iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a7809ff90ce6c48598d3c4ab54eb599bec1e9c42
linux/net/qrtr
History
Manivannan Sadhasivam a7809ff90c net: qrtr: ns: Protect radix_tree_deref_slot() using rcu read locks 
The rcu read locks are needed to avoid potential race condition while
dereferencing radix tree from multiple threads. The issue was identified
by syzbot. Below is the crash report:

=============================
WARNING: suspicious RCU usage
5.7.0-syzkaller #0 Not tainted
-----------------------------
include/linux/radix-tree.h:176 suspicious rcu_dereference_check() usage!

other info that might help us debug this:

rcu_scheduler_active = 2, debug_locks = 1
2 locks held by kworker/u4:1/21:
 #0: ffff88821b097938 ((wq_completion)qrtr_ns_handler){+.+.}-{0:0}, at: spin_unlock_irq include/linux/spinlock.h:403 [inline]
 #0: ffff88821b097938 ((wq_completion)qrtr_ns_handler){+.+.}-{0:0}, at: process_one_work+0x6df/0xfd0 kernel/workqueue.c:2241
 #1: ffffc90000dd7d80 ((work_completion)(&qrtr_ns.work)){+.+.}-{0:0}, at: process_one_work+0x71e/0xfd0 kernel/workqueue.c:2243

stack backtrace:
CPU: 0 PID: 21 Comm: kworker/u4:1 Not tainted 5.7.0-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: qrtr_ns_handler qrtr_ns_worker
Call Trace:
 __dump_stack lib/dump_stack.c:77 [inline]
 dump_stack+0x1e9/0x30e lib/dump_stack.c:118
 radix_tree_deref_slot include/linux/radix-tree.h:176 [inline]
 ctrl_cmd_new_lookup net/qrtr/ns.c:558 [inline]
 qrtr_ns_worker+0x2aff/0x4500 net/qrtr/ns.c:674
 process_one_work+0x76e/0xfd0 kernel/workqueue.c:2268
 worker_thread+0xa7f/0x1450 kernel/workqueue.c:2414
 kthread+0x353/0x380 kernel/kthread.c:268

Fixes: 0c2204a4ad ("net: qrtr: Migrate nameservice to kernel from userspace")
Reported-and-tested-by: syzbot+0f84f6eed90503da72fc@syzkaller.appspotmail.com
Signed-off-by: Manivannan Sadhasivam <manivannan.sadhasivam@linaro.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-09-28 15:54:57 -07:00
..
Kconfig
treewide: replace '---help---' in Kconfig files with 'help'
2020-06-14 01:57:21 +09:00
Makefile
net: qrtr: Add MHI transport layer
2020-05-07 13:21:12 -07:00
mhi.c
net: qrtr: Add MHI transport layer
2020-05-07 13:21:12 -07:00
ns.c
net: qrtr: ns: Protect radix_tree_deref_slot() using rcu read locks
2020-09-28 15:54:57 -07:00
qrtr.c
net: qrtr: check skb_put_padto() return value
2020-09-09 11:04:39 -07:00
qrtr.h
net: qrtr: Fix FIXME related to qrtr_ns_init()
2020-03-03 17:52:21 -08:00
smd.c
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 284
2019-06-05 17:36:37 +02:00
tun.c
net: qrtr: Simplify 'qrtr_tun_release()'
2019-10-30 17:58:23 -07:00