Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp2085297imw; Tue, 5 Jul 2022 23:00:29 -0700 (PDT) X-Google-Smtp-Source: AGRyM1u185rmJEGzEBG+f+nRbDatvATKOEkZnlZY9ewtiy+tFsz7LUovFC4xzg0ZJ8QzlCpD1a4W X-Received: by 2002:a17:907:2bf6:b0:72a:881b:8d79 with SMTP id gv54-20020a1709072bf600b0072a881b8d79mr26673337ejc.623.1657087229123; Tue, 05 Jul 2022 23:00:29 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657087229; cv=none; d=google.com; s=arc-20160816; b=T384Ly69clwrdqpd1dneT0Mr4GrWJZDN1wEgmIQOvuxkg+Mk6o+VkEWCGzdDg7mnv5 htdGGqrL3vvWEpDrWQLKkRfLp7Zc75ikuRktpOotiHoU42oPpUZQd3K0Cd9BKwX1Cxcu P8GemgBZCL4Y/o9p+6aUq5Cn6GHlx+dqr/Q/UiZl6OxV/naMKSlyQM5OgqeEjFwkvqih vts28sazPgc8CDyIYp2z0iWynn52U/kIstOrtV8FB5rGp0ju5wJ4BctSv1oD5bqLFYje nYxitgGcJ/BtUUc+a5DK2yj7QSllE0mxij6cirtm0titME3c4J3qx/ylkTZKOLO8Ei4k ekmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=KgcHvSeQk9A90T8EU++IcwoBPEAYtDf422cDivH4wbA=; b=ucdaAOp66uhhpjojR/dWUbDaZBZ94dJ+vGnr86jezyN7KPsAI1z5F6votPyb1cGMw8 iisqrQ/VxmrxSgPN2b2+kbgNRSobRNbE2C1MIfPsLv5+hG+c/hrhYNf1sUAdDEalp23+ AQKmN7axW5c/0YtlUk+CnILxJ5nzLjeWdJu2H6fEtcyYsvi8+5u8L3hk7jQZDhNwOyh4 IrK9ZXZtmQr04ID/dzkT2bdoDQQg63ab7ntFya90z/XHFFnfFdDWmzJyTQCit//rT1ro HERVlwlfrpN44JOPl/UTLpeZY4PTVsZwk+Dagt0woJ9R6yXzZ9LX7T2VBPpVVZrHDNRb QwkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=LN98yqdy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y9-20020a056402270900b0043763a95ce9si32366109edd.458.2022.07.05.23.00.04; Tue, 05 Jul 2022 23:00:29 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=LN98yqdy; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230049AbiGFFWE (ORCPT + 99 others); Wed, 6 Jul 2022 01:22:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44892 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229586AbiGFFWD (ORCPT ); Wed, 6 Jul 2022 01:22:03 -0400 Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB3E11FCE9; Tue, 5 Jul 2022 22:22:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657084923; x=1688620923; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=KgcHvSeQk9A90T8EU++IcwoBPEAYtDf422cDivH4wbA=; b=LN98yqdy3XDZkw+4hrcILGG/4CSHN7ix8dJVTaLcpBxHi9LqEvt4KAIT ei5/7z/LH4vhxQSwPLO+sBnHawsDqcfxFF9O/ChH6O1Gz5AiRbxK/otiR rv0ofiUmlWVwvtN/37/DWEEobRIhEXD4WnMMOuyz62Ihy1c1hPvu9Kg5E w=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="207627117" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2c-388992e0.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP; 06 Jul 2022 05:21:46 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2c-388992e0.us-west-2.amazon.com (Postfix) with ESMTPS id 59701816CF; Wed, 6 Jul 2022 05:21:45 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:21:44 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:21:42 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 00/16] sysctl: Fix data-races around ipv4_table. Date: Tue, 5 Jul 2022 22:21:14 -0700 Message-ID: <20220706052130.16368-1-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This series changes some proc handlers to use READ_ONCE()/WRITE_ONCE() internally and tries to fix a data-race on the sysctl side. However, we still need a fix for readers/writers in other subsystems. Not to miss the fix, we convert such handlers to a wrapper function of one with the "_lockless" suffix. When we add a fix on other subsystems, we set the lockless handler as .proc_handler to mark the sysctl knob safe. After this series, if a proc handler does not have the lockless suffix, it means we need fixes in other subsystems. Finally, when there is no user of proc handlers without the lockless suffix, we can remove them and get free from sysctl data-races. This series starts fixing from ipv4_table. Kuniyuki Iwashima (16): sysctl: Clean up proc_handler definitions. sysctl: Add proc_dobool_lockless(). sysctl: Add proc_dointvec_lockless(). sysctl: Add proc_douintvec_lockless(). sysctl: Add proc_dointvec_minmax_lockless(). sysctl: Add proc_douintvec_minmax_lockless(). sysctl: Add proc_doulongvec_minmax_lockless(). sysctl: Add proc_dointvec_jiffies_lockless(). tcp: Fix a data-race around sysctl_tcp_max_orphans. inetpeer: Fix data-races around sysctl. net: Fix a data-race around sysctl_mem. tcp: Mark sysctl_tcp_low_latency obsolete. cipso: Fix a data-race around cipso_v4_cache_bucketsize. cipso: Fix data-races around boolean sysctl. icmp: Fix data-races around sysctl. ipv4: Fix a data-race around sysctl_fib_sync_mem. Documentation/networking/ip-sysctl.rst | 2 +- include/linux/sysctl.h | 51 ++--- include/net/sock.h | 2 +- include/trace/events/sock.h | 6 +- kernel/sysctl.c | 258 ++++++++++++++----------- net/decnet/sysctl_net_decnet.c | 2 +- net/ipv4/cipso_ipv4.c | 19 +- net/ipv4/fib_trie.c | 2 +- net/ipv4/icmp.c | 5 +- net/ipv4/inetpeer.c | 13 +- net/ipv4/sysctl_net_ipv4.c | 29 +-- net/ipv4/tcp.c | 3 +- net/sctp/sysctl.c | 2 +- 13 files changed, 214 insertions(+), 180 deletions(-) -- 2.30.2