mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/net
History
Dominique Martinet d5080e1598 9p/client: fix data race on req->status 
[ Upstream commit 1a4f69ef15 ]

KCSAN reported a race between writing req->status in p9_client_cb and
accessing it in p9_client_rpc's wait_event.

Accesses to req itself is protected by the data barrier (writing req
fields, write barrier, writing status // reading status, read barrier,
reading other req fields), but status accesses themselves apparently
also must be annotated properly with WRITE_ONCE/READ_ONCE when we
access it without locks.

Follows:
 - error paths writing status in various threads all can notify
p9_client_rpc, so these all also need WRITE_ONCE
 - there's a similar read loop in trans_virtio for zc case that also
needs READ_ONCE
 - other reads in trans_fd should be protected by the trans_fd lock and
lists state machine, as corresponding writers all are within trans_fd
and should be under the same lock. If KCSAN complains on them we likely
will have something else to fix as well, so it's better to leave them
unmarked and look again if required.

Link: https://lkml.kernel.org/r/20221205124756.426350-1-asmadeus@codewreck.org
Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Suggested-by: Marco Elver <elver@google.com>
Acked-by: Marco Elver <elver@google.com>
Reviewed-by: Christian Schoenebeck <linux_oss@crudebyte.com>
Signed-off-by: Dominique Martinet <asmadeus@codewreck.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2023-01-12 12:00:42 +01:00
..
6lowpan net: 6lowpan: constify lowpan_nhc structures 2022-06-09 21:53:28 +02:00
9p 9p/client: fix data race on req->status 2023-01-12 12:00:42 +01:00
802 mrp: introduce active flags to prevent UAF when applicant uninit 2022-12-31 13:26:45 +01:00
8021q net: Remove the obsolte u64_stats_fetch_*_irq() users (net). 2022-12-31 13:26:12 +01:00
appletalk
atm net/atm: fix proc_mpc_write incorrect return value 2022-10-29 10:08:32 +02:00
ax25 net: avoid overflow when rose /proc displays timer information. 2022-08-05 19:00:02 -07:00
batman-adv batman-adv: Fix hang up with small MTU hard-interface 2022-08-20 14:17:45 +02:00
bluetooth Bluetooth: Add quirk to disable MWS Transport Configuration 2022-12-31 13:26:47 +01:00
bpf bpf: Move skb->len == 0 checks into __bpf_redirect 2022-12-31 13:26:00 +01:00
bpfilter
bridge net: Remove the obsolte u64_stats_fetch_*_irq() users (net). 2022-12-31 13:26:12 +01:00
caif caif: fix memory leak in cfctrl_linkup_request() 2023-01-12 12:00:42 +01:00
can can: af_can: fix NULL pointer dereference in can_rcv_filter 2022-12-14 11:40:56 +01:00
ceph libceph: clean up ceph_osdc_start_request prototype 2022-08-03 14:05:39 +02:00
core bpf: pull before calling skb_postpull_rcsum() 2023-01-12 12:00:29 +01:00
dcb
dccp dccp/tcp: Reset saddr on failure after inet6?_hash_connect(). 2022-12-02 17:43:08 +01:00
decnet dn_route: replace "jiffies-now>0" with "jiffies!=now" 2022-07-29 20:12:49 -07:00
dns_resolver
dsa net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path 2022-12-31 13:26:15 +01:00
ethernet
ethtool ethtool: avoiding integer overflow in ethtool_phys_id() 2022-12-31 13:26:45 +01:00
hsr hsr: Synchronize sequence number updates. 2022-12-31 13:26:08 +01:00
ieee802154 net: ieee802154: fix error return code in dgram_bind() 2022-11-04 00:00:25 +09:00
ife
ipv4 net/ulp: prevent ULP without clone op from entering the LISTEN status 2023-01-12 12:00:42 +01:00
ipv6 ipv6/sit: use DEV_STATS_INC() to avoid data-races 2022-12-31 13:26:45 +01:00
