Eric Dumazet
009d455f96
net: add annotations on hh->hh_len lockless accesses
[ Upstream commit c305c6ae79e2ce20c22660ceda94f0d86d639a82 ]
KCSAN reported a data-race [1]
While we can use READ_ONCE() on the read sides,
we need to make sure hh->hh_len is written last.
[1]
BUG: KCSAN: data-race in eth_header_cache / neigh_resolve_output
write to 0xffff8880b9dedcb8 of 4 bytes by task 29760 on cpu 0:
eth_header_cache+0xa9/0xd0 net/ethernet/eth.c:247
neigh_hh_init net/core/neighbour.c:1463 [inline]
neigh_resolve_output net/core/neighbour.c:1480 [inline]
neigh_resolve_output+0x415/0x470 net/core/neighbour.c:1470
neigh_output include/net/neighbour.h:511 [inline]
ip6_finish_output2+0x7a2/0xec0 net/ipv6/ip6_output.c:116
__ip6_finish_output net/ipv6/ip6_output.c:142 [inline]
__ip6_finish_output+0x2d7/0x330 net/ipv6/ip6_output.c:127
ip6_finish_output+0x41/0x160 net/ipv6/ip6_output.c:152
NF_HOOK_COND include/linux/netfilter.h:294 [inline]
ip6_output+0xf2/0x280 net/ipv6/ip6_output.c:175
dst_output include/net/dst.h:436 [inline]
NF_HOOK include/linux/netfilter.h:305 [inline]
ndisc_send_skb+0x459/0x5f0 net/ipv6/ndisc.c:505
ndisc_send_ns+0x207/0x430 net/ipv6/ndisc.c:647
rt6_probe_deferred+0x98/0xf0 net/ipv6/route.c:615
process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
worker_thread+0xa0/0x800 kernel/workqueue.c:2415
kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352
read to 0xffff8880b9dedcb8 of 4 bytes by task 29572 on cpu 1:
neigh_resolve_output net/core/neighbour.c:1479 [inline]
neigh_resolve_output+0x113/0x470 net/core/neighbour.c:1470
neigh_output include/net/neighbour.h:511 [inline]
ip6_finish_output2+0x7a2/0xec0 net/ipv6/ip6_output.c:116
__ip6_finish_output net/ipv6/ip6_output.c:142 [inline]
__ip6_finish_output+0x2d7/0x330 net/ipv6/ip6_output.c:127
ip6_finish_output+0x41/0x160 net/ipv6/ip6_output.c:152
NF_HOOK_COND include/linux/netfilter.h:294 [inline]
ip6_output+0xf2/0x280 net/ipv6/ip6_output.c:175
dst_output include/net/dst.h:436 [inline]
NF_HOOK include/linux/netfilter.h:305 [inline]
ndisc_send_skb+0x459/0x5f0 net/ipv6/ndisc.c:505
ndisc_send_ns+0x207/0x430 net/ipv6/ndisc.c:647
rt6_probe_deferred+0x98/0xf0 net/ipv6/route.c:615
process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
worker_thread+0xa0/0x800 kernel/workqueue.c:2415
kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352
Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 29572 Comm: kworker/1:4 Not tainted 5.4.0-rc6+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events rt6_probe_deferred
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2020-01-12 11:22:45 +01:00
..
2019-11-10 11:21:11 +01:00
2018-05-16 10:06:50 +02:00
2017-08-11 09:08:52 -07:00
2019-12-21 10:35:40 +01:00
2017-01-15 13:41:35 +01:00
2018-02-25 11:03:55 +01:00
2017-07-05 14:37:13 +02:00
2019-11-10 11:21:11 +01:00
2015-09-24 15:21:54 -07:00
2019-05-16 19:44:52 +02:00
2019-11-10 11:21:14 +01:00
2015-09-01 17:00:24 -07:00
2015-07-08 13:59:20 -07:00
2015-02-19 15:45:53 -05:00
2015-04-02 14:04:59 -04:00
2015-10-08 04:27:03 -07:00
2018-02-25 11:03:34 +01:00
2020-01-12 11:22:45 +01:00
2019-12-05 15:27:01 +01:00
2019-03-23 08:44:22 +01:00
2014-01-05 20:27:54 -05:00
2015-08-29 13:05:16 -07:00
2015-12-07 10:09:03 -05:00
2015-05-31 00:03:21 -07:00
2019-09-10 10:29:50 +01:00
2015-12-03 10:18:21 -05:00
2019-06-11 12:24:12 +02:00
2015-11-03 11:08:22 -05:00
2015-10-05 03:19:06 -07:00
2019-11-28 18:25:26 +01:00
2016-03-03 15:07:05 -08:00
2015-05-25 22:55:37 -04:00
2019-02-23 09:05:14 +01:00
2018-01-17 09:35:29 +01:00
2019-12-05 15:27:07 +01:00
2019-09-06 10:18:15 +02:00
2018-04-13 19:50:11 +02:00
2015-07-09 14:17:15 -07:00
2015-10-26 22:24:22 -07:00
2015-10-08 05:26:35 -07:00