From patchwork Wed Jul 6 05:21:15 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907324 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A04B2C433EF for ; Wed, 6 Jul 2022 05:22:14 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230403AbiGFFWN (ORCPT ); Wed, 6 Jul 2022 01:22:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45078 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229586AbiGFFWM (ORCPT ); Wed, 6 Jul 2022 01:22:12 -0400 Received: from smtp-fw-80006.amazon.com (smtp-fw-80006.amazon.com [99.78.197.217]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9D1B8201AE; Tue, 5 Jul 2022 22:22:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657084929; x=1688620929; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=0ktErGUxee0HxFn0K3EFz92GAteW37Trp2iCXAPhjIE=; b=U3e7gdG/E2vvw5VUyJ2RAMDjD62cQWuXSTRgbKz09/fUXYopOH8tzGNu 7f6vyoe8pK/fuOECq6MOkz3pyzuTDJ3kOE3EsDtTUqrX3kw7zErtVXFJi 6k8dccjlr9x+Ehj54dPFb5ckQiooxFa1kldlRCNokYo99N3XYcKrOLV+9 Y=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="105210165" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO email-inbound-relay-pdx-2b-1f9d5b26.us-west-2.amazon.com) ([10.25.36.210]) by smtp-border-fw-80006.pdx80.corp.amazon.com with ESMTP; 06 Jul 2022 05:21:55 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2b-1f9d5b26.us-west-2.amazon.com (Postfix) with ESMTPS id 2A39E43400; Wed, 6 Jul 2022 05:21:55 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:21:54 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:21:52 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 01/16] sysctl: Clean up proc_handler definitions. Date: Tue, 5 Jul 2022 22:21:15 -0700 Message-ID: <20220706052130.16368-2-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org All proc_handler variants have almost the same function prototypes in sysctl.h and empty functions in sysctl.c in case CONFIG_PROC_SYSCTL is disabled. This patch arranges them in the same order and defines them cleanly with two macros so that we can add lockless helpers easily in the following commits. Signed-off-by: Kuniyuki Iwashima --- include/linux/sysctl.h | 43 ++++++++--------- kernel/sysctl.c | 105 ++++++++++------------------------------- 2 files changed, 45 insertions(+), 103 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 80263f7cdb77..9beab3a4de3d 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -62,29 +62,26 @@ extern const int sysctl_vals[]; extern const unsigned long sysctl_long_vals[]; typedef int proc_handler(struct ctl_table *ctl, int write, void *buffer, - size_t *lenp, loff_t *ppos); - -int proc_dostring(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dobool(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos); -int proc_dointvec(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_douintvec(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dointvec_minmax(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_douintvec_minmax(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos); -int proc_dou8vec_minmax(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos); -int proc_dointvec_jiffies(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_dointvec_userhz_jiffies(struct ctl_table *, int, void *, size_t *, - loff_t *); -int proc_dointvec_ms_jiffies(struct ctl_table *, int, void *, size_t *, - loff_t *); -int proc_doulongvec_minmax(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int, void *, - size_t *, loff_t *); -int proc_do_large_bitmap(struct ctl_table *, int, void *, size_t *, loff_t *); -int proc_do_static_key(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos); + size_t *lenp, loff_t *ppos); + +#define PROC_HANDLER(function) \ + int function(struct ctl_table *table, int write, void *buffer, \ + size_t *lenp, loff_t *ppos) + +PROC_HANDLER(proc_dostring); +PROC_HANDLER(proc_dobool); +PROC_HANDLER(proc_dointvec); +PROC_HANDLER(proc_douintvec); +PROC_HANDLER(proc_dointvec_minmax); +PROC_HANDLER(proc_douintvec_minmax); +PROC_HANDLER(proc_dou8vec_minmax); +PROC_HANDLER(proc_doulongvec_minmax); +PROC_HANDLER(proc_doulongvec_ms_jiffies_minmax); +PROC_HANDLER(proc_dointvec_jiffies); +PROC_HANDLER(proc_dointvec_userhz_jiffies); +PROC_HANDLER(proc_dointvec_ms_jiffies); +PROC_HANDLER(proc_do_large_bitmap); +PROC_HANDLER(proc_do_static_key); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index e52b6e372c60..1082c8bc5ba5 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1016,7 +1016,6 @@ int proc_dou8vec_minmax(struct ctl_table *table, int write, *data = val; return 0; } -EXPORT_SYMBOL_GPL(proc_dou8vec_minmax); #ifdef CONFIG_MAGIC_SYSRQ static int sysrq_sysctl_handler(struct ctl_table *table, int write, @@ -1475,83 +1474,28 @@ int proc_do_large_bitmap(struct ctl_table *table, int write, #else /* CONFIG_PROC_SYSCTL */ -int proc_dostring(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_dobool(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_dointvec(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_douintvec(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_dointvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_douintvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_dou8vec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} -int proc_dointvec_jiffies(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_dointvec_userhz_jiffies(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_dointvec_ms_jiffies(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_doulongvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} - -int proc_doulongvec_ms_jiffies_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} +#define PROC_HANDLER_ENOSYS(function) \ + int function(struct ctl_table *table, int write, \ + void *buffer, size_t *lenp, loff_t *ppos) \ + { \ + return -ENOSYS; \ + } -int proc_do_large_bitmap(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) -{ - return -ENOSYS; -} +PROC_HANDLER_ENOSYS(proc_dostring); +PROC_HANDLER_ENOSYS(proc_dobool); +PROC_HANDLER_ENOSYS(proc_dointvec); +PROC_HANDLER_ENOSYS(proc_douintvec); +PROC_HANDLER_ENOSYS(proc_dointvec_minmax); +PROC_HANDLER_ENOSYS(proc_douintvec_minmax); +PROC_HANDLER_ENOSYS(proc_dou8vec_minmax); +PROC_HANDLER_ENOSYS(proc_doulongvec_minmax); +PROC_HANDLER_ENOSYS(proc_doulongvec_ms_jiffies_minmax); +PROC_HANDLER_ENOSYS(proc_dointvec_jiffies); +PROC_HANDLER_ENOSYS(proc_dointvec_userhz_jiffies); +PROC_HANDLER_ENOSYS(proc_dointvec_ms_jiffies); +PROC_HANDLER_ENOSYS(proc_do_cad_pid); +PROC_HANDLER_ENOSYS(proc_do_large_bitmap); #endif /* CONFIG_PROC_SYSCTL */ @@ -2448,15 +2392,16 @@ int __init sysctl_init_bases(void) * No sense putting this after each symbol definition, twice, * exception granted :-) */ +EXPORT_SYMBOL(proc_dostring); EXPORT_SYMBOL(proc_dobool); EXPORT_SYMBOL(proc_dointvec); EXPORT_SYMBOL(proc_douintvec); -EXPORT_SYMBOL(proc_dointvec_jiffies); EXPORT_SYMBOL(proc_dointvec_minmax); EXPORT_SYMBOL_GPL(proc_douintvec_minmax); -EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); -EXPORT_SYMBOL(proc_dointvec_ms_jiffies); -EXPORT_SYMBOL(proc_dostring); +EXPORT_SYMBOL_GPL(proc_dou8vec_minmax); EXPORT_SYMBOL(proc_doulongvec_minmax); EXPORT_SYMBOL(proc_doulongvec_ms_jiffies_minmax); +EXPORT_SYMBOL(proc_dointvec_jiffies); +EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); +EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_do_large_bitmap); From patchwork Wed Jul 6 05:21:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907325 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id A4791CCA47F for ; Wed, 6 Jul 2022 05:22:30 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230481AbiGFFW3 (ORCPT ); Wed, 6 Jul 2022 01:22:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45192 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230445AbiGFFW2 (ORCPT ); Wed, 6 Jul 2022 01:22:28 -0400 Received: from smtp-fw-9103.amazon.com (smtp-fw-9103.amazon.com [207.171.188.200]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 42AD4205F0; Tue, 5 Jul 2022 22:22:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657084947; x=1688620947; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=nXgol3t1QpvI6in0uKJ77IASldBl9uWqY9rKUYy3dVc=; b=R5tB7PqpH13hGGQFdzTOcZche8ElVXvks24T1vkKTgFqdom4ixemnmm+ Cb19zPnWbFkW/79WZ08xQnVh9QibyNzo8JZUZBA7aHjM+vvupa524Re56 2INnnJ8vND8rh2veu3gDcF4IdqNdPElkMLwuMoW6K0Te3kdKIKwxR5CVP I=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="1031201485" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO email-inbound-relay-pdx-2c-7d0c7241.us-west-2.amazon.com) ([10.25.36.214]) by smtp-border-fw-9103.sea19.amazon.com with ESMTP; 06 Jul 2022 05:22:10 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2c-7d0c7241.us-west-2.amazon.com (Postfix) with ESMTPS id 7134943B52; Wed, 6 Jul 2022 05:22:10 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:22:09 