iucv net: keep sk->sk_forward_alloc as small as possible 2022-06-10 16:21:27 -07:00
kcm kcm: avoid potential race in kcm_tx_work 2022-11-26 09:27:54 +01:00
key xfrm: Fix oops in __xfrm_state_delete() 2022-12-02 17:43:07 +01:00
l2tp l2tp: l2tp_debugfs: fix Clang -Wformat warnings 2022-07-08 12:14:36 +01:00
l3mdev l3mdev: l3mdev_master_upper_ifindex_by_index_rcu should be using netdev_master_upper_dev_get_rcu 2022-04-15 14:27:24 -07:00
lapb
llc net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
mac80211 net: Remove the obsolte u64_stats_fetch_*_irq() users (net). 2022-12-31 13:26:12 +01:00
mac802154 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() 2022-12-14 11:41:00 +01:00
mctp mctp: Remove device type check at unregister 2022-12-31 13:26:39 +01:00
mpls net: Remove the obsolte u64_stats_fetch_*_irq() users (net). 2022-12-31 13:26:12 +01:00
mptcp mptcp: fix lockdep false positive 2023-01-12 12:00:30 +01:00
ncsi net/ncsi: use proper "mellanox" DT vendor prefix 2022-06-23 20:51:06 -07:00
netfilter netfilter: ipset: Rework long task execution when adding/deleting entries 2023-01-12 12:00:39 +01:00
netlabel netlabel: fix typo in comment 2022-08-10 09:24:41 +01:00
netlink netlink: Bounds-check struct nlmsgerr creation 2022-11-26 09:27:55 +01:00
netrom
nfc nfc: Fix potential resource leaks 2023-01-12 12:00:32 +01:00
nsh
openvswitch openvswitch: Fix flow lookup to use unmasked key 2022-12-31 13:26:39 +01:00
packet packet: do not set TP_STATUS_CSUM_VALID on CHECKSUM_COMPLETE 2022-12-08 11:30:18 +01:00
phonet net: remove noblock parameter from recvmsg() entities 2022-04-12 15:00:25 +02:00
psample
qrtr net: qrtr: start MHI channel after endpoit creation 2022-08-15 11:21:42 +01:00
rds net: rds: don't hold sock lock when cancelling work from rds_tcp_reset_callbacks() 2022-10-21 12:38:20 +02:00
rfkill
rose rose: Fix NULL pointer dereference in rose_send_frame() 2022-11-10 18:17:19 +01:00
rxrpc rxrpc: Fix missing unlock in rxrpc_do_sendmsg() 2022-12-31 13:26:39 +01:00
sched net: sched: cbq: dont intepret cls results when asked to drop 2023-01-12 12:00:39 +01:00
sctp sctp: sysctl: make extra pointers netns aware 2022-12-31 13:26:14 +01:00
smc net/smc: Fix possible leaked pernet namespace in smc_init() 2022-11-10 18:17:22 +01:00
strparser strparser: pad sk_skb_cb to avoid straddling cachelines 2022-07-08 18:38:44 -07:00
sunrpc SUNRPC: ensure the matching upcall is in-flight upon downcall 2023-01-12 12:00:29 +01:00
switchdev net: rename reference+tracking helpers 2022-06-09 21:52:55 -07:00
tipc tipc: call tipc_lxc_xmit without holding node_read_lock 2022-12-14 11:41:04 +01:00
tls bpf, sockmap: Fix missing BPF_F_INGRESS flag when using apply_bytes 2022-12-31 13:26:06 +01:00
unix unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg() 2022-12-31 13:26:38 +01:00
vmw_vsock net: vmw_vsock: vmci: Check memcpy_from_msg() 2022-12-31 13:26:12 +01:00
wireless wifi: cfg80211: Fix not unregister reg_pdev when load_builtin_regdb_keys() fails 2022-12-31 13:26:06 +01:00
x25 net/x25: Fix skb leak in x25_lapb_receive_frame() 2022-11-26 09:27:38 +01:00
xdp xsk: Fix backpressure mechanism on Tx 2022-10-21 12:38:05 +02:00
xfrm xfrm: replay: Fix ESN wrap around for GSO 2022-12-02 17:43:02 +01:00
Kconfig
Kconfig.debug net: CONFIG_DEBUG_NET depends on CONFIG_NET 2022-06-02 10:15:05 -07:00
Makefile
compat.c net: clear msg_get_inq in __get_compat_msghdr() 2022-09-20 08:23:20 -07:00
devres.c
socket.c net: Fix a data-race around sysctl_somaxconn. 2022-08-24 13:46:58 +01:00
sysctl_net.c