WSL2-Linux-Kernel/include/net
Eric Dumazet ee8d153d46 net: annotate lockless accesses to sk->sk_napi_id
We already annotated most accesses to sk->sk_napi_id

We missed sk_mark_napi_id() and sk_mark_napi_id_once()
which might be called without socket lock held in UDP stack.

KCSAN reported :
BUG: KCSAN: data-race in udpv6_queue_rcv_one_skb / udpv6_queue_rcv_one_skb

write to 0xffff888121c6d108 of 4 bytes by interrupt on cpu 0:
 sk_mark_napi_id include/net/busy_poll.h:125 [inline]
 __udpv6_queue_rcv_skb net/ipv6/udp.c:571 [inline]
 udpv6_queue_rcv_one_skb+0x70c/0xb40 net/ipv6/udp.c:672
 udpv6_queue_rcv_skb+0xb5/0x400 net/ipv6/udp.c:689
 udp6_unicast_rcv_skb.isra.0+0xd7/0x180 net/ipv6/udp.c:832
 __udp6_lib_rcv+0x69c/0x1770 net/ipv6/udp.c:913
 udpv6_rcv+0x2b/0x40 net/ipv6/udp.c:1015
 ip6_protocol_deliver_rcu+0x22a/0xbe0 net/ipv6/ip6_input.c:409
 ip6_input_finish+0x30/0x50 net/ipv6/ip6_input.c:450
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ip6_input+0x177/0x190 net/ipv6/ip6_input.c:459
 dst_input include/net/dst.h:442 [inline]
 ip6_rcv_finish+0x110/0x140 net/ipv6/ip6_input.c:76
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ipv6_rcv+0x1a1/0x1b0 net/ipv6/ip6_input.c:284
 __netif_receive_skb_one_core+0xa7/0xe0 net/core/dev.c:5010
 __netif_receive_skb+0x37/0xf0 net/core/dev.c:5124
 process_backlog+0x1d3/0x420 net/core/dev.c:5955
 napi_poll net/core/dev.c:6392 [inline]
 net_rx_action+0x3ae/0xa90 net/core/dev.c:6460

write to 0xffff888121c6d108 of 4 bytes by interrupt on cpu 1:
 sk_mark_napi_id include/net/busy_poll.h:125 [inline]
 __udpv6_queue_rcv_skb net/ipv6/udp.c:571 [inline]
 udpv6_queue_rcv_one_skb+0x70c/0xb40 net/ipv6/udp.c:672
 udpv6_queue_rcv_skb+0xb5/0x400 net/ipv6/udp.c:689
 udp6_unicast_rcv_skb.isra.0+0xd7/0x180 net/ipv6/udp.c:832
 __udp6_lib_rcv+0x69c/0x1770 net/ipv6/udp.c:913
 udpv6_rcv+0x2b/0x40 net/ipv6/udp.c:1015
 ip6_protocol_deliver_rcu+0x22a/0xbe0 net/ipv6/ip6_input.c:409
 ip6_input_finish+0x30/0x50 net/ipv6/ip6_input.c:450
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ip6_input+0x177/0x190 net/ipv6/ip6_input.c:459
 dst_input include/net/dst.h:442 [inline]
 ip6_rcv_finish+0x110/0x140 net/ipv6/ip6_input.c:76
 NF_HOOK include/linux/netfilter.h:305 [inline]
 NF_HOOK include/linux/netfilter.h:299 [inline]
 ipv6_rcv+0x1a1/0x1b0 net/ipv6/ip6_input.c:284
 __netif_receive_skb_one_core+0xa7/0xe0 net/core/dev.c:5010
 __netif_receive_skb+0x37/0xf0 net/core/dev.c:5124
 process_backlog+0x1d3/0x420 net/core/dev.c:5955

Reported by Kernel Concurrency Sanitizer on:
CPU: 1 PID: 10890 Comm: syz-executor.0 Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011

Fixes: e68b6e50fa ("udp: enable busy polling for all sockets")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2019-10-30 17:34:35 -07:00
..