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:22:07 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , , Jia He Subject: [PATCH v1 net 02/16] sysctl: Add proc_dobool_lockless(). Date: Tue, 5 Jul 2022 22:21:16 -0700 Message-ID: <20220706052130.16368-3-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_dobool() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_dobool() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_dobool() to a wrapper of proc_dobool_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_dobool()'s document and adds proc_dobool_lockless()'s one so that no one will use proc_dobool() anymore. Fixes: a2071573d634 ("sysctl: introduce new proc handler proc_dobool") Signed-off-by: Kuniyuki Iwashima --- CC: Jia He --- include/linux/sysctl.h | 2 ++ kernel/sysctl.c | 23 ++++++++++++++++------- 2 files changed, 18 insertions(+), 7 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 9beab3a4de3d..fcafc16abbad 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -83,6 +83,8 @@ PROC_HANDLER(proc_dointvec_ms_jiffies); PROC_HANDLER(proc_do_large_bitmap); PROC_HANDLER(proc_do_static_key); +PROC_HANDLER(proc_dobool_lockless); + /* * Register a set of sysctl names by calling register_sysctl_table * with an initialised array of struct ctl_table's. An entry with diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 1082c8bc5ba5..bc6fcc64eeaf 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -424,13 +424,12 @@ static void proc_put_char(void **buf, size_t *size, char c) } static int do_proc_dobool_conv(bool *negp, unsigned long *lvalp, - int *valp, - int write, void *data) + int *valp, int write, void *data) { if (write) { - *(bool *)valp = *lvalp; + WRITE_ONCE(*(bool *)valp, *lvalp); } else { - int val = *(bool *)valp; + int val = READ_ONCE(*(bool *)valp); *lvalp = (unsigned long)val; *negp = false; @@ -701,7 +700,7 @@ int do_proc_douintvec(struct ctl_table *table, int write, } /** - * proc_dobool - read/write a bool + * proc_dobool_lockless - read/write a bool locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -713,13 +712,19 @@ int do_proc_douintvec(struct ctl_table *table, int write, * * Returns 0 on success. */ -int proc_dobool(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +int proc_dobool_lockless(struct ctl_table *table, int write, void *buffer, + size_t *lenp, loff_t *ppos) { return do_proc_dointvec(table, write, buffer, lenp, ppos, do_proc_dobool_conv, NULL); } +int proc_dobool(struct ctl_table *table, int write, void *buffer, + size_t *lenp, loff_t *ppos) +{ + return proc_dobool_lockless(table, write, buffer, lenp, ppos); +} + /** * proc_dointvec - read a vector of integers * @table: the sysctl table @@ -1497,6 +1502,8 @@ PROC_HANDLER_ENOSYS(proc_dointvec_ms_jiffies); PROC_HANDLER_ENOSYS(proc_do_cad_pid); PROC_HANDLER_ENOSYS(proc_do_large_bitmap); +PROC_HANDLER_ENOSYS(proc_dobool_lockless); + #endif /* CONFIG_PROC_SYSCTL */ #if defined(CONFIG_SYSCTL) @@ -2405,3 +2412,5 @@ EXPORT_SYMBOL(proc_dointvec_jiffies); EXPORT_SYMBOL(proc_dointvec_userhz_jiffies); EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_do_large_bitmap); + +EXPORT_SYMBOL(proc_dobool_lockless); From patchwork Wed Jul 6 05:21:17 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907326 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CF0ABC43334 for ; Wed, 6 Jul 2022 05:22:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230301AbiGFFWp (ORCPT ); Wed, 6 Jul 2022 01:22:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45724 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231150AbiGFFWm (ORCPT ); Wed, 6 Jul 2022 01:22:42 -0400 Received: from smtp-fw-6001.amazon.com (smtp-fw-6001.amazon.com [52.95.48.154]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0047020F71; Tue, 5 Jul 2022 22:22:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657084959; x=1688620959; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=vvTkQI5kZROfLMtnVMR0jXY5cgp4oarvGhfx+4aDV60=; b=FgBALXTashDb6KrKBVo2VYGUIdBd3WG231pg8K2CNFINgdZMfZByEBqP PKoCy2eO+NmRegISezQC19THxkOfmMtvJVi6PbsLG+1PfinnSq18lwlg6 kOElMSGPBpR2ait61eUEfYtc32o8TIVVfBdQGyF9eTvMVxtVzXWMAZhSI 8=; Received: from iad12-co-svc-p1-lb1-vlan3.amazon.com (HELO email-inbound-relay-pdx-2a-6a4112b2.us-west-2.amazon.com) ([10.43.8.6]) by smtp-border-fw-6001.iad6.amazon.com with ESMTP; 06 Jul 2022 05:22:25 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2a-6a4112b2.us-west-2.amazon.com (Postfix) with ESMTPS id 63C684C0077; Wed, 6 Jul 2022 05:22:25 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:22:24 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:22:22 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 03/16] sysctl: Add proc_dointvec_lockless(). Date: Tue, 5 Jul 2022 22:21:17 -0700 Message-ID: <20220706052130.16368-4-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_dointvec() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_dointvec() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_dointvec() to a wrapper of proc_dointvec_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_dointvec()'s document and adds proc_dointvec_lockless()'s one so that no one will use proc_dointvec() anymore. While we are on it, we remove some trailing spaces. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- include/linux/sysctl.h | 1 + kernel/sysctl.c | 27 +++++++++++++++++++-------- 2 files changed, 20 insertions(+), 8 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index fcafc16abbad..cb87919b5508 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -84,6 +84,7 @@ PROC_HANDLER(proc_do_large_bitmap); PROC_HANDLER(proc_do_static_key); PROC_HANDLER(proc_dobool_lockless); +PROC_HANDLER(proc_dointvec_lockless); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index bc6fcc64eeaf..50d9b78aa0b3 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -445,14 +445,17 @@ static int do_proc_dointvec_conv(bool *negp, unsigned long *lvalp, if (*negp) { if (*lvalp > (unsigned long) INT_MAX + 1) return -EINVAL; - *valp = -*lvalp; + + WRITE_ONCE(*valp, -*lvalp); } else { if (*lvalp > (unsigned long) INT_MAX) return -EINVAL; - *valp = *lvalp; + + WRITE_ONCE(*valp, *lvalp); } } else { - int val = *valp; + int val = READ_ONCE(*valp); + if (val < 0) { *negp = true; *lvalp = -(unsigned long)val; @@ -491,12 +494,12 @@ static int __do_proc_dointvec(void *tbl_data, struct ctl_table *table, int *i, vleft, first = 1, err = 0; size_t left; char *p; - + if (!tbl_data || !table->maxlen || !*lenp || (*ppos && !write)) { *lenp = 0; return 0; } - + i = (int *) tbl_data; vleft = table->maxlen / sizeof(*i); left = *lenp; @@ -726,7 +729,7 @@ int proc_dobool(struct ctl_table *table, int write, void *buffer, } /** - * proc_dointvec - read a vector of integers + * proc_dointvec_lockless - read/write a vector of integers locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -734,14 +737,20 @@ int proc_dobool(struct ctl_table *table, int write, void *buffer, * @ppos: file position * * Reads/writes up to table->maxlen/sizeof(unsigned int) integer - * values from/to the user buffer, treated as an ASCII string. + * values from/to the user buffer, treated as an ASCII string. * * Returns 0 on success. */ +int proc_dointvec_lockless(struct ctl_table *table, int write, void *buffer, + size_t *lenp, loff_t *ppos) +{ + return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL); +} + int proc_dointvec(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { - return do_proc_dointvec(table, write, buffer, lenp, ppos, NULL, NULL); + return proc_dointvec_lockless(table, write, buffer, lenp, ppos); } #ifdef CONFIG_COMPACTION @@ -1503,6 +1512,7 @@ PROC_HANDLER_ENOSYS(proc_do_cad_pid); PROC_HANDLER_ENOSYS(proc_do_large_bitmap); PROC_HANDLER_ENOSYS(proc_dobool_lockless); +PROC_HANDLER_ENOSYS(proc_dointvec_lockless); #endif /* CONFIG_PROC_SYSCTL */ @@ -2414,3 +2424,4 @@ EXPORT_SYMBOL(proc_dointvec_ms_jiffies); EXPORT_SYMBOL(proc_do_large_bitmap); EXPORT_SYMBOL(proc_dobool_lockless); +EXPORT_SYMBOL(proc_dointvec_lockless); From patchwork Wed Jul 6 05:21:18 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907327 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 63DC6C433EF for ; Wed, 6 Jul 2022 05:23:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231181AbiGFFXK (ORCPT ); Wed, 6 Jul 2022 01:23:10 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46196 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231417AbiGFFXC (ORCPT ); Wed, 6 Jul 2022 01:23:02 -0400 Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com [207.171.184.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFABA2180D; Tue, 5 Jul 2022 22:22:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657084976; x=1688620976; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=mKWxbo4eRi3u9tBD8C1LmmWJYH/wd8q8AiV00I6QWKU=; b=ITbuIF+E3OLRzFapurihekpwkaBbR0x6tVc9BIjR28yFkX54anVd6pUB 3YzQuxFiEY2C2Jq80hejs7HPXes0j5ej58mwXiu8oyLFGwz97K3n3tGmV Uar4hvy5wdG4oCSKwZjeiNOwWliiiVkhl/+sN1ARiPOqVgkQLHZ6PJp3R E=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="235270838" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO email-inbound-relay-pdx-2a-1801e169.us-west-2.amazon.com) ([10.25.36.210]) by smtp-border-fw-9102.sea19.amazon.com with ESMTP; 06 Jul 2022 05:22:40 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2a-1801e169.us-west-2.amazon.com (Postfix) with ESMTPS id 17506C0858; Wed, 6 Jul 2022 05:22:40 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:22:39 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:22:36 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , , Subash Abhinov Kasiviswanathan Subject: [PATCH v1 net 04/16] sysctl: Add proc_douintvec_lockless(). Date: Tue, 5 Jul 2022 22:21:18 -0700 Message-ID: <20220706052130.16368-5-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_douintvec() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_douintvec() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_douintvec() to a wrapper of proc_douintvec_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_douintvec()'s document and adds proc_douintvec_lockless()'s one so that no one will use proc_douintvec() anymore. Fixes: e7d316a02f68 ("sysctl: handle error writing UINT_MAX to u32 fields") Signed-off-by: Kuniyuki Iwashima --- CC: Subash Abhinov Kasiviswanathan --- include/linux/sysctl.h | 1 + kernel/sysctl.c | 20 +++++++++++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index cb87919b5508..770ee1833c25 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -85,6 +85,7 @@ PROC_HANDLER(proc_do_static_key); PROC_HANDLER(proc_dobool_lockless); PROC_HANDLER(proc_dointvec_lockless); +PROC_HANDLER(proc_douintvec_lockless); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 50d9b78aa0b3..be8a7d912180 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -474,9 +474,11 @@ static int do_proc_douintvec_conv(unsigned long *lvalp, if (write) { if (*lvalp > UINT_MAX) return -EINVAL; - *valp = *lvalp; + + WRITE_ONCE(*valp, *lvalp); } else { - unsigned int val = *valp; + unsigned int val = READ_ONCE(*valp); + *lvalp = (unsigned long)val; } return 0; @@ -775,7 +777,7 @@ static int proc_dointvec_minmax_warn_RT_change(struct ctl_table *table, #endif /** - * proc_douintvec - read a vector of unsigned integers + * proc_douintvec_lockless - read/write a vector of unsigned integers locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -787,13 +789,19 @@ static int proc_dointvec_minmax_warn_RT_change(struct ctl_table *table, * * Returns 0 on success. */ -int proc_douintvec(struct ctl_table *table, int write, void *buffer, - size_t *lenp, loff_t *ppos) +int proc_douintvec_lockless(struct ctl_table *table, int write, void *buffer, + size_t *lenp, loff_t *ppos) { return do_proc_douintvec(table, write, buffer, lenp, ppos, do_proc_douintvec_conv, NULL); } +int proc_douintvec(struct ctl_table *table, int write, void *buffer, + size_t *lenp, loff_t *ppos) +{ + return proc_douintvec_lockless(table, write, buffer, lenp, ppos); +} + /* * Taint values can only be increased * This means we can safely use a temporary. @@ -1513,6 +1521,7 @@ PROC_HANDLER_ENOSYS(proc_do_large_bitmap); PROC_HANDLER_ENOSYS(proc_dobool_lockless); PROC_HANDLER_ENOSYS(proc_dointvec_lockless); +PROC_HANDLER_ENOSYS(proc_douintvec_lockless); #endif /* CONFIG_PROC_SYSCTL */ @@ -2425,3 +2434,4 @@ EXPORT_SYMBOL(proc_do_large_bitmap); EXPORT_SYMBOL(proc_dobool_lockless); EXPORT_SYMBOL(proc_dointvec_lockless); +EXPORT_SYMBOL(proc_douintvec_lockless); From patchwork Wed Jul 6 05:21:19 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907329 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0C7A9C433EF for ; Wed, 6 Jul 2022 05:23:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231280AbiGFFXY (ORCPT ); Wed, 6 Jul 2022 01:23:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46784 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231382AbiGFFXN (ORCPT ); Wed, 6 Jul 2022 01:23:13 -0400 Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B4CBA2124F; Tue, 5 Jul 2022 22:23:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657084992; x=1688620992; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=YXuh7vJXEQMSPq64wbRPnqP7B9hkeIKY5sqtiuHZaPc=; b=r/p2tNZc9GUR1jWFc6Uh3tZUs2CmBV6xKaAa+VKyB/OrNQN0ztRO9iW9 4BMMrEh7F1Z5yvLXM5NljwCA06rhQAp+3Q7xq43ONhg+Z3XYUJTnGp3Yy e6VYT2YBAJ9VBKTwNVlb4W9H0Ea3JU9/C+sbnntIwZ7xRyKiGB/nvDS3B U=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="105282277" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO email-inbound-relay-pdx-2b-1f9d5b26.us-west-2.amazon.com) ([10.25.36.214]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP; 06 Jul 2022 05:22:56 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2b-1f9d5b26.us-west-2.amazon.com (Postfix) with ESMTPS id A9B5942040; Wed, 6 Jul 2022 05:22:56 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:22:56 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:22:53 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 05/16] sysctl: Add proc_dointvec_minmax_lockless(). Date: Tue, 5 Jul 2022 22:21:19 -0700 Message-ID: <20220706052130.16368-6-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_dointvec_minmax() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_dointvec_minmax() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_dointvec_minmax() to a wrapper of proc_dointvec_minmax_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_dointvec_minmax()'s document and adds proc_dointvec_minmax_lockless()'s one so that no one will use proc_dointvec_minmax() anymore. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- include/linux/sysctl.h | 1 + kernel/sysctl.c | 19 +++++++++++++++---- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 770ee1833c25..7f91cc625d56 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -86,6 +86,7 @@ PROC_HANDLER(proc_do_static_key); PROC_HANDLER(proc_dobool_lockless); PROC_HANDLER(proc_dointvec_lockless); PROC_HANDLER(proc_douintvec_lockless); +PROC_HANDLER(proc_dointvec_minmax_lockless); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index be8a7d912180..aead731ae74b 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -879,14 +879,16 @@ static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, if ((param->min && *param->min > tmp) || (param->max && *param->max < tmp)) return -EINVAL; - *valp = tmp; + + WRITE_ONCE(*valp, tmp); } return 0; } /** - * proc_dointvec_minmax - read a vector of integers with min/max values + * proc_dointvec_minmax_lockless - read/write a vector of integers with + * min/max values locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -901,8 +903,8 @@ static int do_proc_dointvec_minmax_conv(bool *negp, unsigned long *lvalp, * * Returns 0 on success or -EINVAL on write when the range check fails. */ -int proc_dointvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +int proc_dointvec_minmax_lockless(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { struct do_proc_dointvec_minmax_conv_param param = { .min = (int *) table->extra1, @@ -912,6 +914,13 @@ int proc_dointvec_minmax(struct ctl_table *table, int write, do_proc_dointvec_minmax_conv, ¶m); } +int proc_dointvec_minmax(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + return proc_dointvec_minmax_lockless(table, write, buffer, + lenp, ppos); +} + /** * struct do_proc_douintvec_minmax_conv_param - proc_douintvec_minmax() range checking structure * @min: pointer to minimum allowable value @@ -1522,6 +1531,7 @@ PROC_HANDLER_ENOSYS(proc_do_large_bitmap); PROC_HANDLER_ENOSYS(proc_dobool_lockless); PROC_HANDLER_ENOSYS(proc_dointvec_lockless); PROC_HANDLER_ENOSYS(proc_douintvec_lockless); +PROC_HANDLER_ENOSYS(proc_dointvec_minmax_lockless); #endif /* CONFIG_PROC_SYSCTL */ @@ -2435,3 +2445,4 @@ EXPORT_SYMBOL(proc_do_large_bitmap); EXPORT_SYMBOL(proc_dobool_lockless); EXPORT_SYMBOL(proc_dointvec_lockless); EXPORT_SYMBOL(proc_douintvec_lockless); +EXPORT_SYMBOL(proc_dointvec_minmax_lockless); From patchwork Wed Jul 6 05:21:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907330 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C217EC43334 for ; Wed, 6 Jul 2022 05:23:39 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231359AbiGFFXi (ORCPT ); Wed, 6 Jul 2022 01:23:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46638 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231349AbiGFFX0 (ORCPT ); Wed, 6 Jul 2022 01:23:26 -0400 Received: from smtp-fw-2101.amazon.com (smtp-fw-2101.amazon.com [72.21.196.