Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp3049510imw; Wed, 6 Jul 2022 16:42:31 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tgLmHFFYuXzjiIhUI9E8IzveBhjsl41e3c1xHLSUpqS2VyI8AsTdvoBTdtBqbCV48sY1dd X-Received: by 2002:a05:6402:1d4b:b0:435:cac5:1957 with SMTP id dz11-20020a0564021d4b00b00435cac51957mr57915382edb.109.1657150950974; Wed, 06 Jul 2022 16:42:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657150950; cv=none; d=google.com; s=arc-20160816; b=jykWYOfz+HH5Eqi34UT45z5MWKDdYCoMQlSgn3nXtqLGtdBO3+Z5H7OiQsaUvKye/H Zerjpzoe+kfEJO/7l6kV4CHKv99Pr5Y7UD8mW1kWA4Twfiy5GXZXVCKdlKGJ0eNnDcN6 djgKY6HVFPWrVlJJVqDVNFOE0uC+B55s7Nj6U3gJxY6ODzjc2wcNHx5OnayrTCIdD2hM OCnMDsE5eiTr0u48SH+brCStxqNcMJa6bfAdQo86FX3iVfCFw3+qLTQo1SYRcuDcmZNb 1hIHlQdWdNCJLilzCYKtQXi4VuCupzckkT0QvDuJpoxn7IeS4unFvJ5rAhQo60VlzDNo W40g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=554TZ1STLEPnvqv57mOIpMzRQSEDSmhbcUbukQH3HDM=; b=p5BeyATfq9SkFLVOXye2Ag7o1azZkj/STfVN0wM1zg0gvI90VqFy4KYzWn1D79jcqj nL7ZNE8dF5fsrfUIePJOWQgOP0dkDFolZJ3sBuT8ARIBfHN075HQGXu+fUEsKCa5eYcS Prf4aOxV2P1bOaCUQOOQ8thXfMmwvcFivuukF/4E6q1y8sDQ5/eFfsuwY0uDzcBekhO3 tXP7fUiOi+An/uS7/omludMGLsfXjN7PPvGhhsSN5zqb4QS3PX9gLiGV11OnENMKPIGw 86du0N55iHwYLPdpAMP0NPp6r93d17CRXrELOes63CLkA9vGZU6LNtOx8YeHmPFb1VHf +qCg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b="XHrITN6/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id fd2-20020a056402388200b0043a6b47edccsi10965250edb.116.2022.07.06.16.42.05; Wed, 06 Jul 2022 16:42:30 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b="XHrITN6/"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234690AbiGFXk5 (ORCPT + 99 others); Wed, 6 Jul 2022 19:40:57 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234645AbiGFXk4 (ORCPT ); Wed, 6 Jul 2022 19:40:56 -0400 Received: from smtp-fw-2101.amazon.com (smtp-fw-2101.amazon.com [72.21.196.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7CD3C2CDE8; Wed, 6 Jul 2022 16:40:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657150855; x=1688686855; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=554TZ1STLEPnvqv57mOIpMzRQSEDSmhbcUbukQH3HDM=; b=XHrITN6//nZY+F2CaNYw9/jEwFWaR1aMCRwugK75T6sUpZliPaK8Tc7w fzLtfMMxoG7daoO96ywqaKBdX6jKK0+x993RU+gHO9d47O5XhsxPaTIbl 3/HPd4K0KmS183vl6i7fg2XraWQG+U3oF4J3oDP4u15moRiDDetLLm8Ja A=; X-IronPort-AV: E=Sophos;i="5.92,251,1650931200"; d="scan'208";a="215524095" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-iad-1d-7a21ed79.us-east-1.amazon.com) ([10.43.8.2]) by smtp-border-fw-2101.iad2.amazon.com with ESMTP; 06 Jul 2022 23:40:43 +0000 Received: from EX13MTAUWB001.ant.amazon.com (iad12-ws-svc-p26-lb9-vlan3.iad.amazon.com [10.40.163.38]) by email-inbound-relay-iad-1d-7a21ed79.us-east-1.amazon.com (Postfix) with ESMTPS id 26C49220157; Wed, 6 Jul 2022 23:40:40 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 23:40:40 +0000 Received: from 88665a182662.ant.amazon.com (10.43.160.106) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 23:40:37 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v2 net 00/12] sysctl: Fix data-races around ipv4_table. Date: Wed, 6 Jul 2022 16:39:51 -0700 Message-ID: <20220706234003.66760-1-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [10.43.160.106] X-ClientProxiedBy: EX13D36UWB001.ant.amazon.com (10.43.161.84) To EX19D004ANA001.ant.amazon.com (10.37.240.138) X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. The first half of this series changes some proc handlers used in ipv4_table to use READ_ONCE() and WRITE_ONCE() internally to fix data-races on the sysctl side. Then, the second half adds READ_ONCE() to the other readers of ipv4_table. Changes: v2: * Drop some changes that makes backporting difficult * First cleanup patch * Lockless helpers and .proc_handler changes * Drop the tracing part for .sysctl_mem * Steve already posted a fix * Drop int-to-bool change for cipso * Should be posted to net-next later * Drop proc_dobool() change * Can be included in another series v1: https://lore.kernel.org/netdev/20220706052130.16368-1-kuniyu@amazon.com/ Kuniyuki Iwashima (12): sysctl: Fix data races in proc_dointvec(). sysctl: Fix data races in proc_douintvec(). sysctl: Fix data races in proc_dointvec_minmax(). sysctl: Fix data races in proc_douintvec_minmax(). sysctl: Fix data races in proc_doulongvec_minmax(). sysctl: Fix data races in proc_dointvec_jiffies(). tcp: Fix a data-race around sysctl_tcp_max_orphans. inetpeer: Fix data-races around sysctl. net: Fix data-races around sysctl_mem. cipso: Fix data-races around sysctl. icmp: Fix data-races around sysctl. ipv4: Fix a data-race around sysctl_fib_sync_mem. Documentation/networking/ip-sysctl.rst | 2 +- include/net/sock.h | 2 +- kernel/sysctl.c | 25 ++++++++++++++----------- net/ipv4/cipso_ipv4.c | 12 +++++++----- net/ipv4/fib_trie.c | 2 +- net/ipv4/icmp.c | 5 +++-- net/ipv4/inetpeer.c | 12 ++++++++---- net/ipv4/tcp.c | 3 ++- 8 files changed, 37 insertions(+), 26 deletions(-) -- 2.30.2