Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2229784,
    "url": "http://patchwork.ozlabs.org/api/1.1/patches/2229784/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260428175725.72050-8-ja@ssi.bg/",
    "project": {
        "id": 26,
        "url": "http://patchwork.ozlabs.org/api/1.1/projects/26/?format=api",
        "name": "Netfilter Development",
        "link_name": "netfilter-devel",
        "list_id": "netfilter-devel.vger.kernel.org",
        "list_email": "netfilter-devel@vger.kernel.org",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null
    },
    "msgid": "<20260428175725.72050-8-ja@ssi.bg>",
    "date": "2026-04-28T17:57:25",
    "name": "[nf,7/7] ipvs: Guard access of HK_TYPE_KTHREAD cpumask with RCU",
    "commit_ref": null,
    "pull_url": null,
    "state": "new",
    "archived": false,
    "hash": "90138271b7712793ef7939e670cb398abfc5bb5a",
    "submitter": {
        "id": 2825,
        "url": "http://patchwork.ozlabs.org/api/1.1/people/2825/?format=api",
        "name": "Julian Anastasov",
        "email": "ja@ssi.bg"
    },
    "delegate": null,
    "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260428175725.72050-8-ja@ssi.bg/mbox/",
    "series": [
        {
            "id": 501917,
            "url": "http://patchwork.ozlabs.org/api/1.1/series/501917/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=501917",
            "date": "2026-04-28T17:57:19",
            "name": "IPVS fixes for nf",
            "version": 1,
            "mbox": "http://patchwork.ozlabs.org/series/501917/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2229784/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2229784/checks/",
    "tags": {},
    "headers": {
        "Return-Path": "\n <netfilter-devel+bounces-12270-incoming=patchwork.ozlabs.org@vger.kernel.org>",
        "X-Original-To": [
            "incoming@patchwork.ozlabs.org",
            "netfilter-devel@vger.kernel.org"
        ],
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (4096-bit key;\n unprotected) header.d=ssi.bg header.i=@ssi.bg header.a=rsa-sha256\n header.s=ssi header.b=xz81/0qx;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=172.232.135.74; helo=sto.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-12270-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)",
            "smtp.subspace.kernel.org;\n\tdkim=pass (4096-bit key) header.d=ssi.bg header.i=@ssi.bg header.b=\"xz81/0qx\"",
            "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=193.238.174.39",
            "smtp.subspace.kernel.org;\n dmarc=pass (p=reject dis=none) header.from=ssi.bg",
            "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=ssi.bg"
        ],
        "Received": [
            "from sto.lore.kernel.org (sto.lore.kernel.org [172.232.135.74])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g4pCZ4QgQz1xvV\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 29 Apr 2026 04:01:30 +1000 (AEST)",
            "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sto.lore.kernel.org (Postfix) with ESMTP id B6301301CD85\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 28 Apr 2026 18:01:27 +0000 (UTC)",
            "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 0E16844D022;\n\tTue, 28 Apr 2026 18:01:27 +0000 (UTC)",
            "from mx.ssi.bg (mx.ssi.bg [193.238.174.39])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id B9D72328B62;\n\tTue, 28 Apr 2026 18:01:23 +0000 (UTC)",
            "from mx.ssi.bg (localhost [127.0.0.1])\n\tby mx.ssi.bg (Potsfix) with ESMTP id 9B80521833;\n\tTue, 28 Apr 2026 21:00:56 +0300 (EEST)",
