| From foo@baz Fri Dec 11 11:38:06 EST 2015 |
| From: Eric Dumazet <edumazet@google.com> |
| Date: Wed, 18 Nov 2015 12:40:13 -0800 |
| Subject: tcp: md5: fix lockdep annotation |
| |
| From: Eric Dumazet <edumazet@google.com> |
| |
| [ Upstream commit 1b8e6a01e19f001e9f93b39c32387961c91ed3cc ] |
| |
| When a passive TCP is created, we eventually call tcp_md5_do_add() |
| with sk pointing to the child. It is not owner by the user yet (we |
| will add this socket into listener accept queue a bit later anyway) |
| |
| But we do own the spinlock, so amend the lockdep annotation to avoid |
| following splat : |
| |
| [ 8451.090932] net/ipv4/tcp_ipv4.c:923 suspicious rcu_dereference_protected() usage! |
| [ 8451.090932] |
| [ 8451.090932] other info that might help us debug this: |
| [ 8451.090932] |
| [ 8451.090934] |
| [ 8451.090934] rcu_scheduler_active = 1, debug_locks = 1 |
| [ 8451.090936] 3 locks held by socket_sockopt_/214795: |
| [ 8451.090936] #0: (rcu_read_lock){.+.+..}, at: [<ffffffff855c6ac1>] __netif_receive_skb_core+0x151/0xe90 |
| [ 8451.090947] #1: (rcu_read_lock){.+.+..}, at: [<ffffffff85618143>] ip_local_deliver_finish+0x43/0x2b0 |
| [ 8451.090952] #2: (slock-AF_INET){+.-...}, at: [<ffffffff855acda5>] sk_clone_lock+0x1c5/0x500 |
| [ 8451.090958] |
| [ 8451.090958] stack backtrace: |
| [ 8451.090960] CPU: 7 PID: 214795 Comm: socket_sockopt_ |
| |
| [ 8451.091215] Call Trace: |
| [ 8451.091216] <IRQ> [<ffffffff856fb29c>] dump_stack+0x55/0x76 |
| [ 8451.091229] [<ffffffff85123b5b>] lockdep_rcu_suspicious+0xeb/0x110 |
| [ 8451.091235] [<ffffffff8564544f>] tcp_md5_do_add+0x1bf/0x1e0 |
| [ 8451.091239] [<ffffffff85645751>] tcp_v4_syn_recv_sock+0x1f1/0x4c0 |
| [ 8451.091242] [<ffffffff85642b27>] ? tcp_v4_md5_hash_skb+0x167/0x190 |
| [ 8451.091246] [<ffffffff85647c78>] tcp_check_req+0x3c8/0x500 |
| [ 8451.091249] [<ffffffff856451ae>] ? tcp_v4_inbound_md5_hash+0x11e/0x190 |
| [ 8451.091253] [<ffffffff85647170>] tcp_v4_rcv+0x3c0/0x9f0 |
| [ 8451.091256] [<ffffffff85618143>] ? ip_local_deliver_finish+0x43/0x2b0 |
| [ 8451.091260] [<ffffffff856181b6>] ip_local_deliver_finish+0xb6/0x2b0 |
| [ 8451.091263] [<ffffffff85618143>] ? ip_local_deliver_finish+0x43/0x2b0 |
| [ 8451.091267] [<ffffffff85618d38>] ip_local_deliver+0x48/0x80 |
| [ 8451.091270] [<ffffffff85618510>] ip_rcv_finish+0x160/0x700 |
| [ 8451.091273] [<ffffffff8561900e>] ip_rcv+0x29e/0x3d0 |
| [ 8451.091277] [<ffffffff855c74b7>] __netif_receive_skb_core+0xb47/0xe90 |
| |
| Fixes: a8afca0329988 ("tcp: md5: protects md5sig_info with RCU") |
| Signed-off-by: Eric Dumazet <edumazet@google.com> |
| Reported-by: Willem de Bruijn <willemb@google.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> |
| --- |
| net/ipv4/tcp_ipv4.c | 3 ++- |
| 1 file changed, 2 insertions(+), 1 deletion(-) |
| |
| --- a/net/ipv4/tcp_ipv4.c |
| +++ b/net/ipv4/tcp_ipv4.c |
| @@ -922,7 +922,8 @@ int tcp_md5_do_add(struct sock *sk, cons |
| } |
| |
| md5sig = rcu_dereference_protected(tp->md5sig_info, |
| - sock_owned_by_user(sk)); |
| + sock_owned_by_user(sk) || |
| + lockdep_is_held(&sk->sk_lock.slock)); |
| if (!md5sig) { |
| md5sig = kmalloc(sizeof(*md5sig), gfp); |
| if (!md5sig) |