| Message ID | 20200720072248.6184-1-jiri@resnulli.us |
|---|---|
| State | Changes Requested |
| Delegated to: | David Miller |
| Headers | show |
| Series | [net-next] sched: sch_api: add missing rcu read lock to silence the warning | expand |
On Mon, Jul 20, 2020 at 09:22:48AM +0200, Jiri Pirko wrote: > From: Jiri Pirko <jiri@mellanox.com> > > In case the qdisc_match_from_root function() is called from non-rcu path > with rtnl mutex held, a suspiciout rcu usage warning appears: > > [ 241.504354] ============================= > [ 241.504358] WARNING: suspicious RCU usage > [ 241.504366] 5.8.0-rc4-custom-01521-g72a7c7d549c3 #32 Not tainted > [ 241.504370] ----------------------------- > [ 241.504378] net/sched/sch_api.c:270 RCU-list traversed in non-reader section!! > [ 241.504382] > other info that might help us debug this: > [ 241.504388] > rcu_scheduler_active = 2, debug_locks = 1 > [ 241.504394] 1 lock held by tc/1391: > [ 241.504398] #0: ffffffff85a27850 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x49a/0xbd0 > [ 241.504431] > stack backtrace: > [ 241.504440] CPU: 0 PID: 1391 Comm: tc Not tainted 5.8.0-rc4-custom-01521-g72a7c7d549c3 #32 > [ 241.504446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-2.fc32 04/01/2014 > [ 241.504453] Call Trace: > [ 241.504465] dump_stack+0x100/0x184 > [ 241.504482] lockdep_rcu_suspicious+0x153/0x15d > [ 241.504499] qdisc_match_from_root+0x293/0x350 > > Fix this by taking the rcu_lock for qdisc_hash iteration. > > Reported-by: Ido Schimmel <idosch@mellanox.com> > Signed-off-by: Jiri Pirko <jiri@mellanox.com> > --- > net/sched/sch_api.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c > index 11ebba60da3b..c7cfd8dc6a77 100644 > --- a/net/sched/sch_api.c > +++ b/net/sched/sch_api.c > @@ -267,10 +267,12 @@ static struct Qdisc *qdisc_match_from_root(struct Qdisc *root, u32 handle) > root->handle == handle) > return root; > > + rcu_read_lock(); > hash_for_each_possible_rcu(qdisc_dev(root)->qdisc_hash, q, hash, handle) { > if (q->handle == handle) > return q; You don't unlock here, but I'm not sure it's the best fix. It's weird to return an object from an RCU critical section without taking a reference. It can also hide a bug if someone calls qdisc_match_from_root() without RTNL or RCU. hash_for_each_possible_rcu() is basically hlist_for_each_entry_rcu() which already accepts: @cond: optional lockdep expression if called from non-RCU protection. So maybe extend hash_for_each_possible_rcu() with 'cond' and pass a lockdep expression to see if RTNL is held? > } > + rcu_read_unlock(); > return NULL; > } > > -- > 2.21.3 >
Mon, Jul 20, 2020 at 09:50:00AM CEST, idosch@idosch.org wrote: >On Mon, Jul 20, 2020 at 09:22:48AM +0200, Jiri Pirko wrote: >> From: Jiri Pirko <jiri@mellanox.com> >> >> In case the qdisc_match_from_root function() is called from non-rcu path >> with rtnl mutex held, a suspiciout rcu usage warning appears: >> >> [ 241.504354] ============================= >> [ 241.504358] WARNING: suspicious RCU usage >> [ 241.504366] 5.8.0-rc4-custom-01521-g72a7c7d549c3 #32 Not tainted >> [ 241.504370] ----------------------------- >> [ 241.504378] net/sched/sch_api.c:270 RCU-list traversed in non-reader section!! >> [ 241.504382] >> other info that might help us debug this: >> [ 241.504388] >> rcu_scheduler_active = 2, debug_locks = 1 >> [ 241.504394] 1 lock held by tc/1391: >> [ 241.504398] #0: ffffffff85a27850 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x49a/0xbd0 >> [ 241.504431] >> stack backtrace: >> [ 241.504440] CPU: 0 PID: 1391 Comm: tc Not tainted 5.8.0-rc4-custom-01521-g72a7c7d549c3 #32 >> [ 241.504446] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-2.fc32 04/01/2014 >> [ 241.504453] Call Trace: >> [ 241.504465] dump_stack+0x100/0x184 >> [ 241.504482] lockdep_rcu_suspicious+0x153/0x15d >> [ 241.504499] qdisc_match_from_root+0x293/0x350 >> >> Fix this by taking the rcu_lock for qdisc_hash iteration. >> >> Reported-by: Ido Schimmel <idosch@mellanox.com> >> Signed-off-by: Jiri Pirko <jiri@mellanox.com> >> --- >> net/sched/sch_api.c | 2 ++ >> 1 file changed, 2 insertions(+) >> >> diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c >> index 11ebba60da3b..c7cfd8dc6a77 100644 >> --- a/net/sched/sch_api.c >> +++ b/net/sched/sch_api.c >> @@ -267,10 +267,12 @@ static struct Qdisc *qdisc_match_from_root(struct Qdisc *root, u32 handle) >> root->handle == handle) >> return root; >> >> + rcu_read_lock(); >> hash_for_each_possible_rcu(qdisc_dev(root)->qdisc_hash, q, hash, handle) { >> if (q->handle == handle) >> return q; > >You don't unlock here, but I'm not sure it's the best fix. It's weird to >return an object from an RCU critical section without taking a >reference. It can also hide a bug if someone calls >qdisc_match_from_root() without RTNL or RCU. > >hash_for_each_possible_rcu() is basically hlist_for_each_entry_rcu() >which already accepts: > >@cond: optional lockdep expression if called from non-RCU protection. > >So maybe extend hash_for_each_possible_rcu() with 'cond' and pass a >lockdep expression to see if RTNL is held? Makes sense. Sent v2. Thanks! > >> } >> + rcu_read_unlock(); >> return NULL; >> } >> >> -- >> 2.21.3 >>
diff --git a/net/sched/sch_api.c b/net/sched/sch_api.c index 11ebba60da3b..c7cfd8dc6a77 100644 --- a/net/sched/sch_api.c +++ b/net/sched/sch_api.c @@ -267,10 +267,12 @@ static struct Qdisc *qdisc_match_from_root(struct Qdisc *root, u32 handle) root->handle == handle) return root; + rcu_read_lock(); hash_for_each_possible_rcu(qdisc_dev(root)->qdisc_hash, q, hash, handle) { if (q->handle == handle) return q; } + rcu_read_unlock(); return NULL; }