Received: by 2002:a05:6358:4e97:b0:b3:742d:4702 with SMTP id ce23csp2066359rwb; Fri, 19 Aug 2022 14:43:00 -0700 (PDT) X-Google-Smtp-Source: AA6agR5CoTDzDyqCbDw4gQj3JbetQiuviyaj/gfTPGGSrDDVr+hN3NCqjD4RDcv57mrs7Ew6ox3r X-Received: by 2002:a17:90b:2292:b0:1fa:e634:3d9d with SMTP id kx18-20020a17090b229200b001fae6343d9dmr5061972pjb.43.1660945380648; Fri, 19 Aug 2022 14:43:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1660945380; cv=none; d=google.com; s=arc-20160816; b=sYmLNOx5VejtCSaS1e+v42IbJzfdPhF8M3D59xrPq/pmwsCMBVUYNSqw6zyl93TYVF yY7jF7FAyJ7Rh4faP5n/UDUwhXwLRRt5Jjn1Vj4kflP6r7qapBgEsHLb02j1TyKNofB6 zs8ApzblRBnJFFJ3iJGPn20/eU3UbKTt8sOeC+igXzZA3dyWurroHodNQCjWVqWWJULh PeDOHn0iH2EbP/wovPaa6xIRX76Pus68gCx6GUGBjhV9ZqzbiszAnGLRBfr7CsZ811vo TfbeXI1/0mEetKeX8khpnh49juk+WAYoa9Jcsm593niZiFGYLYxknVFzYR0TPwsBI+Py loyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=Y6QwoVZVicOlVCtE7c/suMyZbLEm/X8sYTuoOY17aP8=; b=zXFAWlipEkeRV58CJ5dtiMwX/H0F895bWO+MeJzSB28Wu/iirL/kA0DngaQXTIdoQr mFU+WAMscInfnpJx/K13p/Hu2X1vYrtB9svtGhYGovDAVvriu1Rup7Hx0lEmmjJJ5RXM SQArmS5rfykQQf8zF8heJ5IGOfOyX23OiNT3j1VTX+WsvCIMLmMK6RuIiIyxVu72nhiO 6vet/C4blw+gohl0Rka4ugss5bIHf2onDv/x3w5aYvcCPiooX1Ix8ZM7QmfeagPcA+v1 hINVkU4lJgVNNOBQjU7yUnbymW3hI6neg7byjfTrCpXKgp7ZaRmgKcuUfudoMqd2T8r5 ytfQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Pg6j74Cl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id rj1-20020a17090b3e8100b001f74beebefasi7444148pjb.88.2022.08.19.14.42.50; Fri, 19 Aug 2022 14:43:00 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b=Pg6j74Cl; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1352421AbiHSVYL (ORCPT + 99 others); Fri, 19 Aug 2022 17:24:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46020 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1352412AbiHSVYH (ORCPT ); Fri, 19 Aug 2022 17:24:07 -0400 Received: from mail-yw1-x1130.google.com (mail-yw1-x1130.google.com [IPv6:2607:f8b0:4864:20::1130]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0F1F15C351 for ; Fri, 19 Aug 2022 14:24:05 -0700 (PDT) Received: by mail-yw1-x1130.google.com with SMTP id 00721157ae682-3376851fe13so120558757b3.6 for ; Fri, 19 Aug 2022 14:24:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc; bh=Y6QwoVZVicOlVCtE7c/suMyZbLEm/X8sYTuoOY17aP8=; b=Pg6j74ClZ4u3ciAjGeVATapbOuX7TryyaYQhY/ONqHud/ndF5+OBkmoao+GTRgjkEN w4Bn+WmZekdAloy2kiGt7POrpDThYcNFxXHRPi9aQotlEIMazh8t0NSHOtgEkDo2TZcY sgMUGgY6TjgcgUeiMPC8iQh/owopnqH4V3LbleKUCf72AInbFB8lb0T2bLHhHbKyF5fh nR5lBEx1pEiFQ9UNjzvD8pyAfbqp0HLnrBTnwNIYIYyHtEAQk5p+GZzXvlHYNqb9cAuV r8JCEUj5coumykLCFHVQrevpEdZjlkenLd4I8CkTghl46gbE9a0NfkZbB6r7JP0A1Ft/ n79w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc; bh=Y6QwoVZVicOlVCtE7c/suMyZbLEm/X8sYTuoOY17aP8=; b=06fQRqHue0TRPodQGD7qZ+23H82BH/m/zCzp/nChsZqipL7lBDujvq+jpk72bOqGVX blJCocYbigaDKFbmkkF9PQUJLid1STwbDpwMxWKcrwhzODj0kkZc2P1SVI/fqNOLbXhx BuwzBvOS0QyeEBMHz8uSGHfjzQIXQ6eIHiCTfeuMxKQOFbZFgh/ahAZR/g/Fiz2+GaN0 Q2kgxQuO2ECgSd73RwseOGtCgb7b1a6zqjeuu+17nBaE8aF0hiwa6YyA6dBGEYTWE+gt gTbkolD6zw7xd9+iII7SoRZs4ob+5FAARNjGlupsjTt/3aF9OCkELpI0cyd6ieonDje8 kmlg== X-Gm-Message-State: ACgBeo2AFd1JbgCUwkq3vG3eCiE+Q82V1Xc1mwnjCNWWGfMCxI1zKT+n LGE0ILAfG57SOIAxcFnHTnESwzI17MrOEnV3jNEbwg== X-Received: by 2002:a0d:fd06:0:b0:324:e4fe:9e6c with SMTP id n6-20020a0dfd06000000b00324e4fe9e6cmr9286130ywf.332.1660944244044; Fri, 19 Aug 2022 14:24:04 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Eric Dumazet Date: Fri, 19 Aug 2022 14:23:53 -0700 Message-ID: Subject: Re: data-race in __tcp_alloc_md5sig_pool / tcp_alloc_md5sig_pool To: abhishek.shah@columbia.edu Cc: David Miller , David Ahern , Jakub Kicinski , llvm@lists.linux.dev, Nathan Chancellor , Nick Desaulniers , netdev , Paolo Abeni , Hideaki YOSHIFUJI , Andrii Nakryiko , Alexei Starovoitov , bpf , Daniel Borkmann , John Fastabend , Martin KaFai Lau , KP Singh , LKML , Song Liu , trix@redhat.com, Yonghong Song , Gabriel Ryan Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-17.6 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF, ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 19, 2022 at 8:40 AM Abhishek Shah wrote: > > Hi all, > Not sure why you included so many people in this report ? You have not exactly said what could be the issue (other than the raw kcsan report) > We found a race involving the tcp_md5sig_pool_populated variable. Upon fu= rther investigation, we think that __tcp_alloc_md5sig_pool can be run multi= ple times before tcp_md5sig_pool_populated is set to true here. However, we= are not sure. Please let us know what you think. I think this is a false positive, because the data race is properly handled with the help of tcp_md5sig_mutex. We might silence it, of course, like many other existing data races. > > Thanks! > > > --------------------Report-------------- > > write to 0xffffffff883a2438 of 1 bytes by task 6542 on cpu 0: > __tcp_alloc_md5sig_pool+0x239/0x260 net/ipv4/tcp.c:4343 > tcp_alloc_md5sig_pool+0x58/0xb0 net/ipv4/tcp.c:4352 > tcp_md5_do_add+0x2c4/0x470 net/ipv4/tcp_ipv4.c:1199 > tcp_v6_parse_md5_keys+0x473/0x490 > do_tcp_setsockopt net/ipv4/tcp.c:3614 [inline] > tcp_setsockopt+0xda6/0x1be0 net/ipv4/tcp.c:3698 > sock_common_setsockopt+0x62/0x80 net/core/sock.c:3505 > __sys_setsockopt+0x2d1/0x450 net/socket.c:2180 > __do_sys_setsockopt net/socket.c:2191 [inline] > __se_sys_setsockopt net/socket.c:2188 [inline] > __x64_sys_setsockopt+0x67/0x80 net/socket.c:2188 > do_syscall_x64 arch/x86/entry/common.c:50 [inline] > do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80 > entry_SYSCALL_64_after_hwframe+0x44/0xae > > read to 0xffffffff883a2438 of 1 bytes by task 6541 on cpu 1: > tcp_alloc_md5sig_pool+0x15/0xb0 net/ipv4/tcp.c:4348 > tcp_md5_do_add+0x2c4/0x470 net/ipv4/tcp_ipv4.c:1199 > tcp_v4_parse_md5_keys+0x42f/0x500 net/ipv4/tcp_ipv4.c:1303 > do_tcp_setsockopt net/ipv4/tcp.c:3614 [inline] > tcp_setsockopt+0xda6/0x1be0 net/ipv4/tcp.c:3698 > sock_common_setsockopt+0x62/0x80 net/core/sock.c:3505 > __sys_setsockopt+0x2d1/0x450 net/socket.c:2180 > __do_sys_setsockopt net/socket.c:2191 [inline] > __se_sys_setsockopt net/socket.c:2188 [inline] > __x64_sys_setsockopt+0x67/0x80 net/socket.c:2188 > do_syscall_x64 arch/x86/entry/common.c:50 [inline] > do_syscall_64+0x3d/0x90 arch/x86/entry/common.c:80 > entry_SYSCALL_64_after_hwframe+0x44/0xae > > Reported by Kernel Concurrency Sanitizer on: > CPU: 1 PID: 6541 Comm: syz-executor2-n Not tainted 5.18.0-rc5+ #107 > Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/0= 1/2014 > > > Reproducing Inputs > > Input CPU 0: > r0 =3D socket(0xa, 0x1, 0x0) > setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000000)=3D{@in6=3D= {{0xa, 0x0, 0x0, @private0}}, 0x0, 0x0, 0x10, 0x0, "a04979dcb0f6e3666c36f59= 053376c1d2e245fbad5b4749a8c55dda1bd819ec87afb7f5ac2483f179675d3c23fdba661af= cca7cca5661a7b52ac11cc8085800c2c0d8e7de309eb57b89292880a563154"}, 0xd8) > setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)=3D{@in6=3D= {{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x28, 0x0, "f386ea32b026420a2c65ea3= 75667090000000000000000a300001e81f9c22181fe9cef51a4070736c7a33d08c1dd5c35eb= 9b0e6c6aa490d4f1b18f7b09103bf18619b49a9ce10f4bd98e0b00"}, 0xd8) > > Input CPU 1: > r0 =3D socket$inet_tcp(0x2, 0x1, 0x0) > setsockopt$inet_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000080)=3D{@in=3D{= {0x2, 0x0, @remote}}, 0x0, 0x0, 0x47, 0x0, "2a34e559cc66f8b453edeb61450c389= 9cc1d1304f0e5f1758293ddd3597b84447d3056ed871ae397b0fd27a54e4ff8ba83f0cf3e5f= 323acb74f974c0b87333e0570e9019d8fdcf0bc1044a5e96d68296"}, 0xd8)