            "from box.ssi.bg (box.ssi.bg [193.238.174.46])\n\tby mx.ssi.bg (Potsfix) with ESMTPS;\n\tTue, 28 Apr 2026 21:00:55 +0300 (EEST)",
            "from ja.ssi.bg (unknown [213.16.62.126])\n\tby box.ssi.bg (Potsfix) with ESMTPSA id 1876F62902;\n\tTue, 28 Apr 2026 21:00:55 +0300 (EEST)",
            "from ja.home.ssi.bg (localhost.localdomain [127.0.0.1])\n\tby ja.ssi.bg (8.18.1/8.18.1) with ESMTP id 63SHvoG7072106;\n\tTue, 28 Apr 2026 20:57:50 +0300",
            "(from root@localhost)\n\tby ja.home.ssi.bg (8.18.1/8.18.1/Submit) id 63SHvoaR072105;\n\tTue, 28 Apr 2026 20:57:50 +0300"
        ],
        "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1777399285; cv=none;\n b=nCKnVXH9hX2L7fT5jY7a2w43W94QoFsl7QUIqGlWVHlL9Ldic/+AlYclp0bVPkXSVHcx4boJXE1xFx9y1hTyJ4nVEhncyk0Dez/y6W+RCsp2m5pq9tSxbxO6jSmA1KuenTQr70/pFPaKAhH8lv1MNK51HhA8to0BJxo8jmVP2P4=",
        "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1777399285; c=relaxed/simple;\n\tbh=HnsSggn59XwsXpXlw26F6woxCxqLez7Uhtrw5KcGl7k=;\n\th=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:\n\t MIME-Version;\n b=FXnL4j2p2/93yQ9QgVRhSyrGM7R0cioXNp0JxqUADTVK/FTbok0wr18fkhMSe2I681/TpsFFlIFDMmx4hsPJxFyrDRAJweqhEuFIBYAFmRcwb+XyYBAzNtJvy6KWNi5ajCsA3be5cFp+4lgLD6isXMOhow0ttA82jIWN3H/jtEE=",
        "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=reject dis=none) header.from=ssi.bg;\n spf=pass smtp.mailfrom=ssi.bg;\n dkim=pass (4096-bit key) header.d=ssi.bg header.i=@ssi.bg header.b=xz81/0qx;\n arc=none smtp.client-ip=193.238.174.39",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=ssi.bg; h=cc:cc\n\t:content-transfer-encoding:date:from:from:in-reply-to:message-id\n\t:mime-version:references:reply-to:subject:subject:to:to; s=ssi;\n\t bh=0/PuZJiSSrczQwBCm21KJcXxxGep/c+U2tjHmFj4Djo=; b=xz81/0qx0Xu/\n\tPlNplArP29eyt/f4ojtmUqoKv7oVg/Rlp8H4RdPMKF6OJAy2xgBTKC09w2Cnkxv5\n\t8tesBO3xuAjGD2kQmA/7mdhVI7XXuL9Gaujb5EeyuKJcJq1+36eHXm394DcfgUr8\n\tVeLKfFW+u03SfEUAQdbACn/UEZxDl1bi9k1FVeKpjRHxZqPaesx6oBvMO8a+9wct\n\tuxo/Ci20MIDKYpx22rgwBXtf0bT+EZ5VGnF79PusJ7nbmDgcYaQC6dT6GLrUsll/\n\tXczRqM8mlhkkg/8yjfu0FsSaUyW1ZZkWO304ETItPxncC6CPKjDIdzm3QG7sG9nH\n\t06Z8jFQrUaRm5AM/nXA1ovWhCcsShVhSWiMCeKfW3fHgXD27U21wVBKDKsjqzT6P\n\tENK/53BcgOYnmH6P/58k/a9VS0S+sHRy0xg90saO/qAUGi8hszvoOxGXspI68o87\n\tQ8QE2rKbf6pfIABVw2vqgw3bh8sqNb8q6ZxZDZyBfL2/7479JLAkiKvNvtxlBm8V\n\tudw+cMb5gtQnE950+h9fnfUl5/ni36I0yyqigk4vGWe3FxS8+A1WcaB4emXqBcWg\n\tRmsrFSyVxYYHQeh80vSnHYuBfYhJkKf0F+KcafK7fwgPQV84efaiQp/40jlxwYnL\n\tu4tUfPMmDgTxVJKMYQOAC0Cm1dF4onY=",
        "From": "Julian Anastasov <ja@ssi.bg>",
        "To": "Simon Horman <horms@verge.net.au>",
        "Cc": "Pablo Neira Ayuso <pablo@netfilter.org>, Florian Westphal <fw@strlen.de>,\n        Waiman Long <longman@redhat.com>, lvs-devel@vger.kernel.org,\n        netfilter-devel@vger.kernel.org",
        "Subject": "[PATCH nf 7/7] ipvs: Guard access of HK_TYPE_KTHREAD cpumask with RCU",
        "Date": "Tue, 28 Apr 2026 20:57:25 +0300",
        "Message-ID": "<20260428175725.72050-8-ja@ssi.bg>",
        "X-Mailer": "git-send-email 2.53.0",
        "In-Reply-To": "<20260428175725.72050-1-ja@ssi.bg>",
        "References": "<20260428175725.72050-1-ja@ssi.bg>",
        "Precedence": "bulk",
        "X-Mailing-List": "netfilter-devel@vger.kernel.org",
        "List-Id": "<netfilter-devel.vger.kernel.org>",
        "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>",
        "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit"
    },