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B4396DE6; Tue, 5 Jul 2022 22:23:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085004; x=1688621004; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=jh0a+absz9pAb5bIlORUQ/Q1+4cClz2C63wKgA8hG5I=; b=orhJLYQcJiu/kREOpdVNW9a8I2XTwrjwMVg7EZmQu+6wdjdUfAtKcIdF bK12O0bJBf47CLArOqMGig8yFS1mBNeqElC9ryjy7cRd5ta+LaqKiLjrL bPRc4/qvbqjP6H/RN8Z8hQC+EsIz2FI1VPB0Fgs3uq4vcE27KXFMO2fvE Y=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="215167206" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2c-90419278.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-2101.iad2.amazon.com with ESMTP; 06 Jul 2022 05:23:11 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2c-90419278.us-west-2.amazon.com (Postfix) with ESMTPS id 4BA3644103; Wed, 6 Jul 2022 05:23:11 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:23:10 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:23:08 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 06/16] sysctl: Add proc_douintvec_minmax_lockless(). Date: Tue, 5 Jul 2022 22:21:20 -0700 Message-ID: <20220706052130.16368-7-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_douintvec_minmax() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_douintvec_minmax() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_douintvec_minmax() to a wrapper of proc_douintvec_minmax_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_douintvec_minmax()'s document and adds proc_douintvec_minmax_lockless()'s one so that no one will use proc_douintvec_minmax() anymore. Fixes: 61d9b56a8920 ("sysctl: add unsigned int range support") Signed-off-by: Kuniyuki Iwashima --- CC: Luis R. Rodriguez --- include/linux/sysctl.h | 1 + kernel/sysctl.c | 17 +++++++++++++---- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 7f91cc625d56..830d1a8f21d4 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -87,6 +87,7 @@ PROC_HANDLER(proc_dobool_lockless); PROC_HANDLER(proc_dointvec_lockless); PROC_HANDLER(proc_douintvec_lockless); PROC_HANDLER(proc_dointvec_minmax_lockless); +PROC_HANDLER(proc_douintvec_minmax_lockless); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index aead731ae74b..8ff57b8d1212 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -954,14 +954,15 @@ static int do_proc_douintvec_minmax_conv(unsigned long *lvalp, (param->max && *param->max < tmp)) return -ERANGE; - *valp = tmp; + WRITE_ONCE(*valp, tmp); } return 0; } /** - * proc_douintvec_minmax - read a vector of unsigned ints with min/max values + * proc_douintvec_minmax_lockless - read/write a vector of unsigned ints + * with min/max values locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -979,8 +980,8 @@ static int do_proc_douintvec_minmax_conv(unsigned long *lvalp, * * Returns 0 on success or -ERANGE on write when the range check fails. */ -int proc_douintvec_minmax(struct ctl_table *table, int write, - void *buffer, size_t *lenp, loff_t *ppos) +int proc_douintvec_minmax_lockless(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) { struct do_proc_douintvec_minmax_conv_param param = { .min = (unsigned int *) table->extra1, @@ -990,6 +991,12 @@ int proc_douintvec_minmax(struct ctl_table *table, int write, do_proc_douintvec_minmax_conv, ¶m); } +int proc_douintvec_minmax(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + return proc_douintvec_minmax_lockless(table, write, buffer, lenp, ppos); +} + /** * proc_dou8vec_minmax - read a vector of unsigned chars with min/max values * @table: the sysctl table @@ -1532,6 +1539,7 @@ PROC_HANDLER_ENOSYS(proc_dobool_lockless); PROC_HANDLER_ENOSYS(proc_dointvec_lockless); PROC_HANDLER_ENOSYS(proc_douintvec_lockless); PROC_HANDLER_ENOSYS(proc_dointvec_minmax_lockless); +PROC_HANDLER_ENOSYS(proc_douintvec_minmax_lockless); #endif /* CONFIG_PROC_SYSCTL */ @@ -2446,3 +2454,4 @@ EXPORT_SYMBOL(proc_dobool_lockless); EXPORT_SYMBOL(proc_dointvec_lockless); EXPORT_SYMBOL(proc_douintvec_lockless); EXPORT_SYMBOL(proc_dointvec_minmax_lockless); +EXPORT_SYMBOL_GPL(proc_douintvec_minmax_lockless); From patchwork Wed Jul 6 05:21:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907331 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 48846C433EF for ; Wed, 6 Jul 2022 05:23:41 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231382AbiGFFXj (ORCPT ); Wed, 6 Jul 2022 01:23:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47322 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231370AbiGFFX1 (ORCPT ); Wed, 6 Jul 2022 01:23:27 -0400 Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com [207.171.184.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 39F333B0; Tue, 5 Jul 2022 22:23:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085006; x=1688621006; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=FH3JnsOgIqucU/O/kiHTcxh5RtV6tKMeFYEzhhc+/GI=; b=F8GbKNSV/eaqqyE+MlfTPBvXX07vN4cyB+wfd8dJM2VXW/BIQV4L1HgM KGvbkd2v235X4bzzppgTEeVl9GKnpk6HU2MqQM6IGTxOqOhEIrnZoPPWn f4Gq3GaluuNfpLXNtD5UmEA4+lPPMxBzBZJpcV0lhHwQRk1rqIDhoH1/r I=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="235270987" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO email-inbound-relay-pdx-2b-22c2b493.us-west-2.amazon.com) ([10.25.36.210]) by smtp-border-fw-9102.sea19.amazon.com with ESMTP; 06 Jul 2022 05:23:26 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2b-22c2b493.us-west-2.amazon.com (Postfix) with ESMTPS id B321F43A09; Wed, 6 Jul 2022 05:23:25 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:23:25 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:23:22 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 07/16] sysctl: Add proc_doulongvec_minmax_lockless(). Date: Tue, 5 Jul 2022 22:21:21 -0700 Message-ID: <20220706052130.16368-8-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_doulongvec_minmax() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_doulongvec_minmax() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_doulongvec_minmax() to a wrapper of proc_doulongvec_minmax_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_doulongvec_minmax()'s document and adds proc_doulongvec_minmax_lockless()'s one so that no one will use proc_doulongvec_minmax() anymore. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- include/linux/sysctl.h | 1 + kernel/sysctl.c | 21 +++++++++++++++++---- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index 830d1a8f21d4..c23b6beef748 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -88,6 +88,7 @@ PROC_HANDLER(proc_dointvec_lockless); PROC_HANDLER(proc_douintvec_lockless); PROC_HANDLER(proc_dointvec_minmax_lockless); PROC_HANDLER(proc_douintvec_minmax_lockless); +PROC_HANDLER(proc_doulongvec_minmax_lockless); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 8ff57b8d1212..931ab58985f2 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1127,9 +1127,11 @@ static int __do_proc_doulongvec_minmax(void *data, struct ctl_table *table, err = -EINVAL; break; } - *i = val; + + WRITE_ONCE(*i, val); } else { - val = convdiv * (*i) / convmul; + val = convdiv * READ_ONCE(*i) / convmul; + if (!first) proc_put_char(&buffer, &left, '\t'); proc_put_long(&buffer, &left, val, false); @@ -1157,7 +1159,8 @@ static int do_proc_doulongvec_minmax(struct ctl_table *table, int write, } /** - * proc_doulongvec_minmax - read a vector of long integers with min/max values + * proc_doulongvec_minmax_lockless - read/write a vector of long integers + * with min/max values locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -1172,10 +1175,18 @@ static int do_proc_doulongvec_minmax(struct ctl_table *table, int write, * * Returns 0 on success. */ +int proc_doulongvec_minmax_lockless(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, + 1l, 1l); +} + int proc_doulongvec_minmax(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { - return do_proc_doulongvec_minmax(table, write, buffer, lenp, ppos, 1l, 1l); + return proc_doulongvec_minmax_lockless(table, write, buffer, + lenp, ppos); } /** @@ -1540,6 +1551,7 @@ PROC_HANDLER_ENOSYS(proc_dointvec_lockless); PROC_HANDLER_ENOSYS(proc_douintvec_lockless); PROC_HANDLER_ENOSYS(proc_dointvec_minmax_lockless); PROC_HANDLER_ENOSYS(proc_douintvec_minmax_lockless); +PROC_HANDLER_ENOSYS(proc_doulongvec_minmax_lockless); #endif /* CONFIG_PROC_SYSCTL */ @@ -2455,3 +2467,4 @@ EXPORT_SYMBOL(proc_dointvec_lockless); EXPORT_SYMBOL(proc_douintvec_lockless); EXPORT_SYMBOL(proc_dointvec_minmax_lockless); EXPORT_SYMBOL_GPL(proc_douintvec_minmax_lockless); +EXPORT_SYMBOL(proc_doulongvec_minmax_lockless); From patchwork Wed Jul 6 05:21:22 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907332 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 610CCC43334 for ; Wed, 6 Jul 2022 05:23:58 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231370AbiGFFX4 (ORCPT ); Wed, 6 Jul 2022 01:23:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47890 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231438AbiGFFXp (ORCPT ); Wed, 6 Jul 2022 01:23:45 -0400 Received: from smtp-fw-2101.amazon.com (smtp-fw-2101.amazon.com [72.21.196.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D5017DFA3; Tue, 5 Jul 2022 22:23:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085025; x=1688621025; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=uJwiKDdUCE6ejBVfaNJ0Ksuef2MfhE73OPMC2pigcSU=; b=ip44yNYxVTvFZiW5SkFBN+O+hc9hWowPPNP59tYv+z+HnBTUkaaaWcWR FcP9TQWtqHZ95DYu1CCpFDV4W4m4vLaQN1X14zTQnBHc5WNdAFhZFeto0 WCijZyhKROb4mmgyKYE/Vdt5p0q967GUEjpXlETm+T99BbcvgPb9Sn6VI M=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="215167311" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2c-d9fba5dd.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-2101.iad2.amazon.com with ESMTP; 06 Jul 2022 05:23:42 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2c-d9fba5dd.us-west-2.amazon.com (Postfix) with ESMTPS id 357E043CB2; Wed, 6 Jul 2022 05:23:42 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:23:39 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:23:36 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 08/16] sysctl: Add proc_dointvec_jiffies_lockless(). Date: Tue, 5 Jul 2022 22:21:22 -0700 Message-ID: <20220706052130.16368-9-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch changes proc_dointvec_jiffies() to use READ_ONCE()/WRITE_ONCE() internally to fix a data-race on the sysctl side. For now, proc_dointvec_jiffies() itself is tolerant to a data-race, but we still need to add annotations on the other subsystem's side. In case we miss such fixes, this patch converts proc_dointvec_jiffies() to a wrapper of proc_dointvec_jiffies_lockless(). When we fix a data-race in the other subsystem, we can explicitly set it as a handler. Also, this patch removes proc_dointvec_jiffies()'s document and adds proc_dointvec_jiffies_lockless()'s one so that no one will use proc_dointvec_jiffies() anymore. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- include/linux/sysctl.h | 1 + kernel/sysctl.c | 26 ++++++++++++++++++++------ 2 files changed, 21 insertions(+), 6 deletions(-) diff --git a/include/linux/sysctl.h b/include/linux/sysctl.h index c23b6beef748..8747dbc721f5 100644 --- a/include/linux/sysctl.h +++ b/include/linux/sysctl.h @@ -89,6 +89,7 @@ PROC_HANDLER(proc_douintvec_lockless); PROC_HANDLER(proc_dointvec_minmax_lockless); PROC_HANDLER(proc_douintvec_minmax_lockless); PROC_HANDLER(proc_doulongvec_minmax_lockless); +PROC_HANDLER(proc_dointvec_jiffies_lockless); /* * Register a set of sysctl names by calling register_sysctl_table diff --git a/kernel/sysctl.c b/kernel/sysctl.c index 931ab58985f2..11a1ce837623 100644 --- a/kernel/sysctl.c +++ b/kernel/sysctl.c @@ -1221,10 +1221,15 @@ static int do_proc_dointvec_jiffies_conv(bool *negp, unsigned long *lvalp, if (write) { if (*lvalp > INT_MAX / HZ) return 1; - *valp = *negp ? -(*lvalp*HZ) : (*lvalp*HZ); + + if (*negp) + WRITE_ONCE(*valp, -(*lvalp * HZ)); + else + WRITE_ONCE(*valp, *lvalp * HZ); } else { - int val = *valp; + int val = READ_ONCE(*valp); unsigned long lval; + if (val < 0) { *negp = true; lval = -(unsigned long)val; @@ -1286,7 +1291,8 @@ static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp, } /** - * proc_dointvec_jiffies - read a vector of integers as seconds + * proc_dointvec_jiffies_lockless - read/write a vector of integers as + * seconds locklessly * @table: the sysctl table * @write: %TRUE if this is a write to the sysctl file * @buffer: the user buffer @@ -1294,17 +1300,23 @@ static int do_proc_dointvec_ms_jiffies_conv(bool *negp, unsigned long *lvalp, * @ppos: file position * * Reads/writes up to table->maxlen/sizeof(unsigned int) integer - * values from/to the user buffer, treated as an ASCII string. + * values from/to the user buffer, treated as an ASCII string. * The values read are assumed to be in seconds, and are converted into * jiffies. * * Returns 0 on success. */ +int proc_dointvec_jiffies_lockless(struct ctl_table *table, int write, + void *buffer, size_t *lenp, loff_t *ppos) +{ + return do_proc_dointvec(table, write, buffer, lenp, ppos, + do_proc_dointvec_jiffies_conv, NULL); +} + int proc_dointvec_jiffies(struct ctl_table *table, int write, void *buffer, size_t *lenp, loff_t *ppos) { - return do_proc_dointvec(table,write,buffer,lenp,ppos, - do_proc_dointvec_jiffies_conv,NULL); + return proc_dointvec_jiffies_lockless(table, write, buffer, lenp, ppos); } /** @@ -1552,6 +1564,7 @@ PROC_HANDLER_ENOSYS(proc_douintvec_lockless); PROC_HANDLER_ENOSYS(proc_dointvec_minmax_lockless); PROC_HANDLER_ENOSYS(proc_douintvec_minmax_lockless); PROC_HANDLER_ENOSYS(proc_doulongvec_minmax_lockless); +PROC_HANDLER_ENOSYS(proc_dointvec_jiffies_lockless); #endif /* CONFIG_PROC_SYSCTL */ @@ -2468,3 +2481,4 @@ EXPORT_SYMBOL(proc_douintvec_lockless); EXPORT_SYMBOL(proc_dointvec_minmax_lockless); EXPORT_SYMBOL_GPL(proc_douintvec_minmax_lockless); EXPORT_SYMBOL(proc_doulongvec_minmax_lockless); +EXPORT_SYMBOL(proc_dointvec_jiffies_lockless); From patchwork Wed Jul 6 05:21:23 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907333 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 17B62C43334 for ; Wed, 6 Jul 2022 05:24:07 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231480AbiGFFYG (ORCPT ); Wed, 6 Jul 2022 01:24:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48072 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231438AbiGFFX6 (ORCPT ); Wed, 6 Jul 2022 01:23:58 -0400 Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01055E24; Tue, 5 Jul 2022 22:23:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085038; x=1688621038; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=RL9MqhtNP4Ugne5QDUZKCAePLOhZ+YJB8hMatNmUWcU=; b=tBS1h8G+JAFEoMA1is0wW3zX71jLb/d6H0gMIrzid8dQCCwRg/HlGQKr o/wPBCaExuTkJE9hePU7pRIrOABxnk4H117EYZXSywD9BsdrDEvQHxC5T hEoBRWX84reNnyfqKkkRLokOd6rG1xOpvd9fE0bgQ3WWjG5VIni9TENyY U=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="105282475" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO email-inbound-relay-pdx-2c-d9fba5dd.us-west-2.amazon.com) ([10.25.36.214]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP; 06 Jul 2022 05:23:57 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2c-d9fba5dd.us-west-2.amazon.com (Postfix) with ESMTPS id 5974843CB2; Wed, 6 Jul 2022 05:23:57 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:23:54 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:23:52 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 09/16] tcp: Fix a data-race around sysctl_tcp_max_orphans. Date: Tue, 5 Jul 2022 22:21:23 -0700 Message-ID: <20220706052130.16368-10-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading sysctl_tcp_max_orphans, it can be changed concurrently. So, we need to add READ_ONCE(). Then we can set proc_dointvec_lockless() as the handler to mark it safe. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- net/ipv4/sysctl_net_ipv4.c | 2 +- net/ipv4/tcp.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index cd448cdd3b38..aa5adf136556 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -476,7 +476,7 @@ static struct ctl_table ipv4_table[] = { .data = &sysctl_tcp_max_orphans, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec + .proc_handler = proc_dointvec_lockless, }, { .procname = "inet_peer_threshold", diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 028513d3e2a2..2222dfdde316 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -2715,7 +2715,8 @@ static void tcp_orphan_update(struct timer_list *unused) static bool tcp_too_many_orphans(int shift) { - return READ_ONCE(tcp_orphan_cache) << shift > sysctl_tcp_max_orphans; + return READ_ONCE(tcp_orphan_cache) << shift > + READ_ONCE(sysctl_tcp_max_orphans); } bool tcp_check_oom(struct sock *sk, int shift) From patchwork Wed Jul 6 05:21:24 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907334 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id E8009C433EF for ; Wed, 6 Jul 2022 05:24:19 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231493AbiGFFYS (ORCPT ); Wed, 6 Jul 2022 01:24:18 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48220 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231487AbiGFFYK (ORCPT ); Wed, 6 Jul 2022 01:24:10 -0400 Received: from smtp-fw-9102.amazon.com (smtp-fw-9102.amazon.com [207.171.184.