mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,264,694 Commits 103 Branches 5,006 Tags 5.4 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Jakub Sitnicki ff91059932 bpf, sockmap: Prevent lock inversion deadlock in map delete elem 
syzkaller started using corpuses where a BPF tracing program deletes
elements from a sockmap/sockhash map. Because BPF tracing programs can be
invoked from any interrupt context, locks taken during a map_delete_elem
operation must be hardirq-safe. Otherwise a deadlock due to lock inversion
is possible, as reported by lockdep:

       CPU0                    CPU1
       ----                    ----
  lock(&htab->buckets[i].lock);
                               local_irq_disable();
                               lock(&host->lock);
                               lock(&htab->buckets[i].lock);
  <Interrupt>
    lock(&host->lock);

Locks in sockmap are hardirq-unsafe by design. We expects elements to be
deleted from sockmap/sockhash only in task (normal) context with interrupts
enabled, or in softirq context.

Detect when map_delete_elem operation is invoked from a context which is
_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an
error.

Note that map updates are not affected by this issue. BPF verifier does not
allow updating sockmap/sockhash from a BPF tracing program today.

Fixes: 604326b41a ("bpf, sockmap: convert to generic sk_msg interface")
Reported-by: xingwei lee <xrivendell7@gmail.com>
Reported-by: yue sun <samsun1006219@gmail.com>
Reported-by: syzbot+bc922f476bd65abbd466@syzkaller.appspotmail.com
Reported-by: syzbot+d4066896495db380182e@syzkaller.appspotmail.com
Signed-off-by: Jakub Sitnicki <jakub@cloudflare.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: syzbot+d4066896495db380182e@syzkaller.appspotmail.com
Acked-by: John Fastabend <john.fastabend@gmail.com>
Closes: https://syzkaller.appspot.com/bug?extid=d4066896495db380182e
Closes: https://syzkaller.appspot.com/bug?extid=bc922f476bd65abbd466
Link: https://lore.kernel.org/bpf/20240402104621.1050319-1-jakub@cloudflare.com
 		2024-04-02 16:31:05 +02:00
Documentation Documentation: Add documentation for eswitch attribute 2024-03-28 18:20:08 -07:00
LICENSES
arch x86/bpf: Fix IP for relocating call depth accounting 2024-04-01 20:37:56 -07:00
block
certs
crypto This push fixes a regression that broke iwd as well as a divide by 2024-03-25 10:48:23 -07:00
drivers xen-netfront: Add missing skb_mark_for_recycle 2024-03-28 18:28:12 -07:00
fs Changes since last update: 2024-03-27 20:24:09 -07:00
include bpf: support deferring bpf_link dealloc to after RCU grace period 2024-03-28 18:47:45 -07:00
init init: open /initrd.image with O_LARGEFILE 2024-03-26 11:07:19 -07:00
io_uring
ipc
kernel bpf: fix possible file descriptor leaks in verifier 2024-03-29 09:19:55 -07:00
lib hardening fixes for v6.9-rc1 2024-03-23 08:43:21 -07:00
mm mm: zswap: fix data loss on SWP_SYNCHRONOUS_IO devices 2024-03-26 11:14:12 -07:00
net bpf, sockmap: Prevent lock inversion deadlock in map delete elem 2024-04-02 16:31:05 +02:00
rust
samples
scripts Including fixes from bpf, WiFi and netfilter. 2024-03-28 13:09:37 -07:00
security
sound sound fixes #2 for 6.9-rc2 2024-03-22 09:44:19 -07:00
tools tools/resolve_btfids: fix build with musl libc 2024-03-28 18:58:29 -07:00
usr
virt
.clang-format
.cocciconfig
.editorconfig
.get_maintainer.ignore
.gitattributes
.gitignore
.mailmap Including fixes from bpf, WiFi and netfilter. 2024-03-28 13:09:37 -07:00
.rustfmt.toml
COPYING
CREDITS
Kbuild
Kconfig
MAINTAINERS ptp: MAINTAINERS: drop Jeff Sipek 2024-03-28 18:23:42 -07:00
Makefile Linux 6.9-rc1 2024-03-24 14:10:05 -07:00
README

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the reStructuredText markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.