    "content": "From: Waiman Long <longman@redhat.com>\n\nThe ip_vs_ctl.c file and the associated ip_vs.h file are the only places\nin the kernel where HK_TYPE_KTHREAD cpumask is being retrieved and used.\nNow that HK_TYPE_KTHREAD/HK_TYPE_DOMAIN cpumask can be changed at run\ntime. We need to use RCU to guard access to this cpumask to avoid a\npotential UAF problem as the returned cpumask may be freed before it\nis being used.\n\nWe can replace HK_TYPE_KTHREAD by HK_TYPE_DOMAIN as they are aliases\nof each other, but keeping the HK_TYPE_KTHREAD name can highlight the\nfact that it is the kthread initiated by ipvs that is being controlled.\n\nFixes: 03ff73510169 (\"cpuset: Update HK_TYPE_DOMAIN cpumask from cpuset\")\nSigned-off-by: Waiman Long <longman@redhat.com>\n---\n include/net/ip_vs.h            | 20 ++++++++++++++++----\n net/netfilter/ipvs/ip_vs_ctl.c | 13 ++++++++-----\n 2 files changed, 24 insertions(+), 9 deletions(-)",
    "diff": "diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h\nindex d28ad8a0541f..02762ce73a0c 100644\n--- a/include/net/ip_vs.h\n+++ b/include/net/ip_vs.h\n@@ -1412,7 +1412,7 @@ static inline int sysctl_run_estimation(struct netns_ipvs *ipvs)\n \treturn ipvs->sysctl_run_estimation;\n }\n \n-static inline const struct cpumask *sysctl_est_cpulist(struct netns_ipvs *ipvs)\n+static inline const struct cpumask *__sysctl_est_cpulist(struct netns_ipvs *ipvs)\n {\n \tif (ipvs->est_cpulist_valid)\n \t\treturn ipvs->sysctl_est_cpulist;\n@@ -1530,7 +1530,7 @@ static inline int sysctl_run_estimation(struct netns_ipvs *ipvs)\n \treturn 1;\n }\n \n-static inline const struct cpumask *sysctl_est_cpulist(struct netns_ipvs *ipvs)\n+static inline const struct cpumask *__sysctl_est_cpulist(struct netns_ipvs *ipvs)\n {\n \treturn housekeeping_cpumask(HK_TYPE_KTHREAD);\n }\n@@ -1565,6 +1565,18 @@ static inline int sysctl_svc_lfactor(struct netns_ipvs *ipvs)\n \treturn READ_ONCE(ipvs->sysctl_svc_lfactor);\n }\n \n+static inline bool sysctl_est_cpulist_empty(struct netns_ipvs *ipvs)\n+{\n+\tguard(rcu)();\n+\treturn cpumask_empty(__sysctl_est_cpulist(ipvs));\n+}\n+\n+static inline unsigned int sysctl_est_cpulist_weight(struct netns_ipvs *ipvs)\n+{\n+\tguard(rcu)();\n+\treturn cpumask_weight(__sysctl_est_cpulist(ipvs));\n+}\n+\n /* IPVS core functions\n  * (from ip_vs_core.c)\n  */\n@@ -1904,7 +1916,7 @@ static inline void ip_vs_est_stopped_recalc(struct netns_ipvs *ipvs)\n \t/* Stop tasks while cpulist is empty or if disabled with flag */\n \tipvs->est_stopped = !sysctl_run_estimation(ipvs) ||\n \t\t\t    (ipvs->est_cpulist_valid &&\n-\t\t\t     cpumask_empty(sysctl_est_cpulist(ipvs)));\n+\t\t\t     sysctl_est_cpulist_empty(ipvs));\n #endif\n }\n \n@@ -1920,7 +1932,7 @@ static inline bool ip_vs_est_stopped(struct netns_ipvs *ipvs)\n static inline int ip_vs_est_max_threads(struct netns_ipvs *ipvs)\n {\n \tunsigned int limit = IPVS_EST_CPU_KTHREADS *\n-\t\t\t     cpumask_weight(sysctl_est_cpulist(ipvs));\n+\t\t\t     sysctl_est_cpulist_weight(ipvs);\n \n \treturn max(1U, limit);\n }\ndiff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c\nindex 18b89f096d83..cc684dfa556d 100644\n--- a/net/netfilter/ipvs/ip_vs_ctl.c\n+++ b/net/netfilter/ipvs/ip_vs_ctl.c\n@@ -2383,11 +2383,14 @@ static int ipvs_proc_est_cpumask_get(const struct ctl_table *table,\n \n \tmutex_lock(&ipvs->est_mutex);\n \n-\tif (ipvs->est_cpulist_valid)\n-\t\tmask = *valp;\n-\telse\n-\t\tmask = (struct cpumask *)housekeeping_cpumask(HK_TYPE_KTHREAD);\n-\tret = scnprintf(buffer, size, \"%*pbl\\n\", cpumask_pr_args(mask));\n+\t/* HK_TYPE_KTHREAD cpumask needs RCU protection */\n+\tscoped_guard(rcu) {\n+\t\tif (ipvs->est_cpulist_valid)\n+\t\t\tmask = *valp;\n+\t\telse\n+\t\t\tmask = (struct cpumask *)housekeeping_cpumask(HK_TYPE_KTHREAD);\n+\t\tret = scnprintf(buffer, size, \"%*pbl\\n\", cpumask_pr_args(mask));\n+\t}\n \n \tmutex_unlock(&ipvs->est_mutex);\n \n",
    "prefixes": [
        "nf",
        "7/7"
    ]
}