9p treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 188 2019-05-30 11:29:21 -07:00
bluetooth Bluetooth: Add support for utilizing Fast Advertising Interval 2019-09-05 17:27:21 +02:00
caif treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 194 2019-05-30 11:29:22 -07:00
iucv net/af_iucv: locate IUCV header via skb_network_header() 2018-09-26 09:56:07 -07:00
netfilter netfilter: nf_tables: bogus EBUSY when deleting flowtable after flush 2019-09-25 11:01:19 +02:00
netns can: netns: remove "can_" prefix from members struct netns_can 2019-09-04 13:29:14 +02:00
nfc treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 234 2019-06-19 17:09:07 +02:00
phonet treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 336 2019-06-05 17:37:07 +02:00
sctp sctp: add chunks to sk_backlog when the newsk sk_socket is not set 2019-10-09 16:27:04 -07:00
tc_act net: sched: take reference to psample group in flow_action infra 2019-09-16 09:18:03 +02:00
6lowpan.h
Space.h
act_api.h net: sched: use get_dev() action API in flow_action infra 2019-09-16 09:18:03 +02:00
addrconf.h ipv6: Fix return value of ipv6_mc_may_pull() for malformed packets 2019-08-19 17:19:46 -07:00
af_ieee802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
af_rxrpc.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
af_unix.h net: split out functions related to registering inflight socket files 2019-02-28 08:24:23 -07:00
af_vsock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 321 2019-06-05 17:37:05 +02:00
ah.h
arp.h ipv4: Define __ipv4_neigh_lookup_noref when CONFIG_INET is disabled 2019-05-05 11:25:49 -07:00
atmclip.h
ax25.h ax25: fix possible use-after-free 2019-01-23 11:18:00 -08:00
ax88796.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
bond_3ad.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 90 2019-05-24 17:37:53 +02:00
bond_alb.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 5 2019-05-21 11:28:40 +02:00
bond_options.h bonding: add an option to specify a delay between peer notifications 2019-07-04 12:30:48 -07:00
bonding.h net: remove unnecessary variables and callback 2019-10-24 14:53:49 -07:00
bpf_sk_storage.h bpf: support cloning sk storage on accept() 2019-08-17 23:18:54 +02:00
busy_poll.h net: annotate lockless accesses to sk->sk_napi_id 2019-10-30 17:34:35 -07:00
calipso.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
cfg80211-wext.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
cfg80211.h mac80211: fix scan when operating on DFS channels in ETSI domains 2019-10-07 22:10:50 +02:00
cfg802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
checksum.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cipso_ipv4.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
cls_cgroup.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
codel.h
codel_impl.h
codel_qdisc.h
compat.h net: rework SIOCGSTAMP ioctl handling 2019-04-19 14:07:40 -07:00
datalink.h
dcbevent.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
dcbnl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 201 2019-05-30 11:29:52 -07:00
devlink.h net: devlink: move reload fail indication to devlink core and expose to user 2019-09-13 22:11:14 +02:00
dn.h
dn_dev.h
dn_fib.h
dn_neigh.h
dn_nsp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
dn_route.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 24 2019-05-21 11:52:39 +02:00
drop_monitor.h drop_monitor: Add basic infrastructure for hardware drops 2019-08-17 12:40:08 -07:00
dsa.h net: dsa: Pass ndo_setup_tc slave callback to drivers 2019-09-16 21:32:57 +02:00
dsfield.h
dst.h net: dst.h: Fix shifting signed 32-bit value by 31 bits problem 2019-07-01 10:48:34 -07:00
dst_cache.h net: core: dst_cache_set_ip6: Rename 'addr' parameter to 'saddr' for consistency 2018-03-05 12:52:45 -05:00
dst_metadata.h
dst_ops.h
erspan.h erspan: set bso bit based on mirrored packet's len 2018-05-20 18:31:42 -04:00
esp.h
ethoc.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
failover.h net: Introduce generic failover module 2018-05-28 22:59:54 -04:00
fib_notifier.h net: fib: drop include of module.h from fib_notifier.h 2019-04-22 21:50:53 -07:00
fib_rules.h net: fib_rules: do not flow dissect local packets 2019-07-11 14:22:53 -07:00
firewire.h