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 327A221262; Tue, 5 Jul 2022 22:24:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085050; x=1688621050; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=UREuWIA4n/gQgUYFb12EHn5QU00DoLCLIVMfPtDRmXs=; b=kfyRI0U5nG4nNsWr+V8vDop6KfxKJVrErChfMrV4/4skFFvsOMK/+Fd8 fUV88WEioBQLq/RjnUASH2RiiFpkmtMsqtcT8EJI6H0/Ob7nCqpurZ5Fz WgdvB5+I4GeiilDcT52ABk+uemeysCS8z95/qjUL/sjlguy6RICns1ZAJ I=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="235271105" Received: from pdx4-co-svc-p1-lb2-vlan2.amazon.com (HELO email-inbound-relay-pdx-2a-6a4112b2.us-west-2.amazon.com) ([10.25.36.210]) by smtp-border-fw-9102.sea19.amazon.com with ESMTP; 06 Jul 2022 05:24:10 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2a-6a4112b2.us-west-2.amazon.com (Postfix) with ESMTPS id 7EF4E4C0079; Wed, 6 Jul 2022 05:24:09 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:24:08 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:24:07 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 10/16] inetpeer: Fix data-races around sysctl. Date: Tue, 5 Jul 2022 22:21:24 -0700 Message-ID: <20220706052130.16368-11-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE(). Then we can set lockless variants as the handler to mark them safe. Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- net/ipv4/inetpeer.c | 13 ++++++++----- net/ipv4/sysctl_net_ipv4.c | 6 +++--- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/net/ipv4/inetpeer.c b/net/ipv4/inetpeer.c index da21dfce24d7..69e1342a9068 100644 --- a/net/ipv4/inetpeer.c +++ b/net/ipv4/inetpeer.c @@ -141,16 +141,19 @@ static void inet_peer_gc(struct inet_peer_base *base, struct inet_peer *gc_stack[], unsigned int gc_cnt) { + int i, peer_threshold, peer_maxttl, peer_minttl; struct inet_peer *p; __u32 delta, ttl; - int i; - if (base->total >= inet_peer_threshold) + peer_threshold = READ_ONCE(inet_peer_threshold); + peer_maxttl = READ_ONCE(inet_peer_maxttl); + peer_minttl = READ_ONCE(inet_peer_minttl); + + if (base->total >= peer_threshold) ttl = 0; /* be aggressive */ else - ttl = inet_peer_maxttl - - (inet_peer_maxttl - inet_peer_minttl) / HZ * - base->total / inet_peer_threshold * HZ; + ttl = peer_maxttl - (peer_maxttl - peer_minttl) / HZ * + base->total / peer_threshold * HZ; for (i = 0; i < gc_cnt; i++) { p = gc_stack[i]; diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index aa5adf136556..eea11218a663 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -483,21 +483,21 @@ static struct ctl_table ipv4_table[] = { .data = &inet_peer_threshold, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec + .proc_handler = proc_dointvec_lockless, }, { .procname = "inet_peer_minttl", .data = &inet_peer_minttl, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_jiffies, + .proc_handler = proc_dointvec_jiffies_lockless, }, { .procname = "inet_peer_maxttl", .data = &inet_peer_maxttl, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_jiffies, + .proc_handler = proc_dointvec_jiffies_lockless, }, { .procname = "tcp_mem", From patchwork Wed Jul 6 05:21:25 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907335 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 541C3C433EF for ; Wed, 6 Jul 2022 05:24:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231171AbiGFFYb (ORCPT ); Wed, 6 Jul 2022 01:24:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48654 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231169AbiGFFY3 (ORCPT ); Wed, 6 Jul 2022 01:24:29 -0400 Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 74F81DFA3; Tue, 5 Jul 2022 22:24:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085069; x=1688621069; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=+cH8pDBZl8/HQwEHXwH86DKS0pMpJjRpbkVZtbXxfPs=; b=R7J3cmSv2ET+N3wEa6BZoooVsc3Q3HvFBpJRIXtPIgfYkqyz8h03hhrn rqEnU4/i7DJd18TavtuEFldFAZqVFWiYY3ad7W9Eqelmc/dWNQi6zK5L6 maspq7QND53p/m8UuwqX3+/g/WmV1QJA7nYayH7FhpstJbU3Hn1gvdHfQ k=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="207627504" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2c-5c4a15b1.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP; 06 Jul 2022 05:24:27 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2c-5c4a15b1.us-west-2.amazon.com (Postfix) with ESMTPS id 6A12E43CD4; Wed, 6 Jul 2022 05:24:25 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:24:24 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:24:22 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , , Satoru Moriya , "Steven Rostedt" Subject: [PATCH v1 net 11/16] net: Fix a data-race around sysctl_mem. Date: Tue, 5 Jul 2022 22:21:25 -0700 Message-ID: <20220706052130.16368-12-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading .sysctl_mem, it can be changed concurrently. So, we need to add READ_ONCE(). Then we can set proc_doulongvec_minmax_lockless() as the handler to mark it safe. Fixes: 3847ce32aea9 ("core: add tracepoints for queueing skb to rcvbuf") Fixes: 1da177e4c3f4 ("Linux-2.6.12-rc2") Signed-off-by: Kuniyuki Iwashima --- CC: Satoru Moriya CC: Steven Rostedt --- include/net/sock.h | 2 +- include/trace/events/sock.h | 6 +++--- net/decnet/sysctl_net_decnet.c | 2 +- net/ipv4/sysctl_net_ipv4.c | 4 ++-- net/sctp/sysctl.c | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/include/net/sock.h b/include/net/sock.h index 72ca97ccb460..9fa54762e077 100644 --- a/include/net/sock.h +++ b/include/net/sock.h @@ -1529,7 +1529,7 @@ void __sk_mem_reclaim(struct sock *sk, int amount); /* sysctl_mem values are in pages, we convert them in SK_MEM_QUANTUM units */ static inline long sk_prot_mem_limits(const struct sock *sk, int index) { - long val = sk->sk_prot->sysctl_mem[index]; + long val = READ_ONCE(sk->sk_prot->sysctl_mem[index]); #if PAGE_SIZE > SK_MEM_QUANTUM val <<= PAGE_SHIFT - SK_MEM_QUANTUM_SHIFT; diff --git a/include/trace/events/sock.h b/include/trace/events/sock.h index 12c315782766..3c36c2812782 100644 --- a/include/trace/events/sock.h +++ b/include/trace/events/sock.h @@ -122,9 +122,9 @@ TRACE_EVENT(sock_exceed_buf_limit, TP_printk("proto:%s sysctl_mem=%ld,%ld,%ld allocated=%ld sysctl_rmem=%d rmem_alloc=%d sysctl_wmem=%d wmem_alloc=%d wmem_queued=%d kind=%s", __entry->name, - __entry->sysctl_mem[0], - __entry->sysctl_mem[1], - __entry->sysctl_mem[2], + READ_ONCE(__entry->sysctl_mem[0]), + READ_ONCE(__entry->sysctl_mem[1]), + READ_ONCE(__entry->sysctl_mem[2]), __entry->allocated, __entry->sysctl_rmem, __entry->rmem_alloc, diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c index 67b5ab2657b7..e7e658f1ba67 100644 --- a/net/decnet/sysctl_net_decnet.c +++ b/net/decnet/sysctl_net_decnet.c @@ -315,7 +315,7 @@ static struct ctl_table dn_table[] = { .data = &sysctl_decnet_mem, .maxlen = sizeof(sysctl_decnet_mem), .mode = 0644, - .proc_handler = proc_doulongvec_minmax + .proc_handler = proc_doulongvec_minmax_lockless, }, { .procname = "decnet_rmem", diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index eea11218a663..b14931ca5c85 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -504,7 +504,7 @@ static struct ctl_table ipv4_table[] = { .maxlen = sizeof(sysctl_tcp_mem), .data = &sysctl_tcp_mem, .mode = 0644, - .proc_handler = proc_doulongvec_minmax, + .proc_handler = proc_doulongvec_minmax_lockless, }, { .procname = "tcp_low_latency", @@ -570,7 +570,7 @@ static struct ctl_table ipv4_table[] = { .data = &sysctl_udp_mem, .maxlen = sizeof(sysctl_udp_mem), .mode = 0644, - .proc_handler = proc_doulongvec_minmax, + .proc_handler = proc_doulongvec_minmax_lockless, }, { .procname = "fib_sync_mem", diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c index b46a416787ec..fa79bf4059d1 100644 --- a/net/sctp/sysctl.c +++ b/net/sctp/sysctl.c @@ -64,7 +64,7 @@ static struct ctl_table sctp_table[] = { .data = &sysctl_sctp_mem, .maxlen = sizeof(sysctl_sctp_mem), .mode = 0644, - .proc_handler = proc_doulongvec_minmax + .proc_handler = proc_doulongvec_minmax_lockless, }, { .procname = "sctp_rmem", From patchwork Wed Jul 6 05:21:26 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907336 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6DC3BC433EF for ; Wed, 6 Jul 2022 05:24:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231535AbiGFFYo (ORCPT ); Wed, 6 Jul 2022 01:24:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49088 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231532AbiGFFYm (ORCPT ); Wed, 6 Jul 2022 01:24:42 -0400 Received: from smtp-fw-9103.amazon.com (smtp-fw-9103.amazon.com [207.171.188.200]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8BFFC21822; Tue, 5 Jul 2022 22:24:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085080; x=1688621080; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Wwk6Pk0AsY0N4XK8qfKp9Q/IWhoBgzrSHYNag+bmOpc=; b=Nj0dbzs34bgqr24eW6UgfpID7xKcV+xjxDy+0Ps505aBu40HvFePIpet 0uO3JXzLEH95r3fxfKMuOFlhV1jbi67gamEmKSCnGsOoa5s7WucAsFGTL 7LfEw5qQhXA/aVEPjeFxRFpDtAih2I3dfUPql3IxzslKMzf7bWWomyRCa E=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="1031201922" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO email-inbound-relay-pdx-2b-28a78e3f.us-west-2.amazon.com) ([10.25.36.214]) by smtp-border-fw-9103.sea19.amazon.com with ESMTP; 06 Jul 2022 05:24:39 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2b-28a78e3f.us-west-2.amazon.com (Postfix) with ESMTPS id 94E7AA287F; Wed, 6 Jul 2022 05:24:39 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:24:39 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:24:36 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 12/16] tcp: Mark sysctl_tcp_low_latency obsolete. Date: Tue, 5 Jul 2022 22:21:26 -0700 Message-ID: <20220706052130.16368-13-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org Since commit b2fb4f54ecd4 ("tcp: uninline tcp_prequeue()"), sysctl_tcp_low_latency is no longer used. However, to mark it safe and finally remove proc_dointvec(), this patch changes handler to a lockless variant. Signed-off-by: Kuniyuki Iwashima --- net/ipv4/sysctl_net_ipv4.