| Message ID | 20170208105229.27285-1-fw@strlen.de |
|---|---|
| State | Awaiting Upstream, archived |
| Delegated to: | David Miller |
| Headers | show |
On Wed, Feb 08, 2017 at 11:52:29AM +0100, Florian Westphal wrote: > Dmitry reports following splat: > INFO: trying to register non-static key. > the code is fine but needs lockdep annotation. > turning off the locking correctness validator. > CPU: 0 PID: 13059 Comm: syz-executor1 Not tainted 4.10.0-rc7-next-20170207 #1 > [..] > spin_lock_bh include/linux/spinlock.h:304 [inline] > xfrm_policy_flush+0x32/0x470 net/xfrm/xfrm_policy.c:963 > xfrm_policy_fini+0xbf/0x560 net/xfrm/xfrm_policy.c:3041 > xfrm_net_init+0x79f/0x9e0 net/xfrm/xfrm_policy.c:3091 > ops_init+0x10a/0x530 net/core/net_namespace.c:115 > setup_net+0x2ed/0x690 net/core/net_namespace.c:291 > copy_net_ns+0x26c/0x530 net/core/net_namespace.c:396 > create_new_namespaces+0x409/0x860 kernel/nsproxy.c:106 > unshare_nsproxy_namespaces+0xae/0x1e0 kernel/nsproxy.c:205 > SYSC_unshare kernel/fork.c:2281 [inline] > > Problem is that when we get error during xfrm_net_init we will call > xfrm_policy_fini which will acquire xfrm_policy_lock before it was > initialized. Just move it around so locks get set up first. > > Reported-by: Dmitry Vyukov <dvyukov@google.com> > Fixes: 283bc9f35bbbcb0e9 ("xfrm: Namespacify xfrm state/policy locks") > Signed-off-by: Florian Westphal <fw@strlen.de> Applied, thanks everyone!
diff --git a/net/xfrm/xfrm_policy.c b/net/xfrm/xfrm_policy.c index 177e208e8ff5..3c8f5b70abf8 100644 --- a/net/xfrm/xfrm_policy.c +++ b/net/xfrm/xfrm_policy.c @@ -3062,6 +3062,11 @@ static int __net_init xfrm_net_init(struct net *net) { int rv; + /* Initialize the per-net locks here */ + spin_lock_init(&net->xfrm.xfrm_state_lock); + spin_lock_init(&net->xfrm.xfrm_policy_lock); + mutex_init(&net->xfrm.xfrm_cfg_mutex); + rv = xfrm_statistics_init(net); if (rv < 0) goto out_statistics; @@ -3078,11 +3083,6 @@ static int __net_init xfrm_net_init(struct net *net) if (rv < 0) goto out; - /* Initialize the per-net locks here */ - spin_lock_init(&net->xfrm.xfrm_state_lock); - spin_lock_init(&net->xfrm.xfrm_policy_lock); - mutex_init(&net->xfrm.xfrm_cfg_mutex); - return 0; out:
Dmitry reports following splat: INFO: trying to register non-static key. the code is fine but needs lockdep annotation. turning off the locking correctness validator. CPU: 0 PID: 13059 Comm: syz-executor1 Not tainted 4.10.0-rc7-next-20170207 #1 [..] spin_lock_bh include/linux/spinlock.h:304 [inline] xfrm_policy_flush+0x32/0x470 net/xfrm/xfrm_policy.c:963 xfrm_policy_fini+0xbf/0x560 net/xfrm/xfrm_policy.c:3041 xfrm_net_init+0x79f/0x9e0 net/xfrm/xfrm_policy.c:3091 ops_init+0x10a/0x530 net/core/net_namespace.c:115 setup_net+0x2ed/0x690 net/core/net_namespace.c:291 copy_net_ns+0x26c/0x530 net/core/net_namespace.c:396 create_new_namespaces+0x409/0x860 kernel/nsproxy.c:106 unshare_nsproxy_namespaces+0xae/0x1e0 kernel/nsproxy.c:205 SYSC_unshare kernel/fork.c:2281 [inline] Problem is that when we get error during xfrm_net_init we will call xfrm_policy_fini which will acquire xfrm_policy_lock before it was initialized. Just move it around so locks get set up first. Reported-by: Dmitry Vyukov <dvyukov@google.com> Fixes: 283bc9f35bbbcb0e9 ("xfrm: Namespacify xfrm state/policy locks") Signed-off-by: Florian Westphal <fw@strlen.de> --- net/xfrm/xfrm_policy.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-)