Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751780AbdFJWVe (ORCPT ); Sat, 10 Jun 2017 18:21:34 -0400 Received: from shards.monkeyblade.net ([184.105.139.130]:36730 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751633AbdFJWVd (ORCPT ); Sat, 10 Jun 2017 18:21:33 -0400 Date: Sat, 10 Jun 2017 18:21:29 -0400 (EDT) Message-Id: <20170610.182129.1342772715077530967.davem@davemloft.net> To: baijiaju1990@163.com Cc: dmitry.tarnyagin@lockless.no, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] net: caif: Fix a sleep-in-atomic bug in cfpkt_create_pfx From: David Miller In-Reply-To: <1497084579-32434-1-git-send-email-baijiaju1990@163.com> References: <1497084579-32434-1-git-send-email-baijiaju1990@163.com> X-Mailer: Mew version 6.7 on Emacs 24.5 / Mule 6.0 (HANACHIRUSATO) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Sat, 10 Jun 2017 14:39:52 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 851 Lines: 24 From: Jia-Ju Bai Date: Sat, 10 Jun 2017 16:49:39 +0800 > The kernel may sleep under a rcu read lock in cfpkt_create_pfx, and the > function call path is: > cfcnfg_linkup_rsp (acquire the lock by rcu_read_lock) > cfctrl_linkdown_req > cfpkt_create > cfpkt_create_pfx > alloc_skb(GFP_KERNEL) --> may sleep > cfserl_receive (acquire the lock by rcu_read_lock) > cfpkt_split > cfpkt_create_pfx > alloc_skb(GFP_KERNEL) --> may sleep > > There is "in_interrupt" in cfpkt_create_pfx to decide use "GFP_KERNEL" or > "GFP_ATOMIC". In this situation, "GFP_KERNEL" is used because the function > is called under a rcu read lock, instead in interrupt. > > To fix it, only "GFP_ATOMIC" is used in cfpkt_create_pfx. > > Signed-off-by: Jia-Ju Bai Applied and queued up for -stable.