Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2218214/?format=api
{ "id": 2218214, "url": "http://patchwork.ozlabs.org/api/patches/2218214/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260331165015.2777765-3-longman@redhat.com/", "project": { "id": 26, "url": "http://patchwork.ozlabs.org/api/projects/26/?format=api", "name": "Netfilter Development", "link_name": "netfilter-devel", "list_id": "netfilter-devel.vger.kernel.org", "list_email": "netfilter-devel@vger.kernel.org", "web_url": null, "scm_url": null, "webscm_url": null, "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260331165015.2777765-3-longman@redhat.com>", "list_archive_url": null, "date": "2026-03-31T16:50:15", "name": "[PATCH-next,v2,2/2] ipvs: Guard access of HK_TYPE_KTHREAD cpumask with RCU", "commit_ref": null, "pull_url": null, "state": "new", "archived": false, "hash": "90138271b7712793ef7939e670cb398abfc5bb5a", "submitter": { "id": 71281, "url": "http://patchwork.ozlabs.org/api/people/71281/?format=api", "name": "Waiman Long", "email": "longman@redhat.com" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/netfilter-devel/patch/20260331165015.2777765-3-longman@redhat.com/mbox/", "series": [ { "id": 498230, "url": "http://patchwork.ozlabs.org/api/series/498230/?format=api", "web_url": "http://patchwork.ozlabs.org/project/netfilter-devel/list/?series=498230", "date": "2026-03-31T16:50:14", "name": "ipvs: Fix incorrect use of HK_TYPE_KTHREAD housekeeping cpumask", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/498230/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2218214/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2218214/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "\n <netfilter-devel+bounces-11522-incoming=patchwork.ozlabs.org@vger.kernel.org>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "netfilter-devel@vger.kernel.org" ], "Delivered-To": "patchwork-incoming@legolas.ozlabs.org", "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (1024-bit key;\n unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256\n header.s=mimecast20190719 header.b=VI2JNtc8;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=vger.kernel.org\n (client-ip=2600:3c0a:e001:db::12fc:5321; helo=sea.lore.kernel.org;\n envelope-from=netfilter-devel+bounces-11522-incoming=patchwork.ozlabs.org@vger.kernel.org;\n receiver=patchwork.ozlabs.org)", "smtp.subspace.kernel.org;\n\tdkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com\n header.b=\"VI2JNtc8\"", "smtp.subspace.kernel.org;\n arc=none smtp.client-ip=170.10.133.124", "smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=redhat.com", "smtp.subspace.kernel.org;\n spf=pass smtp.mailfrom=redhat.com" ], "Received": [ "from sea.lore.kernel.org (sea.lore.kernel.org\n [IPv6:2600:3c0a:e001:db::12fc:5321])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4flZfD36Jyz1y1q\n\tfor <incoming@patchwork.ozlabs.org>; Wed, 01 Apr 2026 04:21:24 +1100 (AEDT)", "from smtp.subspace.kernel.org (conduit.subspace.kernel.org\n [100.90.174.1])\n\tby sea.lore.kernel.org (Postfix) with ESMTP id DB15331E48FB\n\tfor <incoming@patchwork.ozlabs.org>; Tue, 31 Mar 2026 16:51:42 +0000 (UTC)", "from localhost.localdomain (localhost.localdomain [127.0.0.1])\n\tby smtp.subspace.kernel.org (Postfix) with ESMTP id 74F41426EB0;\n\tTue, 31 Mar 2026 16:50:54 +0000 (UTC)", "from us-smtp-delivery-124.mimecast.com\n (us-smtp-delivery-124.mimecast.com [170.10.133.124])\n\t(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))\n\t(No client certificate requested)\n\tby smtp.subspace.kernel.org (Postfix) with ESMTPS id B72C9426EA2\n\tfor <netfilter-devel@vger.kernel.org>; Tue, 31 Mar 2026 16:50:52 +0000 (UTC)", "from mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com\n (ec2-35-165-154-97.us-west-2.compute.amazonaws.com [35.165.154.97]) by\n relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,\n cipher=TLS_AES_256_GCM_SHA384) id us-mta-516-koyYgahXNDmXFd0erQnMjg-1; Tue,\n 31 Mar 2026 12:50:47 -0400", "from mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com\n (mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.93])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n\t(No client certificate requested)\n\tby mx-prod-mc-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS\n id D2E681800371;\n\tTue, 31 Mar 2026 16:50:43 +0000 (UTC)", "from llong-thinkpadp16vgen1.westford.csb (unknown [10.22.80.26])\n\tby mx-prod-int-06.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP\n id AE87B180036E;\n\tTue, 31 Mar 2026 16:50:40 +0000 (UTC)" ], "ARC-Seal": "i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;\n\tt=1774975854; cv=none;\n b=KLP0JhqCimXnTceMAf0RgIbTKkckxcF9gMGIwwns1DkL1t9IWpGFsUWlkku1Qf37Jpb5pUZ4tvvle9F+l6bxYVeM1KLbypbubcX5BNOeWjU2mr6AH85oRy3sCSyfvbTSaPFnKfvF+Zh3bvH5a8iUtko7HEHeFBoqTrEIouqXDi4=", "ARC-Message-Signature": "i=1; a=rsa-sha256; d=subspace.kernel.org;\n\ts=arc-20240116; t=1774975854; c=relaxed/simple;\n\tbh=ZyVbSFWmIU7uDytGreLAcaUQEeqjF+w10rnvomXCMqY=;\n\th=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:\n\t MIME-Version;\n b=am1q8dUqIsyOvTZ+0Jvhy5Eqv1K3YmiFWRsB2H68X32NJh+kW6qJoLt03j1Ae2ES2AER4GCeUMeqbYTx0VZsqEiHz7ndw2m021Q5zdTsXpLQRaqipwblMDm1QvDSSmhP6dzezel/1SUoSNuLhujmTh9qmEM/8/eJIZuwaF3bzmo=", "ARC-Authentication-Results": "i=1; smtp.subspace.kernel.org;\n dmarc=pass (p=quarantine dis=none) header.from=redhat.com;\n spf=pass smtp.mailfrom=redhat.com;\n dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com\n header.b=VI2JNtc8; arc=none smtp.client-ip=170.10.133.124", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;\n\ts=mimecast20190719; t=1774975852;\n\th=from:from:reply-to:subject:subject:date:date:message-id:message-id:\n\t to:to:cc:cc:mime-version:mime-version:\n\t content-transfer-encoding:content-transfer-encoding:\n\t in-reply-to:in-reply-to:references:references;\n\tbh=Smk7qzOFqWQpEDvgIootgLUtedzkckjlb8UVNDwFioI=;\n\tb=VI2JNtc8TZ1eqfuk2be86jIBfWjoEWNTDQOQu42l1iwjz7IHUB55w8HCSuBaqtSjOfasAM\n\tJr9VO8az3s2OtIouP/zF2FNOht/o3b2hnQaq3qiK45jwgVZAxpJ8nr0lKxuF0UnsLMJqq1\n\turlonkBbZQv3U0NckzbIuoZEfn9MjWk=", "X-MC-Unique": "koyYgahXNDmXFd0erQnMjg-1", "X-Mimecast-MFC-AGG-ID": "koyYgahXNDmXFd0erQnMjg_1774975845", "From": "Waiman Long <longman@redhat.com>", "To": "Simon Horman <horms@verge.net.au>,\n\tJulian Anastasov <ja@ssi.bg>,\n\t\"David S. Miller\" <davem@davemloft.net>,\n\tDavid Ahern <dsahern@kernel.org>,\n\tEric Dumazet <edumazet@google.com>,\n\tJakub Kicinski <kuba@kernel.org>,\n\tPaolo Abeni <pabeni@redhat.com>,\n\tPablo Neira Ayuso <pablo@netfilter.org>,\n\tFlorian Westphal <fw@strlen.de>,\n\tPhil Sutter <phil@nwl.cc>,\n\tFrederic Weisbecker <frederic@kernel.org>,\n\tChen Ridong <chenridong@huawei.com>,\n\tPhil Auld <pauld@redhat.com>", "Cc": "linux-kernel@vger.kernel.org,\n\tnetdev@vger.kernel.org,\n\tlvs-devel@vger.kernel.org,\n\tnetfilter-devel@vger.kernel.org,\n\tcoreteam@netfilter.org,\n\tsheviks <sheviks@gmail.com>,\n\tWaiman Long <longman@redhat.com>", "Subject": "[PATCH-next v2 2/2] ipvs: Guard access of HK_TYPE_KTHREAD cpumask\n with RCU", "Date": "Tue, 31 Mar 2026 12:50:15 -0400", "Message-ID": "<20260331165015.2777765-3-longman@redhat.com>", "In-Reply-To": "<20260331165015.2777765-1-longman@redhat.com>", "References": "<20260331165015.2777765-1-longman@redhat.com>", "Precedence": "bulk", "X-Mailing-List": "netfilter-devel@vger.kernel.org", "List-Id": "<netfilter-devel.vger.kernel.org>", "List-Subscribe": "<mailto:netfilter-devel+subscribe@vger.kernel.org>", "List-Unsubscribe": "<mailto:netfilter-devel+unsubscribe@vger.kernel.org>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "X-Scanned-By": "MIMEDefang 3.4.1 on 10.30.177.93" }, "content": "The ip_vs_ctl.c file and the associated ip_vs.h file are the only places\nin the kernel where HK_TYPE_KTHREAD cpumask is being retrieved and used.