1 From e0f83d268974dab0361d11904dfc9acec53f96a6 Mon Sep 17 00:00:00 2001
2 From: Eric Dumazet <edumazet@google.com>
3 Date: Fri, 11 Oct 2024 17:12:17 +0000
4 Subject: [PATCH] genetlink: hold RCU in genlmsg_mcast()
6 [ Upstream commit 56440d7ec28d60f8da3bfa09062b3368ff9b16db ]
8 While running net selftests with CONFIG_PROVE_RCU_LIST=y I saw
11 genlmsg_mcast() uses for_each_net_rcu(), and must therefore hold RCU.
13 Instead of letting all callers guard genlmsg_multicast_allns()
14 with a rcu_read_lock()/rcu_read_unlock() pair, do it in genlmsg_mcast().
16 This also means the @flags parameter is useless, we need to always use
20 [10882.424136] =============================
21 [10882.424166] WARNING: suspicious RCU usage
22 [10882.424309] 6.12.0-rc2-virtme #1156 Not tainted
23 [10882.424400] -----------------------------
24 [10882.424423] net/netlink/genetlink.c:1940 RCU-list traversed in non-reader section!!
26 other info that might help us debug this:
29 rcu_scheduler_active = 2, debug_locks = 1
30 [10882.424744] 2 locks held by ip/15677:
31 [10882.424791] #0: ffffffffb6b491b0 (cb_lock){++++}-{3:3}, at: genl_rcv (net/netlink/genetlink.c:1219)
32 [10882.426334] #1: ffffffffb6b49248 (genl_mutex){+.+.}-{3:3}, at: genl_rcv_msg (net/netlink/genetlink.c:61 net/netlink/genetlink.c:57 net/netlink/genetlink.c:1209)
35 [10882.426805] CPU: 14 UID: 0 PID: 15677 Comm: ip Not tainted 6.12.0-rc2-virtme #1156
36 [10882.426919] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
37 [10882.427046] Call Trace:
39 [10882.427244] dump_stack_lvl (lib/dump_stack.c:123)
40 [10882.427335] lockdep_rcu_suspicious (kernel/locking/lockdep.c:6822)
41 [10882.427387] genlmsg_multicast_allns (net/netlink/genetlink.c:1940 (discriminator 7) net/netlink/genetlink.c:1977 (discriminator 7))
42 [10882.427436] l2tp_tunnel_notify.constprop.0 (net/l2tp/l2tp_netlink.c:119) l2tp_netlink
43 [10882.427683] l2tp_nl_cmd_tunnel_create (net/l2tp/l2tp_netlink.c:253) l2tp_netlink
44 [10882.427748] genl_family_rcv_msg_doit (net/netlink/genetlink.c:1115)
45 [10882.427834] genl_rcv_msg (net/netlink/genetlink.c:1195 net/netlink/genetlink.c:1210)
46 [10882.427877] ? __pfx_l2tp_nl_cmd_tunnel_create (net/l2tp/l2tp_netlink.c:186) l2tp_netlink
47 [10882.427927] ? __pfx_genl_rcv_msg (net/netlink/genetlink.c:1201)
48 [10882.427959] netlink_rcv_skb (net/netlink/af_netlink.c:2551)
49 [10882.428069] genl_rcv (net/netlink/genetlink.c:1220)
50 [10882.428095] netlink_unicast (net/netlink/af_netlink.c:1332 net/netlink/af_netlink.c:1357)
51 [10882.428140] netlink_sendmsg (net/netlink/af_netlink.c:1901)
52 [10882.428210] ____sys_sendmsg (net/socket.c:729 (discriminator 1) net/socket.c:744 (discriminator 1) net/socket.c:2607 (discriminator 1))
54 Fixes: 33f72e6f0c67 ("l2tp : multicast notification to the registered listeners")
55 Signed-off-by: Eric Dumazet <edumazet@google.com>
56 Cc: James Chapman <jchapman@katalix.com>
57 Cc: Tom Parkin <tparkin@katalix.com>
