From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jia-Ju Bai Subject: Re: [PATCH] net: ipv6: route: Fix a sleep-in-atomic-context bug in ip6_convert_metrics() Date: Tue, 4 Sep 2018 11:38:12 +0800 Message-ID: <6976ed37-d42e-e166-e298-053a35ddc479@gmail.com> References: <20180901111958.26529-1-baijiaju1990@gmail.com> <94b1372d-43da-1a9a-9cde-40c855050552@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org To: David Ahern , davem@davemloft.net, kuznet@ms2.inr.ac.ru, yoshfuji@linux-ipv6.org Return-path: In-Reply-To: <94b1372d-43da-1a9a-9cde-40c855050552@gmail.com> Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org List-Id: netdev.vger.kernel.org On 2018/9/4 10:40, David Ahern wrote: > On 9/1/18 5:19 AM, Jia-Ju Bai wrote: >> The kernel module may sleep with holding a spinlock. >> >> The function call paths (from bottom to top) in Linux-4.16 are: >> >> [FUNC] kzalloc(GFP_KERNEL) >> net/ipv6/route.c, 2430: >> kzalloc in ip6_convert_metrics >> net/ipv6/route.c, 2890: >> ip6_convert_metrics in ip6_route_add >> net/ipv6/addrconf.c, 2322: >> ip6_route_add in addrconf_prefix_route >> net/ipv6/addrconf.c, 3331: >> addrconf_prefix_route in fixup_permanent_addr >> net/ipv6/addrconf.c, 3354: >> fixup_permanent_addr in addrconf_permanent_addr >> net/ipv6/addrconf.c, 3358: >> _raw_write_lock_bh in addrconf_permanent_addr >> >> To fix this bug, GFP_KERNEL is replaced with GFP_ATOMIC. >> >> This bug is found by my static analysis tool DSAC. > No kernel change is needed. Your static analysis tool and you in sending > out patches need to take into context. > > ip6_convert_metrics only calls kzalloc when fc_mx is set. fc_mx is only > set via the RTA_METRICS attribute and only from the userspace call path. > Hence, kzalloc with GFP_KERNEL is the appropriate argument. Oh, sorry for my false report. Best wishes, Jia-Ju Bai