evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/include
History
Eric Dumazet f00565130b ipvs: move old_secure_tcp into struct netns_ipvs 
[ Upstream commit c24b75e0f9239e78105f81c5f03a751641eb07ef ]

syzbot reported the following issue :

BUG: KCSAN: data-race in update_defense_level / update_defense_level

read to 0xffffffff861a6260 of 4 bytes by task 3006 on cpu 1:
 update_defense_level+0x621/0xb30 net/netfilter/ipvs/ip_vs_ctl.c:177
 defense_work_handler+0x3d/0xd0 net/netfilter/ipvs/ip_vs_ctl.c:225
 process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
 worker_thread+0xa0/0x800 kernel/workqueue.c:2415
 kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

write to 0xffffffff861a6260 of 4 bytes by task 7333 on cpu 0:
 update_defense_level+0xa62/0xb30 net/netfilter/ipvs/ip_vs_ctl.c:205
 defense_work_handler+0x3d/0xd0 net/netfilter/ipvs/ip_vs_ctl.c:225
 process_one_work+0x3d4/0x890 kernel/workqueue.c:2269
 worker_thread+0xa0/0x800 kernel/workqueue.c:2415
 kthread+0x1d4/0x200 drivers/block/aoe/aoecmd.c:1253
 ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:352

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 7333 Comm: kworker/0:5 Not tainted 5.4.0-rc3+ #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
Workqueue: events defense_work_handler

Indeed, old_secure_tcp is currently a static variable, while it
needs to be a per netns variable.

Fixes: a0840e2e16 ("IPVS: netns, ip_vs_ctl local vars moved to ipvs struct.")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: syzbot <syzkaller@googlegroups.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-11-12 19:13:26 +01:00
..
acpi Merge branch 'acpi-pci' 2015-11-07 01:30:10 +01:00
asm-generic asm-generic: default BUG_ON(x) to if(x)BUG() 2019-08-25 10:53:04 +02:00
clocksource
crypto crypto: vmac - separate tfm and request context 2018-08-17 20:56:45 +02:00
drm drm: Add DP PSR2 sink enable bit 2018-08-06 16:24:39 +02:00
dt-bindings ARM: dts: Fix omap3 off mode pull defines 2017-11-21 09:21:19 +01:00
keys KEYS: user: Align the payload buffer 2019-03-23 08:44:17 +01:00
kvm KVM: arm/arm64: arch_timer: Preserve physical dist. active state on LR.active 2015-11-24 18:07:40 +01:00
linux arm/arm64: smccc-1.1: Handle function result as parameters 2019-11-10 11:21:22 +01:00
math-emu
media media: v4l: event: Prevent freeing event subscriptions while accessed 2018-10-10 08:52:10 +02:00
memory
misc
net ipvs: move old_secure_tcp into struct netns_ipvs 2019-11-12 19:13:26 +01:00
pcmcia
ras
rdma IB/core: Make testing MR flags for writability a static inline function 2018-08-15 17:42:06 +02:00
rxrpc
scsi scsi: core: Reduce memory required for SCSI logging 2019-10-07 21:01:01 +02:00
soc memory: tegra: Apply interrupts mask per SoC 2018-08-06 16:24:38 +02:00
sound ASoC: Define a set of DAPM pre/post-up events 2019-10-17 13:40:53 -07:00
target target: Avoid early CMD_T_PRE_EXECUTE failures during ABORT_TASK 2018-01-17 09:35:31 +01:00
trace ext4: force inode writes when nfsd calls commit_metadata() 2019-01-13 10:05:30 +01:00
uapi isdn/capi: check message length in capi_write() 2019-09-21 07:12:39 +02:00
video udlfb: set optimal write delay 2018-09-09 20:04:36 +02:00
xen fix xen_swiotlb_dma_mmap prototype 2017-10-05 09:41:48 +02:00
Kbuild