.org>
> Date: Tue Mar 20 17:00:19 2018 +0100
>
> netfilter: nf_tables: do not hold reference on netdevice from preparation phase
>
> The netfilter netdevice event handler hold the nfnl_lock mutex, this
> avoids races with a device going away while such device is being
> attached to hooks from the netlink control plane. Therefore, either
> control plane bails out with ENOENT or netdevice event path waits until
> the hook that is attached to net_device is registered.
>
> I can submit a patch adding a comment so anyone else does not get
> confused :-)
Ok, so since you are holding the net->nft.commit_mutex from a code path
that is called under RTNL (call_netdevice_notifiers_info), then you are
indirectly serializing all the other holders of the commit_mutex with
the RTNL mutex.
I think it would really help if you could add a comment, yes.
Some other code paths that call __dev_get_by_name() while not holding
the RTNL mutex or the dev_base_lock:
atrtr_ioctl_addrt() <- atalk_ioctl() <- not under RTNL or dev_base_lock
handle_ip_over_ddp() <- atalk_rcv() <- not under RTNL or dev_base_lock
net/bridge/br_sysfs_if.c: store_backup_port() <- sysfs <- not under RTNL or dev_base_lock
net/netfilter/ipvs/ip_vs_sync.c: start_sync_thread() <- not under RTNL or dev_base_lock
include/net/pkt_cls.h: tcf_change_indev() <- fl_set_key() <- fl_set_parms <- RTNL potentially held depending on bool rtnl_held, dev_base_lock definitely not
next prev parent reply other threads:[~2020-12-01 18:59 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20201129182435.jgqfjbekqmmtaief@skbuf>
2020-11-29 20:58 ` Correct usage of dev_base_lock in 2020 Vladimir Oltean
2020-11-30 5:12 ` Stephen Hemminger
2020-11-30 10:41 ` Eric Dumazet
2020-11-30 18:14 ` Jakub Kicinski
2020-11-30 18:30 ` Eric Dumazet
2020-11-30 18:48 ` Vladimir Oltean
2020-11-30 19:00 ` Eric Dumazet
2020-11-30 19:03 ` Vladimir Oltean
2020-11-30 19:22 ` Eric Dumazet
2020-11-30 19:32 ` Vladimir Oltean
2020-11-30 21:41 ` Florian Fainelli
2020-11-30 19:46 ` Vladimir Oltean
2020-11-30 20:18 ` Eric Dumazet
2020-11-30 20:21 ` Stephen Hemminger
2020-11-30 20:26 ` Vladimir Oltean
2020-11-30 20:29 ` Eric Dumazet
2020-11-30 20:36 ` Vladimir Oltean
2020-11-30 20:43 ` Eric Dumazet
2020-11-30 20:50 ` Vladimir Oltean
2020-11-30 21:00 ` Eric Dumazet
2020-11-30 21:11 ` Vladimir Oltean
2020-11-30 21:46 ` Eric Dumazet
2020-11-30 21:53 ` Vladimir Oltean
2020-11-30 22:20 ` Eric Dumazet
2020-11-30 22:41 ` Vladimir Oltean
2020-12-01 14:42 ` Pablo Neira Ayuso
2020-12-01 18:58 ` Vladimir Oltean [this message]
2020-12-10 4:32 ` [PATCH] net: bonding: retrieve device statistics under RTNL, not RCU kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201201185822.ggkdhnkmdh3wi5v2@skbuf \
--to=olteanv@gmail.com \
--cc=andrew@lunn.ch \
--cc=edumazet@google.com \
--cc=f.fainelli@gmail.com \
--cc=fw@strlen.de \
--cc=jbenc@redhat.com \
--cc=jhs@mojatatu.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=ogerlitz@mellanox.com \
--cc=pablo@netfilter.org \
--cc=paul.gortmaker@windriver.com \
--cc=stephen@networkplumber.org \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox