From: Jakub Sitnicki <jakub@cloudflare.com>
To: Eric Dumazet <edumazet@google.com>
Cc: patchwork-bot+netdevbpf@kernel.org, netdev@vger.kernel.org,
davem@davemloft.net, kuba@kernel.org, pabeni@redhat.com,
tparkin@katalix.com, g1042620637@gmail.com
Subject: Re: [PATCH net v4] l2tp: Serialize access to sk_user_data with sk_callback_lock
Date: Thu, 17 Nov 2022 10:35:02 +0100 [thread overview]
Message-ID: <871qq13oex.fsf@cloudflare.com> (raw)
In-Reply-To: <CANn89iLQUZnyGNCn2GpW31FXpE_Lt7a5Urr21RqzfAE4sYxs+w@mail.gmail.com>
On Thu, Nov 17, 2022 at 01:07 AM -08, Eric Dumazet wrote:
> On Wed, Nov 16, 2022 at 5:30 AM <patchwork-bot+netdevbpf@kernel.org> wrote:
>>
>> Hello:
>>
>> This patch was applied to netdev/net.git (master)
>> by David S. Miller <davem@davemloft.net>:
>>
>> On Mon, 14 Nov 2022 20:16:19 +0100 you wrote:
>> > sk->sk_user_data has multiple users, which are not compatible with each
>> > other. Writers must synchronize by grabbing the sk->sk_callback_lock.
>> >
>> > l2tp currently fails to grab the lock when modifying the underlying tunnel
>> > socket fields. Fix it by adding appropriate locking.
>> >
>> > We err on the side of safety and grab the sk_callback_lock also inside the
>> > sk_destruct callback overridden by l2tp, even though there should be no
>> > refs allowing access to the sock at the time when sk_destruct gets called.
>> >
>> > [...]
>>
>> Here is the summary with links:
>> - [net,v4] l2tp: Serialize access to sk_user_data with sk_callback_lock
>> https://git.kernel.org/netdev/net/c/b68777d54fac
>>
>>
>
> I guess this patch has not been tested with LOCKDEP, right ?
>
> sk_callback_lock always needs _bh safety.
>
> I will send something like:
>
> diff --git a/net/l2tp/l2tp_core.c b/net/l2tp/l2tp_core.c
> index 754fdda8a5f52e4e8e2c0f47331c3b22765033d0..a3b06a3cf68248f5ec7ae8be2a9711d0f482ac36
> 100644
> --- a/net/l2tp/l2tp_core.c
> +++ b/net/l2tp/l2tp_core.c
> @@ -1474,7 +1474,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel
> *tunnel, struct net *net,
> }
>
> sk = sock->sk;
> - write_lock(&sk->sk_callback_lock);
> + write_lock_bh(&sk->sk_callback_lock);
>
> ret = l2tp_validate_socket(sk, net, tunnel->encap);
> if (ret < 0)
> @@ -1522,7 +1522,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel
> *tunnel, struct net *net,
> if (tunnel->fd >= 0)
> sockfd_put(sock);
>
> - write_unlock(&sk->sk_callback_lock);
> + write_unlock_bh(&sk->sk_callback_lock);
> return 0;
>
> err_sock:
> @@ -1531,7 +1531,7 @@ int l2tp_tunnel_register(struct l2tp_tunnel
> *tunnel, struct net *net,
> else
> sockfd_put(sock);
>
> - write_unlock(&sk->sk_callback_lock);
> + write_unlock_bh(&sk->sk_callback_lock);
> err:
> return ret;
> }
Hmm, weird. I double checked - I have PROVE_LOCKING enabled.
Didn't see any lockdep reports when running selftests/net/l2tp.sh.
I my defense - I thought _bh was not needed because
l2tp_tunnel_register() gets called only in the process context. I mean,
it's triggered by Netlink sendmsg, but that gets processed in-line
AFAIU:
netlink_sendmsg
netlink_unicast
->netlink_rcv
genl_rcv
genl_rcv_msg
genl_family_rcv_msg
genl_family_rcv_msg_doit
->doit
l2tp_nl_cmd_tunnel_create
l2tp_tunnel_register
next prev parent reply other threads:[~2022-11-17 9:45 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-14 19:16 [PATCH net v4] l2tp: Serialize access to sk_user_data with sk_callback_lock Jakub Sitnicki
2022-11-15 11:12 ` Tom Parkin
2022-11-16 13:30 ` patchwork-bot+netdevbpf
2022-11-17 9:07 ` Eric Dumazet
2022-11-17 9:35 ` Jakub Sitnicki [this message]
2022-11-17 9:54 ` Eric Dumazet
2022-11-17 9:40 ` Eric Dumazet
2022-11-17 9:55 ` Jakub Sitnicki
2022-11-18 10:28 ` Eric Dumazet
2022-11-18 10:57 ` Jakub Sitnicki
2022-11-18 11:09 ` Eric Dumazet
2022-11-19 13:04 ` Jakub Sitnicki
2022-12-02 9:50 ` Hangbin Liu
2022-12-05 10:24 ` Jakub Sitnicki
2022-12-05 12:37 ` Hangbin Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=871qq13oex.fsf@cloudflare.com \
--to=jakub@cloudflare.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=g1042620637@gmail.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=patchwork-bot+netdevbpf@kernel.org \
--cc=tparkin@katalix.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).