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index b14931ca5c85..0287d55f9230 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -507,11 +507,12 @@ static struct ctl_table ipv4_table[] = { .proc_handler = proc_doulongvec_minmax_lockless, }, { + /* obsolete */ .procname = "tcp_low_latency", .data = &sysctl_tcp_low_latency, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec + .proc_handler = proc_dointvec_lockless, }, #ifdef CONFIG_NETLABEL { From patchwork Wed Jul 6 05:21:27 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907337 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 57BABC43334 for ; Wed, 6 Jul 2022 05:25:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231634AbiGFFZG (ORCPT ); Wed, 6 Jul 2022 01:25:06 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49438 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231659AbiGFFZB (ORCPT ); Wed, 6 Jul 2022 01:25:01 -0400 Received: from smtp-fw-9103.amazon.com (smtp-fw-9103.amazon.com [207.171.188.200]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8B6D921818; Tue, 5 Jul 2022 22:24:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085096; x=1688621096; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=IKJsdEUef1a6JNTlcaG4PZoYPj0UhfWISm/SkdIazRE=; b=hZu4c8FQESYhdtawnuNOkenTCy20gx0beTlu3xh1j0kUhDnjg25FpFye kHO4LiFtNwvE5BrVDXR2kUmB8dECpRPQb/T+s/Z1VLqUR97vsAEIvFUGM cQ9JrRB8/EcrPrE66DEMlArQH6D2kMO/Z0y0w0eD2NfNXyF9vMRbNj9JI k=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="1031201962" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO email-inbound-relay-pdx-2c-388992e0.us-west-2.amazon.com) ([10.25.36.214]) by smtp-border-fw-9103.sea19.amazon.com with ESMTP; 06 Jul 2022 05:24:55 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2c-388992e0.us-west-2.amazon.com (Postfix) with ESMTPS id 9129987690; Wed, 6 Jul 2022 05:24:55 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:24:54 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:24:51 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , , Paul Moore Subject: [PATCH v1 net 13/16] cipso: Fix a data-race around cipso_v4_cache_bucketsize. Date: Tue, 5 Jul 2022 22:21:27 -0700 Message-ID: <20220706052130.16368-14-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading cipso_v4_cache_bucketsize, it can be changed concurrently. So, we need to add READ_ONCE(). Then we can set proc_dointvec_lockless() as the handler to mark it safe. Fixes: 446fda4f2682 ("[NetLabel]: CIPSOv4 engine") Signed-off-by: Kuniyuki Iwashima --- CC: Paul Moore --- Documentation/networking/ip-sysctl.rst | 2 +- net/ipv4/cipso_ipv4.c | 12 ++++++------ net/ipv4/sysctl_net_ipv4.c | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst index 9f41961d11d5..0e58001f8580 100644 --- a/Documentation/networking/ip-sysctl.rst +++ b/Documentation/networking/ip-sysctl.rst @@ -1085,7 +1085,7 @@ cipso_cache_enable - BOOLEAN cipso_cache_bucket_size - INTEGER The CIPSO label cache consists of a fixed size hash table with each hash bucket containing a number of cache entries. This variable limits - the number of entries in each hash bucket; the larger the value the + the number of entries in each hash bucket; the larger the value is, the more CIPSO label mappings that can be cached. When the number of entries in a given hash bucket reaches this limit adding new entries causes the oldest entry in the bucket to be removed to make room. diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index 62d5f99760aa..0600e9b06e1a 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c @@ -296,13 +296,13 @@ static int cipso_v4_cache_check(const unsigned char *key, int cipso_v4_cache_add(const unsigned char *cipso_ptr, const struct netlbl_lsm_secattr *secattr) { - int ret_val = -EPERM; - u32 bkt; - struct cipso_v4_map_cache_entry *entry = NULL; + int bkt_size = READ_ONCE(cipso_v4_cache_bucketsize); struct cipso_v4_map_cache_entry *old_entry = NULL; - u32 cipso_ptr_len; + struct cipso_v4_map_cache_entry *entry = NULL; + u32 bkt, cipso_ptr_len; + int ret_val = -EPERM; - if (!cipso_v4_cache_enabled || cipso_v4_cache_bucketsize <= 0) + if (!cipso_v4_cache_enabled || bkt_size <= 0) return 0; cipso_ptr_len = cipso_ptr[1]; @@ -322,7 +322,7 @@ int cipso_v4_cache_add(const unsigned char *cipso_ptr, bkt = entry->hash & (CIPSO_V4_CACHE_BUCKETS - 1); spin_lock_bh(&cipso_v4_cache[bkt].lock); - if (cipso_v4_cache[bkt].size < cipso_v4_cache_bucketsize) { + if (cipso_v4_cache[bkt].size < bkt_size) { list_add(&entry->list, &cipso_v4_cache[bkt].list); cipso_v4_cache[bkt].size += 1; } else { diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 0287d55f9230..5cd32b33bbac 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -527,7 +527,7 @@ static struct ctl_table ipv4_table[] = { .data = &cipso_v4_cache_bucketsize, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec, + .proc_handler = proc_dointvec_lockless, }, { .procname = "cipso_rbm_optfmt", From patchwork Wed Jul 6 05:21:28 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907338 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 18979C433EF for ; Wed, 6 Jul 2022 05:25:36 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231642AbiGFFZe (ORCPT ); Wed, 6 Jul 2022 01:25:34 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49932 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231731AbiGFFZT (ORCPT ); Wed, 6 Jul 2022 01:25:19 -0400 Received: from smtp-fw-2101.amazon.com (smtp-fw-2101.amazon.com [72.21.196.25]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D41AB2183D; Tue, 5 Jul 2022 22:25:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085113; x=1688621113; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=BdAP1C9Gkzu/u+p0qx9iNHDMgY0Cc5+723WN9u48jsY=; b=ICBRNFSf/2Tp4bVADqK0FYlErqDys0O4o7Qnpt8YnDtr/MP3dVghvRtm 4Gq+/lABow5RW04LtDM99eAwcqWQdsLypoXcJiKB5GnwSFteV6ytXppLK T7d/ISocZazsxwSBiTMshRM5xOAaMLV73bEI4bDP+NurnOhlU/iJKnrJ2 I=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="215167555" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2a-7d84505d.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-2101.iad2.amazon.com with ESMTP; 06 Jul 2022 05:25:10 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2a-7d84505d.us-west-2.amazon.com (Postfix) with ESMTPS id 58FB08B0DF; Wed, 6 Jul 2022 05:25:10 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:25:09 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:25:07 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , , Paul Moore Subject: [PATCH v1 net 14/16] cipso: Fix data-races around boolean sysctl. Date: Tue, 5 Jul 2022 22:21:28 -0700 Message-ID: <20220706052130.16368-15-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading sysctl variables, they can be changed concurrently. So, we need to add READ_ONCE(). Then we can set lockless variants as the handler to mark it safe. Also, these sysctl knob are boolean, so this patch changes their int handler to boolean one. - cipso_v4_cache_enabled - cipso_v4_rbm_optfmt - cipso_v4_rbm_strictvalid Fixes: 446fda4f2682 ("[NetLabel]: CIPSOv4 engine") Signed-off-by: Kuniyuki Iwashima --- CC: Paul Moore --- net/ipv4/cipso_ipv4.c | 9 +++++---- net/ipv4/sysctl_net_ipv4.c | 6 +++--- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index 0600e9b06e1a..2756170e470f 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c @@ -239,7 +239,7 @@ static int cipso_v4_cache_check(const unsigned char *key, struct cipso_v4_map_cache_entry *prev_entry = NULL; u32 hash; - if (!cipso_v4_cache_enabled) + if (!READ_ONCE(cipso_v4_cache_enabled)) return -ENOENT; hash = cipso_v4_map_cache_hash(key, key_len); @@ -302,7 +302,7 @@ int cipso_v4_cache_add(const unsigned char *cipso_ptr, u32 bkt, cipso_ptr_len; int ret_val = -EPERM; - if (!cipso_v4_cache_enabled || bkt_size <= 0) + if (!READ_ONCE(cipso_v4_cache_enabled) || bkt_size <= 0) return 0; cipso_ptr_len = cipso_ptr[1]; @@ -1199,7 +1199,8 @@ static int cipso_v4_gentag_rbm(const struct cipso_v4_doi *doi_def, /* This will send packets using the "optimized" format when * possible as specified in section 3.4.2.6 of the * CIPSO draft. */ - if (cipso_v4_rbm_optfmt && ret_val > 0 && ret_val <= 10) + if (READ_ONCE(cipso_v4_rbm_optfmt) && ret_val > 0 && + ret_val <= 10) tag_len = 14; else tag_len = 4 + ret_val; @@ -1603,7 +1604,7 @@ int cipso_v4_validate(const struct sk_buff *skb, unsigned char **option) * all the CIPSO validations here but it doesn't * really specify _exactly_ what we need to validate * ... so, just make it a sysctl tunable. */ - if (cipso_v4_rbm_strictvalid) { + if (READ_ONCE(cipso_v4_rbm_strictvalid)) { if (cipso_v4_map_lvl_valid(doi_def, tag[3]) < 0) { err_offset = opt_iter + 3; diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 5cd32b33bbac..706795a3b369 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -520,7 +520,7 @@ static struct ctl_table ipv4_table[] = { .data = &cipso_v4_cache_enabled, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec, + .proc_handler = proc_dobool_lockless, }, { .procname = "cipso_cache_bucket_size", @@ -534,14 +534,14 @@ static struct ctl_table ipv4_table[] = { .data = &cipso_v4_rbm_optfmt, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec, + .proc_handler = proc_dobool_lockless, }, { .procname = "cipso_rbm_strictvalid", .data = &cipso_v4_rbm_strictvalid, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec, + .proc_handler = proc_dobool_lockless, }, #endif /* CONFIG_NETLABEL */ { From patchwork Wed Jul 6 05:21:29 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907339 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 56B0BC433EF for ; Wed, 6 Jul 2022 05:25:45 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231488AbiGFFZm (ORCPT ); Wed, 6 Jul 2022 01:25:42 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49428 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231659AbiGFFZ0 (ORCPT ); Wed, 6 Jul 2022 01:25:26 -0400 Received: from smtp-fw-80007.amazon.com (smtp-fw-80007.amazon.com [99.78.197.218]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id C33AB21832; Tue, 5 Jul 2022 22:25:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085125; x=1688621125; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=PAHZJLR0VKsPtaE3Lf0xNPA4gDWSGnYveB872veX8og=; b=chbTU772vvFcaMfoyjw/Jo8SCDgDOnxTbJaaQVFR2a+PXosDmCkXqxZA V6UgjhKPY2+pUgNaz6g4Y/6sjCkGChPRxtqOmYY8pUUnxzbqvlodwJSC/ ukmYNt9kSU5ivK+ug7Nf3ZzsMKojPeka96Af+TtxZiI+lCQoleemEzieq A=; X-IronPort-AV: E=Sophos;i="5.92,248,1650931200"; d="scan'208";a="105282730" Received: from pdx4-co-svc-p1-lb2-vlan3.amazon.com (HELO email-inbound-relay-pdx-2a-6fd66c4a.us-west-2.amazon.com) ([10.25.36.214]) by smtp-border-fw-80007.pdx80.corp.amazon.com with ESMTP; 06 Jul 2022 05:25:25 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-pdx-2a-6fd66c4a.us-west-2.amazon.com (Postfix) with ESMTPS id 2598583A35; Wed, 6 Jul 2022 05:25:25 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:25:24 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:25:22 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , Subject: [PATCH v1 net 15/16] icmp: Fix data-races around sysctl. Date: Tue, 5 Jul 2022 22:21:29 -0700 Message-ID: <20220706052130.16368-16-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading sysctl variables, it can be changed concurrently. So, we need to add READ_ONCE(). Then we can set proc_dointvec_minmax_lockless() as the handler to mark it safe. Fixes: 4cdf507d5452 ("icmp: add a global rate limitation") Signed-off-by: Kuniyuki Iwashima --- net/ipv4/icmp.c | 5 +++-- net/ipv4/sysctl_net_ipv4.c | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index efea0e796f06..0f9e61d29f73 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -253,11 +253,12 @@ bool icmp_global_allow(void) spin_lock(&icmp_global.lock); delta = min_t(u32, now - icmp_global.stamp, HZ); if (delta >= HZ / 50) { - incr = sysctl_icmp_msgs_per_sec * delta / HZ ; + incr = READ_ONCE(sysctl_icmp_msgs_per_sec) * delta / HZ; if (incr) WRITE_ONCE(icmp_global.stamp, now); } - credit = min_t(u32, icmp_global.credit + incr, sysctl_icmp_msgs_burst); + credit = min_t(u32, icmp_global.credit + incr, + READ_ONCE(sysctl_icmp_msgs_burst)); if (credit) { /* We want to use a credit of one in average, but need to randomize * it for security reasons. diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 706795a3b369..3b1d18be0857 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -555,7 +555,7 @@ static struct ctl_table ipv4_table[] = { .data = &sysctl_icmp_msgs_per_sec, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_minmax, + .proc_handler = proc_dointvec_minmax_lockless, .extra1 = SYSCTL_ZERO, }, { @@ -563,7 +563,7 @@ static struct ctl_table ipv4_table[] = { .data = &sysctl_icmp_msgs_burst, .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec_minmax, + .proc_handler = proc_dointvec_minmax_lockless, .extra1 = SYSCTL_ZERO, }, { From patchwork Wed Jul 6 05:21:30 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Kuniyuki Iwashima X-Patchwork-Id: 12907340 X-Patchwork-Delegate: kuba@kernel.org Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id AF8CDC43334 for ; Wed, 6 Jul 2022 05:25:55 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231836AbiGFFZy (ORCPT ); Wed, 6 Jul 2022 01:25:54 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50300 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231768AbiGFFZn (ORCPT ); Wed, 6 Jul 2022 01:25:43 -0400 Received: from smtp-fw-33001.amazon.com (smtp-fw-33001.amazon.com [207.171.190.10]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8F94B21832; Tue, 5 Jul 2022 22:25:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1657085143; x=1688621143; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=aSdAx0KuWXnaOkgg5DfAI7gMMzKgwpL+M2P/sHv7FF0=; b=gcEciW5vV//+qqFkrrSSwJjEo2LM+czRIEMAuiMLAd8ldLUt/amVLSuZ q3AR+9qpYlXDGFkNokX8ubo1mTOLenrYPXkq34a5A3tSEw0Z/P92XNuiX Ly2z3pffMXwpttOfveuEQ+1Lw6+HUJU20PdUiRUgFokwFnGT8z5v4U4ng 4=; X-IronPort-AV: E=Sophos;i="5.92,249,1650931200"; d="scan'208";a="207627662" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-pdx-2c-b09ea7fa.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-33001.sea14.amazon.com with ESMTP; 06 Jul 2022 05:25:41 +0000 Received: from EX13MTAUWB001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan3.pdx.amazon.com [10.236.137.198]) by email-inbound-relay-pdx-2c-b09ea7fa.us-west-2.amazon.com (Postfix) with ESMTPS id 8A9C143019; Wed, 6 Jul 2022 05:25:39 +0000 (UTC) Received: from EX19D004ANA001.ant.amazon.com (10.37.240.138) by EX13MTAUWB001.ant.amazon.com (10.43.161.207) with Microsoft SMTP Server (TLS) id 15.0.1497.36; Wed, 6 Jul 2022 05:25:38 +0000 Received: from 88665a182662.ant.amazon.com (10.43.162.55) by EX19D004ANA001.ant.amazon.com (10.37.240.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA) id 15.2.1118.9; Wed, 6 Jul 2022 05:25:36 +0000 From: Kuniyuki Iwashima To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni , Luis Chamberlain , Kees Cook , Iurii Zaikin CC: Kuniyuki Iwashima , Kuniyuki Iwashima , , , David Ahern Subject: [PATCH v1 net 16/16] ipv4: Fix a data-race around sysctl_fib_sync_mem. Date: Tue, 5 Jul 2022 22:21:30 -0700 Message-ID: <20220706052130.16368-17-kuniyu@amazon.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20220706052130.16368-1-kuniyu@amazon.com> References: <20220706052130.16368-1-kuniyu@amazon.com> MIME-Version: 1.0 X-Originating-IP: [10.43.162.55] X-ClientProxiedBy: EX13D18UWA004.ant.amazon.com (10.43.160.45) To EX19D004ANA001.ant.amazon.com (10.37.240.138) Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org X-Patchwork-Delegate: kuba@kernel.org While reading sysctl_fib_sync_mem, it can be changed concurrently. So, we need to add READ_ONCE(). Then we can set proc_douintvec_minmax_lockless() as the handler to mark it safe. Fixes: 9ab948a91b2c ("ipv4: Allow amount of dirty memory from fib resizing to be controllable") Signed-off-by: Kuniyuki Iwashima --- CC: David Ahern --- net/ipv4/fib_trie.c | 2 +- net/ipv4/sysctl_net_ipv4.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/net/ipv4/fib_trie.c b/net/ipv4/fib_trie.c index 2734c3af7e24..46e8a5125853 100644 --- a/net/ipv4/fib_trie.c +++ b/net/ipv4/fib_trie.c @@ -498,7 +498,7 @@ static void tnode_free(struct key_vector *tn) tn = container_of(head, struct tnode, rcu)->kv; } - if (tnode_free_size >= sysctl_fib_sync_mem) { + if (tnode_free_size >= READ_ONCE(sysctl_fib_sync_mem)) { tnode_free_size = 0; synchronize_rcu(); } diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 3b1d18be0857..7ea681df37c4 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c @@ -578,7 +578,7 @@ static struct ctl_table ipv4_table[] = { .data = &sysctl_fib_sync_mem, .maxlen = sizeof(sysctl_fib_sync_mem), .mode = 0644, - .proc_handler = proc_douintvec_minmax, + .proc_handler = proc_douintvec_minmax_lockless, .extra1 = &sysctl_fib_sync_mem_min, .extra2 = &sysctl_fib_sync_mem_max, },