flow.h route: Add multipath_hash in flowi_common to make user-define hash 2019-02-27 12:50:17 -08:00
flow_dissector.h net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
flow_offload.h net: sched: extend flow_action_entry with destructor 2019-09-16 09:18:02 +02:00
fou.h
fq.h net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
fq_impl.h net/flow_dissector: switch to siphash 2019-10-23 20:13:22 -07:00
garp.h
gen_stats.h net: align gnet_stats_basic_cpu struct 2018-11-17 21:37:29 -08:00
genetlink.h genetlink: optionally validate strictly/dumps 2019-04-27 17:07:22 -04:00
geneve.h net: Move the definition of the default Geneve udp port to public header file 2019-03-22 12:09:31 -07:00
gre.h net: Add netif_is_gretap()/netif_is_ip6gretap() 2018-12-10 15:53:04 -08:00
gro_cells.h
gtp.h
gue.h net:gue.h:Fix shifting signed 32-bit value by 31 bits problem 2019-07-01 10:58:23 -07:00
hwbm.h net: hwbm: if CONFIG_NET_HWBM unset, make stub functions static 2019-10-25 16:24:32 -07:00
icmp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ieee80211_radiotap.h wireless-drivers-next patches for 5.1 2019-02-22 12:56:24 -08:00
ieee802154_netdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
if_inet6.h ipv6: shrink struct ipv6_mc_socklist 2019-08-28 14:43:03 -07:00
ife.h net: ife: drop include of module.h from net/ife.h 2019-04-22 21:50:53 -07:00
ila.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet6_connection_sock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet6_hashtables.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet_common.h inet: factor out inet_send_prepare() 2019-07-03 13:51:54 -07:00
inet_connection_sock.h net/tls: use RCU protection on icsk->icsk_ulp_data 2019-08-31 23:44:28 -07:00
inet_ecn.h inet: Refactor INET_ECN_decapsulate() 2018-10-17 17:45:07 -07:00
inet_frag.h inet: frags: re-introduce skb coalescing for local delivery 2019-08-08 15:55:10 -07:00
inet_hashtables.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
inet_sock.h ip: support SO_MARK cmsg 2019-09-13 21:44:19 +02:00
inet_timewait_sock.h tcp: honor SO_PRIORITY in TIME_WAIT state 2019-09-27 12:05:02 +02:00
inetpeer.h net: ipv4: use a dedicated counter for icmp_v4 redirect packets 2019-02-08 21:50:15 -08:00
ip.h ipv4: fix IPSKB_FRAG_PMTU handling with fragmentation 2019-10-21 10:46:42 -07:00
ip6_checksum.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
ip6_fib.h ipv6: Dump route exceptions if requested 2019-06-24 10:18:49 -07:00
ip6_route.h Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2019-06-27 21:06:39 -07:00
ip6_tunnel.h ip6_tunnel: allow not to count pkts on tstats by passing dev as NULL 2019-06-18 20:48:45 -04:00
ip_fib.h net: Properly update v4 routes with v6 nexthop 2019-09-05 12:35:58 +02:00
ip_tunnels.h route: Add multipath_hash in flowi_common to make user-define hash 2019-02-27 12:50:17 -08:00
ip_vs.h ipvs: move old_secure_tcp into struct netns_ipvs 2019-10-24 11:56:02 +02:00
ipcomp.h
ipconfig.h
ipv6.h ipv6: add priority parameter to ip6_xmit() 2019-09-27 12:05:02 +02:00
ipv6_frag.h inet: fix various use-after-free in defrags units 2019-06-19 11:37:47 -04:00
ipv6_stubs.h ipv6: export function to send route updates 2019-05-22 17:48:43 -07:00
ipx.h
iw_handler.h net: Spelling s/stucture/structure/ 2018-03-27 09:51:23 +02:00
kcm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
l3mdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
lag.h net: Add lag.h, net_lag_port_dev_txable() 2018-07-11 23:10:19 -07:00
lapb.h
lib80211.h
llc.h llc: avoid blocking in llc_sap_close() 2018-09-13 09:04:58 -07:00
llc_c_ac.h
llc_c_ev.h
llc_c_st.h
llc_conn.h llc: fix sk_buff leak in llc_conn_service() 2019-10-08 13:23:05 -07:00
llc_if.h
llc_pdu.h
llc_s_ac.h
llc_s_ev.h
llc_s_st.h
llc_sap.h
lwtunnel.h lwtunnel: Pass encap and encap type attributes to lwtunnel_fill_encap 2019-04-23 19:42:29 -07:00
mac80211.h mac80211: allow drivers to set max MTU 2019-09-11 09:33:29 +02:00
mac802154.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 174 2019-05-30 11:26:41 -07:00
mip6.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
mld.h
mpls.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
mpls_iptunnel.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 295 2019-06-05 17:36:38 +02:00
mrp.h
ncsi.h
ndisc.h net-ipv6-ndisc: add support for RFC7710 RA Captive Portal Identifier 2019-07-22 12:10:54 -07:00
