[PATCH AUTOSEL 6.8 21/30] netpoll: Fix race condition in netpoll_owner_active

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Breno Leitao <leitao@debian.org>,
	Jakub Kicinski <kuba@kernel.org>, Sasha Levin <sashal@kernel.org>,
	davem@davemloft.net, edumazet@google.com, pabeni@redhat.com,
	netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 6.8 21/30] netpoll: Fix race condition in netpoll_owner_active
Date: Mon, 27 May 2024 10:13:30 -0400	[thread overview]
Message-ID: <20240527141406.3852821-21-sashal@kernel.org> (raw)
In-Reply-To: <20240527141406.3852821-1-sashal@kernel.org>

From: Breno Leitao <leitao@debian.org>

[ Upstream commit c2e6a872bde9912f1a7579639c5ca3adf1003916 ]

KCSAN detected a race condition in netpoll:

	BUG: KCSAN: data-race in net_rx_action / netpoll_send_skb
	write (marked) to 0xffff8881164168b0 of 4 bytes by interrupt on cpu 10:
	net_rx_action (./include/linux/netpoll.h:90 net/core/dev.c:6712 net/core/dev.c:6822)
<snip>
	read to 0xffff8881164168b0 of 4 bytes by task 1 on cpu 2:
	netpoll_send_skb (net/core/netpoll.c:319 net/core/netpoll.c:345 net/core/netpoll.c:393)
	netpoll_send_udp (net/core/netpoll.c:?)
<snip>
	value changed: 0x0000000a -> 0xffffffff

This happens because netpoll_owner_active() needs to check if the
current CPU is the owner of the lock, touching napi->poll_owner
non atomically. The ->poll_owner field contains the current CPU holding
the lock.

Use an atomic read to check if the poll owner is the current CPU.

Signed-off-by: Breno Leitao <leitao@debian.org>
Link: https://lore.kernel.org/r/20240429100437.3487432-1-leitao@debian.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 net/core/netpoll.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/netpoll.c b/net/core/netpoll.c
index 543007f159f99..55bcacf67df3b 100644
--- a/net/core/netpoll.c
+++ b/net/core/netpoll.c
@@ -316,7 +316,7 @@ static int netpoll_owner_active(struct net_device *dev)
 	struct napi_struct *napi;
 
 	list_for_each_entry_rcu(napi, &dev->napi_list, dev_list) {
-		if (napi->poll_owner == smp_processor_id())
+		if (READ_ONCE(napi->poll_owner) == smp_processor_id())
 			return 1;
 	}
 	return 0;
-- 
2.43.0

next prev parent reply	other threads:[~2024-05-27 14:15 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-27 14:13 [PATCH AUTOSEL 6.8 01/30] ssb: Fix potential NULL pointer dereference in ssb_device_uevent() Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 02/30] selftests/bpf: Prevent client connect before server bind in test_tc_tunnel.sh Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 03/30] selftests/bpf: Fix flaky test btf_map_in_map/lookup_update Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 04/30] devlink: use kvzalloc() to allocate devlink instance resources Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 05/30] batman-adv: bypass empty buckets in batadv_purge_orig_ref() Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 06/30] wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 07/30] wifi: ath9k: work around memset overflow warning Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 08/30] af_packet: avoid a false positive warning in packet_setsockopt() Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 09/30] ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 10/30] net: sfp: add quirk for another multigig RollBall transceiver Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 11/30] drop_monitor: replace spin_lock by raw_spin_lock Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 12/30] ACPI: resource: Do IRQ override on GMxBGxx (XMG APEX 17 M23) Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 13/30] scsi: qedi: Fix crash while reading debugfs attribute Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 14/30] net: sfp: enhance quirk for Fibrestore 2.5G copper SFP module Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 15/30] net: sfp: add quirk for ATS SFP-GE-T 1000Base-TX module Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 16/30] net/sched: fix false lockdep warning on qdisc root lock Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 17/30] arm64/sysreg: Update PIE permission encodings Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 18/30] kselftest: arm64: Add a null pointer check Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 19/30] net: dsa: realtek: keep default LED state in rtl8366rb Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 20/30] ACPI: resource: Skip IRQ override on Asus Vivobook Pro N6506MV Sasha Levin
2024-05-27 14:13 ` Sasha Levin [this message]
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 22/30] wifi: ath12k: fix the problem that down grade phy mode operation Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 23/30] wifi: mt76: mt7921s: fix potential hung tasks during chip recovery Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 24/30] HID: Add quirk for Logitech Casa touchpad Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 25/30] HID: asus: fix more n-key report descriptors if n-key quirked Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 26/30] ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 27/30] HID: bpf: add in-tree HID-BPF fix for the HP Elite Presenter Mouse Sasha Levin
2024-05-27 14:49   ` Benjamin Tissoires
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 28/30] bpf: avoid uninitialized warnings in verifier_global_subprogs.c Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 29/30] selftests: net: fix timestamp not arriving in cmsg_time.sh Sasha Levin
2024-05-27 14:13 ` [PATCH AUTOSEL 6.8 30/30] Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl Sasha Levin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:543007f159f9 dfblob:55bcacf67df3 )
 OR (
bs:"[PATCH AUTOSEL 6.8 21/30] netpoll: Fix race condition in netpoll_owner_active" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240527141406.3852821-21-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=davem@davemloft.net \
    --cc=edumazet@google.com \
    --cc=kuba@kernel.org \
    --cc=leitao@debian.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=pabeni@redhat.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox