redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/drivers
History
Eric Dumazet 3900f9268a net: add annotations on hh->hh_len lockless accesses 
[ Upstream commit c305c6ae79 ]

KCSAN reported a data-race [1]

While we can use READ_ONCE() on the read sides,
we need to make sure hh->hh_len is written last.

[1]

BUG: KCSAN: data-race in eth_header_cache / neigh_resolve_output

write to 0xffff8880b9dedcb8 of 4 bytes by task 29760 on cpu 0:
 eth_header_cache+0xa9/0xd0 net/ethernet/eth.c:247
 neigh_hh_init net/core/neighbour.c:1463 [inline]
 neigh_resolve_output net/core/neighbour.c:1480 [inline]
 neigh_resolve_output+0x415/0x470 net/core/neighbour.c:1470
 neigh_output include/net/neighbour.h:511 [inline]
 ip6_finish_output2+0x7a2/0xec0 net/ipv6/ip6_output.c:116
 __ip6_finish_output net/ipv6/ip6_output.c:142 [inline]
 __ip6_finish_output+0x2d7/0x330 net/ipv6/ip6_output.c:127
 ip6_finish_output+0x41/0x160 net/ipv6/ip6_output.c:152
 NF_HOOK_COND include/linux/netfilter.h:294 [inline]
 ip6_output+0xf2/0x280 net/ipv6/ip6_output.c:175
 dst_output include/net/dst.h:436 [inline]
 NF_HOOK include/linux/netfilter.h:305 [inline]
 ndisc_send_skb+0x459/0x5f0 net/ipv6/ndisc.c:505
 ndisc_send_ns+0x207/0x430 net/ipv6/ndisc.c:647
 rt6_probe_deferred+0x98/0xf0 net/ipv6/route.c:615
 process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
 worker_thread+0xa0/0x800 kernel/workqueue.c:2415
 kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

read to 0xffff8880b9dedcb8 of 4 bytes by task 29572 on cpu 1:
 neigh_resolve_output net/core/neighbour.c:1479 [inline]
 neigh_resolve_output+0x113/0x470 net/core/neighbour.c:1470
 neigh_output include/net/neighbour.h:511 [inline]
 ip6_finish_output2+0x7a2/0xec0 net/ipv6/ip6_output.c:116
 __ip6_finish_output net/ipv6/ip6_output.c:142 [inline]
 __ip6_finish_output+0x2d7/0x330 net/ipv6/ip6_output.c:127
 ip6_finish_output+0x41/0x160 net/ipv6/ip6_output.c:152
 NF_HOOK_COND include/linux/netfilter.h:294 [inline]
 ip6_output+0xf2/0x280 net/ipv6/ip6_output.c:175
 dst_output include/net/dst.h:436 [inline]
 NF_HOOK include/linux/netfilter.h:305 [inline]
 ndisc_send_skb+0x459/0x5f0 net/ipv6/ndisc.c:505
 ndisc_send_ns+0x207/0x430 net/ipv6/ndisc.c:647
 rt6_probe_deferred+0x98/0xf0 net/ipv6/route.c:615
 process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
 worker_thread+0xa0/0x800 kernel/workqueue.c:2415
 kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 29572 Comm: kworker/1:4 Not tainted 5.4.0-rc6+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events rt6_probe_deferred

Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2020-01-09 10:20:06 +01:00
..
accessibility
acpi ACPI: sysfs: Change ACPI_MASKABLE_GPE_MAX to 0x100 2020-01-09 10:20:02 +01:00
amba ARM updates for 5.4-rc: 2019-10-23 06:26:33 -04:00
android binder: fix incorrect calculation for num_valid 2019-12-17 19:55:33 +01:00
ata libata: Fix retrieving of active qcs 2020-01-09 10:19:59 +01:00
atm atm: he: clean up an indentation issue 2019-09-25 13:54:45 +02:00
auxdisplay It's a somewhat calmer cycle for docs this time, as the churn of the mass 2019-09-17 16:22:26 -07:00
base firmware_loader: Fix labels with comma for builtin firmware 2019-12-31 16:45:39 +01:00
bcma bcma: make arrays pwr_info_offset and sprom_sizes static const, shrinks object size 2019-09-13 16:44:49 +03:00
block xen-blkback: prevent premature module unload 2020-01-09 10:19:51 +01:00
bluetooth Bluetooth: btusb: fix PM leak in error case of setup 2020-01-09 10:20:04 +01:00
bus bus: ti-sysc: Fix watchdog quirk handling 2019-10-18 08:45:32 -07:00
cdrom cdrom: respect device capabilities during opening action 2020-01-04 19:18:25 +01:00
char tpm: fix invalid locking in NONBLOCKING mode 2019-12-31 16:45:52 +01:00
clk clk: pxa: fix one of the pxa RTC clocks 2020-01-04 19:18:11 +01:00
clocksource clocksource: riscv: add notrace to riscv_sched_clock 2020-01-09 10:19:59 +01:00
connector
counter
cpufreq cpufreq: Register drivers only after CPU devices have been registered 2019-12-31 16:45:26 +01:00
cpuidle cpuidle: use first valid target residency as poll time 2019-12-17 19:56:23 +01:00
crypto crypto: vmx - Avoid weird build failures 2019-12-31 16:45:45 +01:00
dax
dca
devfreq PM / devfreq: Check NULL governor in available_governors_show 2020-01-09 10:20:01 +01:00
dio
dma dmaengine: virt-dma: Fix access after free in vchan_complete() 2020-01-09 10:20:00 +01:00
dma-buf dma-buf: Fix memory leak in sync_file_merge() 2019-12-21 11:04:48 +01:00
edac EDAC/ghes: Fix grain calculation 2019-12-31 16:45:16 +01:00
eisa
extcon extcon: sm5502: Reset registers during initialization 2019-12-31 16:44:04 +01:00
firewire net: add annotations on hh->hh_len lockless accesses 2020-01-09 10:20:06 +01:00
firmware firmware: arm_scmi: Avoid double free in error flow 2020-01-09 10:20:03 +01:00
fpga Char/Misc driver patches for 5.4-rc1 2019-09-18 11:14:31 -07:00
fsi fsi: core: Fix small accesses and unaligned offsets via sysfs 2019-12-31 16:45:09 +01:00
gnss
gpio gpiolib: fix up emulated open drain outputs 2020-01-09 10:19:59 +01:00
gpu drm/i915/execlists: Fix annotation for decoupling virtual request 2020-01-09 10:20:06 +01:00
greybus
hid HID: i2c-hid: Reset ALPS touchpads on resume 2020-01-09 10:20:02 +01:00
hsi HSI changes for the 5.4 series 2019-09-22 12:02:21 -07:00
hv Drivers: hv: vmbus: Fix crash handler reset of Hyper-V synic 2020-01-04 19:18:21 +01:00
hwmon hwmon: (ina3221) Fix read timeout issue 2019-10-28 18:46:55 -07:00
hwspinlock
hwtracing intel_th: msu: Fix window switching without windows 2019-12-31 16:46:09 +01:00
i2c i2c: stm32f7: fix & reorder remove & probe error handling 2020-01-04 19:17:27 +01:00
i3c
ide
idle
iio iio: adc: max9611: Fix too short conversion time delay 2020-01-09 10:19:43 +01:00
infiniband IB/mlx5: Fix steering rule of drop and count 2020-01-09 10:19:50 +01:00
input Input: ili210x - handle errors from input_mt_init_slots() 2020-01-04 19:17:34 +01:00
interconnect interconnect: qcom: qcs404: Walk the list safely on node removal 2019-12-17 19:55:39 +01:00
iommu iommu/vt-d: Remove incorrect PSI capability check 2020-01-09 10:20:02 +01:00
ipack
irqchip irqchip: ingenic: Error out if IRQ domain creation failed 2020-01-04 19:17:22 +01:00
isdn net: use skb_queue_empty_lockless() in poll() handlers 2019-10-28 13:33:41 -07:00
leds leds: trigger: netdev: fix handling on interface rename 2020-01-04 19:17:05 +01:00
lightnvm lightnvm: print error when target is not found 2019-09-05 13:17:01 -06:00
macintosh cpufreq: Use per-policy frequency QoS 2019-10-21 02:05:21 +02:00
mailbox mailbox: imx: Fix Tx doorbell shutdown path 2020-01-04 19:18:30 +01:00
mcb
md md: raid1: check rdev before reference in raid1_sync_request func 2020-01-09 10:19:48 +01:00
media media: usb: fix memory leak in af9005_identify_state 2020-01-09 10:20:05 +01:00
memory iommu/mediatek: Clean up struct mtk_smi_iommu 2019-08-30 15:57:27 +02:00
memstick memstick: jmb38x_ms: Fix an error handling path in 'jmb38x_ms_probe()' 2019-10-09 11:08:03 +02:00
message
mfd mfd: mt6397: Fix probe after changing mt6397-core 2019-10-24 08:49:25 +01:00
misc habanalabs: skip VA block list update in reset flow 2020-01-04 19:18:18 +01:00