\nNow that HK_TYPE_KTHREAD/HK_TYPE_DOMAIN cpumask can be changed at run\ntime. We need to use RCU to guard access to this cpumask to avoid a\npotential UAF problem as the returned cpumask may be freed before it\nis being used.\n\nWe can replace HK_TYPE_KTHREAD by HK_TYPE_DOMAIN as they are aliases\nof each other, but keeping the HK_TYPE_KTHREAD name can highlight the\nfact that it is the kthread initiated by ipvs that is being controlled.\n\nSigned-off-by: Waiman Long <longman@redhat.com>\n---\n include/net/ip_vs.h | 20 ++++++++++++++++----\n net/netfilter/ipvs/ip_vs_ctl.c | 13 ++++++++-----\n 2 files changed, 24 insertions(+), 9 deletions(-)", "diff": "diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h\nindex 72d325c81313..7bda92fd3fe6 100644\n--- a/include/net/ip_vs.h\n+++ b/include/net/ip_vs.h\n@@ -1411,7 +1411,7 @@ static inline int sysctl_run_estimation(struct netns_ipvs *ipvs)\n \treturn ipvs->sysctl_run_estimation;\n }\n \n-static inline const struct cpumask *sysctl_est_cpulist(struct netns_ipvs *ipvs)\n+static inline const struct cpumask *__sysctl_est_cpulist(struct netns_ipvs *ipvs)\n {\n \tif (ipvs->est_cpulist_valid)\n \t\treturn ipvs->sysctl_est_cpulist;\n@@ -1529,7 +1529,7 @@ static inline int sysctl_run_estimation(struct netns_ipvs *ipvs)\n \treturn 1;\n }\n \n-static inline const struct cpumask *sysctl_est_cpulist(struct netns_ipvs *ipvs)\n+static inline const struct cpumask *__sysctl_est_cpulist(struct netns_ipvs *ipvs)\n {\n \treturn housekeeping_cpumask(HK_TYPE_KTHREAD);\n }\n@@ -1564,6 +1564,18 @@ static inline int sysctl_svc_lfactor(struct netns_ipvs *ipvs)\n \treturn READ_ONCE(ipvs->sysctl_svc_lfactor);\n }\n \n+static inline bool sysctl_est_cpulist_empty(struct netns_ipvs *ipvs)\n+{\n+\tguard(rcu)();\n+\treturn cpumask_empty(__sysctl_est_cpulist(ipvs));\n+}\n+\n+static inline unsigned int sysctl_est_cpulist_weight(struct netns_ipvs *ipvs)\n+{\n+\tguard(rcu)();\n+\treturn cpumask_weight(__sysctl_est_cpulist(ipvs));\n+}\n+\n /* IPVS core functions\n * (from ip_vs_core.c)\n */\n@@ -1895,7 +1907,7 @@ static inline void ip_vs_est_stopped_recalc(struct netns_ipvs *ipvs)\n \t/* Stop tasks while cpulist is empty or if disabled with flag */\n \tipvs->est_stopped = !sysctl_run_estimation(ipvs) ||\n \t\t\t (ipvs->est_cpulist_valid &&\n-\t\t\t cpumask_empty(sysctl_est_cpulist(ipvs)));\n+\t\t\t sysctl_est_cpulist_empty(ipvs));\n #endif\n }\n \n@@ -1911,7 +1923,7 @@ static inline bool ip_vs_est_stopped(struct netns_ipvs *ipvs)\n static inline int ip_vs_est_max_threads(struct netns_ipvs *ipvs)\n {\n \tunsigned int limit = IPVS_EST_CPU_KTHREADS *\n-\t\t\t cpumask_weight(sysctl_est_cpulist(ipvs));\n+\t\t\t sysctl_est_cpulist_weight(ipvs);\n \n \treturn max(1U, limit);\n }\ndiff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c\nindex 032425025d88..e253a1ceef48 100644\n--- a/net/netfilter/ipvs/ip_vs_ctl.c\n+++ b/net/netfilter/ipvs/ip_vs_ctl.c\n@@ -2338,11 +2338,14 @@ static int ipvs_proc_est_cpumask_get(const struct ctl_table *table,\n \n \tmutex_lock(&ipvs->est_mutex);\n \n-\tif (ipvs->est_cpulist_valid)\n-\t\tmask = *valp;\n-\telse\n-\t\tmask = (struct cpumask *)housekeeping_cpumask(HK_TYPE_KTHREAD);\n-\tret = scnprintf(buffer, size, \"%*pbl\\n\", cpumask_pr_args(mask));\n+\t/* HK_TYPE_KTHREAD cpumask needs RCU protection */\n+\tscoped_guard(rcu) {\n+\t\tif (ipvs->est_cpulist_valid)\n+\t\t\tmask = *valp;\n+\t\telse\n+\t\t\tmask = (struct cpumask *)housekeeping_cpumask(HK_TYPE_KTHREAD);\n+\t\tret = scnprintf(buffer, size, \"%*pbl\\n\", cpumask_pr_args(mask));\n+\t}\n \n \tmutex_unlock(&ipvs->est_mutex);\n \n", "prefixes": [ "PATCH-next", "v2", "2/2" ] }