neighbour.h net ipv6: Prevent neighbor add if protocol is disabled on device 2019-04-17 23:19:07 -07:00
net_failover.h net: Introduce net_failover driver 2018-05-28 22:59:54 -04:00
net_namespace.h netns: fix GFP flags in rtnl_net_notifyid() 2019-10-25 20:14:42 -07:00
net_ratelimit.h
netevent.h net: ipv4: Notify about changes to ip_forward_update_priority 2018-08-01 09:52:30 -07:00
netlabel.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 13 2019-05-21 11:28:45 +02:00
netlink.h netlink: Fix nlmsg_parse as a wrapper for strict message parsing 2019-08-13 20:37:16 -07:00
netprio_cgroup.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
netrom.h net: netrom: Fix error cleanup path of nr_proto_init 2019-04-11 13:59:49 -07:00
nexthop.h net: Properly update v4 routes with v6 nexthop 2019-09-05 12:35:58 +02:00
nl802154.h
nsh.h
p8022.h
page_pool.h net: core: page_pool: add user refcnt and reintroduce page_pool_destroy 2019-07-08 14:58:04 -07:00
ping.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
pkt_cls.h net: sched: take reference to action dev before calling offloads 2019-08-26 14:17:43 -07:00
pkt_sched.h Merge ra.kernel.org:/pub/scm/linux/kernel/git/netdev/net 2019-09-17 23:51:10 +02:00
pptp.h
protocol.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
psample.h net: sched: take reference to psample group in flow_action infra 2019-09-16 09:18:03 +02:00
psnap.h
raw.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
rawv6.h
red.h
regulatory.h cfg80211: make wmm_rule part of the reg_rule structure 2018-08-28 11:11:47 +02:00
request_sock.h net: add {READ|WRITE}_ONCE() annotations on ->rskq_accept_head 2019-10-09 21:34:31 -07:00
rose.h proc: introduce proc_create_seq{,_data} 2018-05-16 07:23:35 +02:00
route.h ipv4: Revert removal of rt_uses_gateway 2019-09-20 18:23:33 -07:00
rsi_91x.h Bluetooth: btrsi: add new rsi bluetooth driver 2018-03-13 18:37:02 +02:00
rtnetlink.h net: Add extack argument to rtnl_create_link 2018-11-06 15:00:45 -08:00
rtnh.h net: Rename net/nexthop.h net/rtnh.h 2019-04-22 21:47:25 -07:00
sch_generic.h sch_netem: fix rcu splat in netem_enqueue() 2019-09-27 10:29:11 +02:00
scm.h pids: Compute task_tgid using signal->leader_pid 2018-07-21 10:43:12 -05:00
secure_seq.h
seg6.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seg6_hmac.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
seg6_local.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
slhc_vj.h slip: Check if rstate is initialized before uncompressing 2018-04-11 10:33:46 -04:00
smc.h net/smc: add smcd support to the pnet table 2019-02-21 10:34:37 -08:00
snmp.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
sock.h net: annotate accesses to sk->sk_incoming_cpu 2019-10-30 13:24:25 -07:00
sock_reuseport.h udp: correct reuseport selection with connected sockets 2019-09-16 09:02:18 +02:00
stp.h
strparser.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 2019-06-19 17:09:55 +02:00
switchdev.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tcp.h tcp: annotate sk->sk_rcvbuf lockless reads 2019-10-13 10:13:08 -07:00
tcp_states.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
timewait_sock.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
tipc.h flow_dissector: do not rely on implicit casts 2018-05-08 00:02:41 -04:00
tls.h net/tls: clean up the number of #ifdefs for CONFIG_TLS_DEVICE 2019-09-05 09:49:49 +02:00
transp_v6.h ipv6: fold sockcm_cookie into ipcm6_cookie 2018-07-07 10:58:49 +09:00
tso.h
tun_proto.h
udp.h udp: Remove unlikely() from IS_ERR*() condition 2019-08-30 19:49:37 -07:00
udp_tunnel.h ipv6: Move ipv6 stubs to a separate header file 2019-03-29 10:53:45 -07:00
udplite.h
vsock_addr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 321 2019-06-05 17:37:05 +02:00
vxlan.h vxlan: add adjacent link to limit depth level 2019-10-24 14:53:49 -07:00
wext.h
wimax.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 268 2019-06-05 17:30:29 +02:00
x25.h
x25device.h
xdp.h xdp: page_pool related fix to cpumap 2019-06-19 11:23:13 -04:00
xdp_priv.h xdp: add tracepoints for XDP mem 2019-06-19 11:23:13 -04:00
xdp_sock.h xsk: add support to allow unaligned chunk placement 2019-08-31 01:08:26 +02:00
xfrm.h xfrm interface: fix management of phydev 2019-07-17 10:03:54 +02:00