mmc mmc: sdhci-of-esdhc: re-implement erratum A-009204 workaround 2020-01-04 19:19:19 +01:00
mtd mtd: rawnand: Change calculating of position page containing BBM 2019-12-17 19:55:54 +01:00
mux
net ath9k_htc: Discard undersized packets 2020-01-09 10:20:06 +01:00
nfc NFC: nxp-nci: Fix probing without ACPI 2019-12-31 16:41:49 +01:00
ntb NTB: fix IDT Kconfig typos/spellos 2019-09-23 17:20:40 -04:00
nubus
nvdimm libnvdimm/btt: fix variable 'rc' set but not used 2020-01-04 19:18:12 +01:00
nvme nvme/pci: Fix read queue count 2020-01-09 10:19:43 +01:00
nvmem nvmem: imx-ocotp: reset error status on probe 2019-12-31 16:44:42 +01:00
of of: overlay: add_changeset_property() memory leak 2020-01-09 10:20:03 +01:00
opp opp: Reinitialize the list_kref before adding the static OPPs again 2019-10-23 10:58:44 +05:30
oprofile
parisc parisc: Remove 32-bit DMA enforcement from sba_iommu 2019-10-14 21:44:26 +02:00
parport parport: load lowlevel driver if ports not found 2019-12-31 16:45:25 +01:00
pci PCI: Add a helper to check Power Resource Requirements _PR3 existence 2020-01-09 10:19:52 +01:00
pcmcia Merge branch 'next-lockdown' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2019-09-28 08:14:15 -07:00
perf Merge branches 'for-next/52-bit-kva', 'for-next/cpu-topology', 'for-next/error-injection', 'for-next/perf', 'for-next/psci-cpuidle', 'for-next/rng', 'for-next/smpboot', 'for-next/tbi' and 'for-next/tlbi' into for-next/core 2019-08-30 12:46:12 +01:00
phy phy: renesas: rcar-gen3-usb2: Use platform_get_irq_optional() for optional irq 2020-01-09 10:20:05 +01:00
pinctrl pinctrl: baytrail: Really serialize all register accesses 2019-12-31 16:46:12 +01:00
platform platform/x86: pmc_atom: Add Siemens CONNECT X300 to critclk_systems DMI table 2020-01-09 10:20:03 +01:00
pnp
power power: supply: cpcap-battery: Check voltage before orderly_poweroff 2019-12-31 16:44:12 +01:00
powercap Power management updates for 5.4-rc1 2019-09-17 19:15:14 -07:00
pps
ps3
ptp ptp: fix the race between the release of ptp_clock and cdev 2020-01-04 19:18:48 +01:00
pwm pwm: bcm-iproc: Prevent unloading the driver module while in use 2019-11-08 18:38:06 +01:00
rapidio
ras
regulator regulator: ab8500: Remove AB8505 USB regulator 2020-01-09 10:20:04 +01:00
remoteproc remoteproc updates for v5.4 2019-09-22 10:55:08 -07:00
reset reset: fix of_reset_control_get_count kerneldoc comment 2019-10-24 10:26:33 +02:00
rpmsg rpmsg: glink: Free pending deferred work on remove 2019-12-21 11:04:41 +01:00
rtc rtc: disable uie before setting time and enable after 2019-12-17 19:56:52 +01:00
s390 s390/zcrypt: handle new reply code FILTERED_BY_HYPERVISOR 2020-01-04 19:18:27 +01:00
sbus
scsi scsi: lpfc: Fix rpi release when deleting vport 2020-01-09 10:20:01 +01:00
sfi
sh
siox
slimbus
soc soc: mediatek: cmdq: fixup wrong input order of write api 2019-12-13 08:42:40 +01:00
soundwire soundwire: intel: fix PDI/stream mapping for Bulk 2019-12-31 16:45:11 +01:00
spi spi: uniphier: Fix FIFO threshold 2020-01-09 10:20:04 +01:00
spmi
ssb ssb: make array pwr_info_offset static const, makes object smaller 2019-09-13 17:23:18 +03:00
staging staging/wlan-ng: add CRC32 dependency in Kconfig 2020-01-09 10:19:46 +01:00
target scsi: target: iscsi: Wait for all commands to finish before freeing a session 2020-01-04 19:18:17 +01:00
tc
tee tee/shm: untag user pointers in tee_shm_register 2019-09-25 17:51:41 -07:00
thermal thermal: Fix deadlock in thermal thermal_zone_device_check 2019-12-13 08:43:21 +01:00
thunderbolt thunderbolt: Power cycle the router if NVM authentication fails 2019-12-04 22:30:50 +01:00
tty tty: serial: msm_serial: Fix lockup for sysrq and oops 2020-01-09 10:20:05 +01:00
uio Char/Misc driver patches for 5.4-rc1 2019-09-18 11:14:31 -07:00
usb usb: gadget: fix wrong endpoint desc 2020-01-09 10:19:47 +01:00
vfio vfio/pci: call irq_bypass_unregister_producer() before freeing irq 2019-12-21 11:04:48 +01:00
vhost vhost/vsock: accept only packets with the right dst_cid 2020-01-04 19:19:18 +01:00
video video/hdmi: Fix AVI bar unpack 2019-12-17 19:56:42 +01:00
virt virt: vbox: fix memory leak in hgcm_call_preprocess_linaddr 2019-10-10 14:50:32 +02:00
virtio virtio-balloon: fix managed page counts when migrating pages between zones 2019-12-17 19:55:56 +01:00
visorbus
vlynq
vme
w1 w1: ds250x: Fix build error without CRC16 2019-10-10 15:35:41 +02:00
watchdog watchdog: tqmx86_wdt: Fix build error 2020-01-09 10:20:03 +01:00
xen xen/balloon: fix ballooned page accounting without hotplug enabled 2020-01-09 10:19:51 +01:00
zorro
Kconfig Staging/IIO driver patches for 5.4-rc1 2019-09-18 11:05:34 -07:00
Makefile Staging/IIO driver patches for 5.4-rc1 2019-09-18 11:05:34 -07:00