[net] net/packet: annotate data race in packet_sendmsg()

Message ID	20210610160012.1452531-1-eric.dumazet@gmail.com
State	New
Headers	show Return-Path: <netdev-owner@kernel.org> From: Eric Dumazet <eric.dumazet@gmail.com> To: "David S . Miller" <davem@davemloft.net>, Jakub Kicinski <kuba@kernel.org> Cc: netdev <netdev@vger.kernel.org>, Eric Dumazet <edumazet@google.com>, Eric Dumazet <eric.dumazet@gmail.com> Subject: [PATCH net] net/packet: annotate data race in packet_sendmsg() Date: Thu, 10 Jun 2021 09:00:12 -0700 Message-Id: <20210610160012.1452531-1-eric.dumazet@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	[net] net/packet: annotate data race in packet_sendmsg() \| expand [net] net/packet: annotate data race in packet_sendmsg()

Message ID

20210610160012.1452531-1-eric.dumazet@gmail.com

State

New

Headers

From: Eric Dumazet <eric.dumazet@gmail.com>
To: "David S . Miller" <davem@davemloft.net>,
	Jakub Kicinski <kuba@kernel.org>
Cc: netdev <netdev@vger.kernel.org>, Eric Dumazet <edumazet@google.com>,
	Eric Dumazet <eric.dumazet@gmail.com>
Subject: [PATCH net] net/packet: annotate data race in packet_sendmsg()
Date: Thu, 10 Jun 2021 09:00:12 -0700
Message-Id: <20210610160012.1452531-1-eric.dumazet@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

[net] net/packet: annotate data race in packet_sendmsg() | expand

Commit Message

Eric Dumazet June 10, 2021, 4 p.m. UTC

From: Eric Dumazet <edumazet@google.com>

There is a known race in packet_sendmsg(), addressed
in commit 32d3182cd2cd ("net/packet: fix race in tpacket_snd()")

Now we have data_race(), we can use it to avoid a future KCSAN warning,
as syzbot loves stressing af_packet sockets :)

Signed-off-by: Eric Dumazet <edumazet@google.com>
---
 net/packet/af_packet.c | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
index ae906eb4b269e858434828a383491e8d4c33c422..74e6e45a8e8435a556ce813c410a1f4146dd05b6 100644
--- a/net/packet/af_packet.c
+++ b/net/packet/af_packet.c
@@ -3034,10 +3034,13 @@  static int packet_sendmsg(struct socket *sock, struct msghdr *msg, size_t len)
 	struct sock *sk = sock->sk;
 	struct packet_sock *po = pkt_sk(sk);
 
-	if (po->tx_ring.pg_vec)
+	/* Reading tx_ring.pg_vec without holding pg_vec_lock is racy.
+	 * tpacket_snd() will redo the check safely.
+	 */
+	if (data_race(po->tx_ring.pg_vec))
 		return tpacket_snd(po, msg);
-	else
-		return packet_snd(sock, msg, len);
+
+	return packet_snd(sock, msg, len);
 }
 
 /*

[net] net/packet: annotate data race in packet_sendmsg()

Commit Message

Patch