Received: by 2002:a05:7412:b130:b0:e2:908c:2ebd with SMTP id az48csp2427220rdb; Mon, 20 Nov 2023 10:24:07 -0800 (PST) X-Google-Smtp-Source: AGHT+IHGJoA5yCzFopV644VkQOu1ZKTly1mtiEAWThvXqgLwmRo9V4eGXZQ3Xr236TmB2QV+lttX X-Received: by 2002:a05:6820:1aca:b0:56e:466c:7393 with SMTP id bu10-20020a0568201aca00b0056e466c7393mr8847000oob.5.1700504647172; Mon, 20 Nov 2023 10:24:07 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700504647; cv=none; d=google.com; s=arc-20160816; b=jKKb+4X6J/Ve/awlEJDqwA6gAP0LqWloAwndIR34L1dXdqYSWx/B1875notedIn+52 qhEK8BKwpLiUGueifPhmHDzjR3xslOQdz+RT7gCkCm1xGX1E4pCtyoEUuaWui68X3jYC GTm3GfjWDlGI5Wn4MoU79NHeGnvbuahdLHKIPYhPa52S4ZaGN7Fkn0xVMs4Fa5xS9dIc TKJ9wDft6jVO4Z/92+/ilVjBLs7ET84XeWZSHWFGgluUoQUa09WrHPXgJfjXgC8eOmJW 2TwV0Qf2Uenrf7Mlk3F4fpsQJoKT+9gWrIOPKYJ7XsMSgF+pvGjq5XR+vB7JJMT/9LJ2 rStg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=KWt2/ngqRZl5QuD4sv4zP0M/aVeTZYIc/05gHj626E0=; fh=teZlz7SBfH5EzbKeweUr3EHw/F0Mae4GUR03Pf5I1+E=; b=p+sSuIJooqDBVkLGrAdHDuGBDgEXNXpSM+yJofnPTuG6btxlPt4Sc57vRy7BazFTb7 1lCSRNkrkKfIZONsDs/ivqkaXvw0m/yElp7oio/EAnBEOR1SJM+dEsOTPbdnfJ6C9Fbr lEv9t+Smi660Us1/ZA/0+/IU/bVAizHxYQ5t6uogyA3bwdYacnQ1CcJoQva0CjPEVVgV ysDP0b+fwvdqX0vVnK5do58f10HMY4kU33qsMe+Arx9lbnwKaU+Q4zOVREOOGhPY15sK LpqxMjvddn3G23SkXsPsdq7By6ZQH+8xmaYENET+RXV37V+5CBDmlaNtADxNsOp8P18u /cGg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=S+wdhtbz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id q14-20020a63e94e000000b005898cf1c6a0si8479542pgj.324.2023.11.20.10.24.02 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 20 Nov 2023 10:24:07 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=S+wdhtbz; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 46A0C80FA87D; Mon, 20 Nov 2023 10:24:02 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232057AbjKTSYB (ORCPT + 99 others); Mon, 20 Nov 2023 13:24:01 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51632 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232109AbjKTSX7 (ORCPT ); Mon, 20 Nov 2023 13:23:59 -0500 Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5CC8AC8; Mon, 20 Nov 2023 10:23:54 -0800 (PST) Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-1cc9b626a96so34069135ad.2; Mon, 20 Nov 2023 10:23:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700504634; x=1701109434; darn=vger.kernel.org; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=KWt2/ngqRZl5QuD4sv4zP0M/aVeTZYIc/05gHj626E0=; b=S+wdhtbzJQrxem8qosDtNISOLMdN7jSlgRs/qcGbAgyPbiLaTxuztYL7g5cI6KDv2D oVGLsOECLBx98DXzTGPIra3OV6LdwcL0ZVk9npVhQkhp59NimQYjQ/WpRjx/CY0vF+ap kP8Hcx38memWh2BV4d9MCI82dj+an5eXJlZcsVOARD6ed3G1yencgRtlMe6nREmbdZ99 1NUjUDCwGFnPbUrmjHHc53bjc4lL++j1MCg+dOlCmZGwZL/cE/M6koJhu6cSobegVwy2 ES0MjgFSI1LVrPNTnYL+m4Gok4uUZw0YPyT/NLL5H6S637+Rp4EWN8Kl97jXWYm60TM1 HyHw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700504634; x=1701109434; h=content-transfer-encoding:in-reply-to:from:content-language :references:cc:to:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=KWt2/ngqRZl5QuD4sv4zP0M/aVeTZYIc/05gHj626E0=; b=R35lBeKCHS+S/5UvFWYIE3AKOqMYO2vWOrBauHy78IkdJqJNF4cveaAO4f9yORAA1Z jvJLhfIwJUZwuInychpcMYyTXXuUSPMFN2tpf/MyN0TnryDded6d6JuRDU2IFXn3kk0F 3V74dw1d//27qiRV3FEeBZvwt1g2MRAx+0GknbCoG92/qSH7xddmeL9h5qaddJ2QmEc2 f6EGa/Zz00mjBqiGvm5SiodtoNZ94/5EIWz4clRo3FsJytJPvtmwGdd3DifqVmSuwtab lzOhbd7B2yjKRkAtlR9lOWILbLuuNybIqdRY0SJNnHFpmNotjxmsFrBTXSkx0TufWY9b 4hpw== X-Gm-Message-State: AOJu0YxgZw4WZ4ee4qGTowbVQr3/Rsm4MIQnBD+qVmuO/IMPp7a66m6/ CRhVA0fB/UE2vAQ1K+gORYg= X-Received: by 2002:a17:902:ecd0:b0:1ce:6687:c93e with SMTP id a16-20020a170902ecd000b001ce6687c93emr7650636plh.69.1700504633709; Mon, 20 Nov 2023 10:23:53 -0800 (PST) Received: from [192.168.1.100] (bb220-255-254-193.singnet.com.sg. [220.255.254.193]) by smtp.gmail.com with ESMTPSA id bj11-20020a170902850b00b001c739768214sm6401716plb.92.2023.11.20.10.23.52 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 20 Nov 2023 10:23:53 -0800 (PST) Message-ID: <8bce1251-7a6b-4b4c-b700-9d97c664689f@gmail.com> Date: Tue, 21 Nov 2023 02:23:51 +0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH] nfc: virtual_ncidev: Add variable to check if ndev is running To: Krzysztof Kozlowski , bongsu.jeon@samsung.com Cc: "netdev@vger.kernel.org" , "linux-kernel@vger.kernel.org" , "syzbot+6eb09d75211863f15e3e@syzkaller.appspotmail.com" References: <20231119164705.1991375-1-phind.uet@gmail.com> <20231120044706epcms2p48c4579db14cc4f3274031036caac4718@epcms2p4> <20d93e83-66c0-28d9-4426-a0d4c098f303@gmail.com> Content-Language: en-US From: Phi Nguyen In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM, RCVD_IN_DNSWL_BLOCKED,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Mon, 20 Nov 2023 10:24:02 -0800 (PST) On 11/20/2023 6:45 PM, Krzysztof Kozlowski wrote: > On 20/11/2023 11:39, Nguyen Dinh Phi wrote: >>>>> mutex_lock(&vdev->mtx); >>>>> kfree_skb(vdev->send_buff); >>>>> vdev->send_buff = NULL; >>>>> + vdev->running = false; >>>>> mutex_unlock(&vdev->mtx); >>>>> >>>>> return 0; >>>>> @@ -50,7 +55,7 @@ static int virtual_nci_send(struct nci_dev *ndev, struct sk_buff *skb) >>>>> struct virtual_nci_dev *vdev = nci_get_drvdata(ndev); >>>>> >>>>> mutex_lock(&vdev->mtx); >>>>> - if (vdev->send_buff) { >>>>> + if (vdev->send_buff || !vdev->running) { >>>> >>>> Dear Krzysztof, >>>> >>>> I agree this defensive code. >>>> But i think NFC submodule has to avoid this situation.(calling send function of closed nci_dev) >>>> Could you check this? >>> >>> This code looks not effective. At this point vdev->send_buff is always >>> false, so the additional check would not bring any value. >>> >>> I don't see this fixing anything. Syzbot also does not seem to agree. >>> >>> Nguyen, please test your patches against syzbot *before* sending them. >>> If you claim this fixes the report, please provide me the link to syzbot >>> test results confirming it is fixed. >>> >>> I looked at syzbot dashboard and do not see this issue fixed with this >>> patch. >>> >>> Best regards, >>> Krzysztof >>> >> >> Hi Krzysztof, >> >> I've submitted it to syzbot, it is the test request that created at >> [2023/11/20 09:39] in dashboard link >> https://syzkaller.appspot.com/bug?extid=6eb09d75211863f15e3e > > ...and I see there two errors. > These are because I sent email wrongly and syzbot truncates the patch and can not compile > I don't know, maybe I miss something obvious (our brains like to do it > sometimes), but please explain me how this could fix anything? > > Best regards, > Krzysztof > The issue arises when an skb is added to the send_buff after invoking ndev->ops->close() but before unregistering the device. In such cases, the virtual device will generate a copy of skb, but with no consumer thereafter. Consequently, this object persists indefinitely. This problem seems to stem from the existence of time gaps between ops->close() and the destruction of the workqueue. During this interval, incoming requests continue to trigger the send function. best regards, Phi