58 Cc: Johannes Berg <johannes.berg@intel.com>
59 Link: https://patch.msgid.link/20241011171217.3166614-1-edumazet@google.com
60 Signed-off-by: Jakub Kicinski <kuba@kernel.org>
61 Signed-off-by: Sasha Levin <sashal@kernel.org>
63 drivers/target/target_core_user.c | 2 +-
64 include/net/genetlink.h | 3 +--
65 net/l2tp/l2tp_netlink.c | 4 ++--
66 net/netlink/genetlink.c | 28 ++++++++++++++--------------
67 net/wireless/nl80211.c | 8 ++------
68 5 files changed, 20 insertions(+), 25 deletions(-)
70 --- a/backport-include/net/genetlink.h
71 +++ b/backport-include/net/genetlink.h
72 @@ -150,7 +150,7 @@ int genlmsg_multicast(const struct genl_
73 #define genlmsg_multicast_allns LINUX_BACKPORT(genlmsg_multicast_allns)
74 int backport_genlmsg_multicast_allns(const struct genl_family *family,
75 struct sk_buff *skb, u32 portid,
76 - unsigned int group, gfp_t flags);
77 + unsigned int group);
79 #define genl_family_attrbuf LINUX_BACKPORT(genl_family_attrbuf)
80 static inline struct nlattr **genl_family_attrbuf(struct genl_family *family)
81 --- a/compat/backport-genetlink.c
82 +++ b/compat/backport-genetlink.c
83 @@ -198,23 +198,23 @@ int genlmsg_multicast(const struct genl_
85 EXPORT_SYMBOL_GPL(genlmsg_multicast);
87 -static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group,
89 +static int genlmsg_mcast(struct sk_buff *skb, u32 portid, unsigned long group)
92 struct net *net, *prev = NULL;
93 bool delivered = false;
97 for_each_net_rcu(net) {
99 - tmp = skb_clone(skb, flags);
100 + tmp = skb_clone(skb, GFP_ATOMIC);
105 err = nlmsg_multicast(prev->genl_sock, tmp,
106 - portid, group, flags);
107 + portid, group, GFP_ATOMIC);
110 else if (err != -ESRCH)
111 @@ -223,25 +223,29 @@ static int genlmsg_mcast(struct sk_buff
115 + err = nlmsg_multicast(prev->genl_sock, skb, portid, group, GFP_ATOMIC);
119 - err = nlmsg_multicast(prev->genl_sock, skb, portid, group, flags);
122 else if (err != -ESRCH)
124 return delivered ? 0 : -ESRCH;
132 int backport_genlmsg_multicast_allns(const struct genl_family *family,
133 struct sk_buff *skb, u32 portid,
134 - unsigned int group, gfp_t flags)
135 + unsigned int group)
137 group = __backport_genl_group(family, group);
138 if (group == INVALID_GROUP)
140 - return genlmsg_mcast(skb, portid, group, flags);
141 + return genlmsg_mcast(skb, portid, group);
143 EXPORT_SYMBOL_GPL(backport_genlmsg_multicast_allns);
144 --- a/net/wireless/nl80211.c
145 +++ b/net/wireless/nl80211.c
146 @@ -17956,10 +17956,8 @@ void nl80211_common_reg_change_event(enu
148 genlmsg_end(msg, hdr);
151 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
152 - NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
154 + NL80211_MCGRP_REGULATORY);
158 @@ -18692,10 +18690,8 @@ void nl80211_send_beacon_hint_event(stru
160 genlmsg_end(msg, hdr);
163 genlmsg_multicast_allns(&nl80211_fam, msg, 0,
164 - NL80211_MCGRP_REGULATORY, GFP_ATOMIC);
166 + NL80211_MCGRP_REGULATORY);
projects / openwrt / staging / blocktrron.git / blob