Piteball/android_kernel_samsung_msm8976
1
1
Fork 0
mirror of https://github.com/team-infusion-developers/android_kernel_samsung_msm8976.git synced 2024-11-01 02:21:16 +00:00
Code Issues Projects Releases Wiki Activity
android_kernel_samsung_msm8976/net/ipv6
History
Nikolay Aleksandrov ff80f2f70e ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route 
commit 2cf750704bb6d7ed8c7d732e071dd1bc890ea5e8 upstream.

Since the commit below the ipmr/ip6mr rtnl_unicast() code uses the portid
instead of the previous dst_pid which was copied from in_skb's portid.
Since the skb is new the portid is 0 at that point so the packets are sent
to the kernel and we get scheduling while atomic or a deadlock (depending
on where it happens) by trying to acquire rtnl two times.
Also since this is RTM_GETROUTE, it can be triggered by a normal user.

Here's the sleeping while atomic trace:
[ 7858.212557] BUG: sleeping function called from invalid context at kernel/locking/mutex.c:620
[ 7858.212748] in_atomic(): 1, irqs_disabled(): 0, pid: 0, name: swapper/0
[ 7858.212881] 2 locks held by swapper/0/0:
[ 7858.213013]  #0:  (((&mrt->ipmr_expire_timer))){+.-...}, at: [<ffffffff810fbbf5>] call_timer_fn+0x5/0x350
[ 7858.213422]  #1:  (mfc_unres_lock){+.....}, at: [<ffffffff8161e005>] ipmr_expire_process+0x25/0x130
[ 7858.213807] CPU: 0 PID: 0 Comm: swapper/0 Not tainted 4.8.0-rc7+ #179
[ 7858.213934] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.7.5-20140531_083030-gandalf 04/01/2014
[ 7858.214108]  0000000000000000 ffff88005b403c50 ffffffff813a7804 0000000000000000
[ 7858.214412]  ffffffff81a1338e ffff88005b403c78 ffffffff810a4a72 ffffffff81a1338e
[ 7858.214716]  000000000000026c 0000000000000000 ffff88005b403ca8 ffffffff810a4b9f
[ 7858.215251] Call Trace:
[ 7858.215412]  <IRQ>  [<ffffffff813a7804>] dump_stack+0x85/0xc1
[ 7858.215662]  [<ffffffff810a4a72>] ___might_sleep+0x192/0x250
[ 7858.215868]  [<ffffffff810a4b9f>] __might_sleep+0x6f/0x100
[ 7858.216072]  [<ffffffff8165bea3>] mutex_lock_nested+0x33/0x4d0
[ 7858.216279]  [<ffffffff815a7a5f>] ? netlink_lookup+0x25f/0x460
[ 7858.216487]  [<ffffffff8157474b>] rtnetlink_rcv+0x1b/0x40
[ 7858.216687]  [<ffffffff815a9a0c>] netlink_unicast+0x19c/0x260
[ 7858.216900]  [<ffffffff81573c70>] rtnl_unicast+0x20/0x30
[ 7858.217128]  [<ffffffff8161cd39>] ipmr_destroy_unres+0xa9/0xf0
[ 7858.217351]  [<ffffffff8161e06f>] ipmr_expire_process+0x8f/0x130
[ 7858.217581]  [<ffffffff8161dfe0>] ? ipmr_net_init+0x180/0x180
[ 7858.217785]  [<ffffffff8161dfe0>] ? ipmr_net_init+0x180/0x180
[ 7858.217990]  [<ffffffff810fbc95>] call_timer_fn+0xa5/0x350
[ 7858.218192]  [<ffffffff810fbbf5>] ? call_timer_fn+0x5/0x350
[ 7858.218415]  [<ffffffff8161dfe0>] ? ipmr_net_init+0x180/0x180
[ 7858.218656]  [<ffffffff810fde10>] run_timer_softirq+0x260/0x640
[ 7858.218865]  [<ffffffff8166379b>] ? __do_softirq+0xbb/0x54f
[ 7858.219068]  [<ffffffff816637c8>] __do_softirq+0xe8/0x54f
[ 7858.219269]  [<ffffffff8107a948>] irq_exit+0xb8/0xc0
[ 7858.219463]  [<ffffffff81663452>] smp_apic_timer_interrupt+0x42/0x50
[ 7858.219678]  [<ffffffff816625bc>] apic_timer_interrupt+0x8c/0xa0
[ 7858.219897]  <EOI>  [<ffffffff81055f16>] ? native_safe_halt+0x6/0x10
[ 7858.220165]  [<ffffffff810d64dd>] ? trace_hardirqs_on+0xd/0x10
[ 7858.220373]  [<ffffffff810298e3>] default_idle+0x23/0x190
[ 7858.220574]  [<ffffffff8102a20f>] arch_cpu_idle+0xf/0x20
[ 7858.220790]  [<ffffffff810c9f8c>] default_idle_call+0x4c/0x60
[ 7858.221016]  [<ffffffff810ca33b>] cpu_startup_entry+0x39b/0x4d0
[ 7858.221257]  [<ffffffff8164f995>] rest_init+0x135/0x140
[ 7858.221469]  [<ffffffff81f83014>] start_kernel+0x50e/0x51b
[ 7858.221670]  [<ffffffff81f82120>] ? early_idt_handler_array+0x120/0x120
[ 7858.221894]  [<ffffffff81f8243f>] x86_64_start_reservations+0x2a/0x2c
[ 7858.222113]  [<ffffffff81f8257c>] x86_64_start_kernel+0x13b/0x14a

Fixes: 2942e90050 ("[RTNETLINK]: Use rtnl_unicast() for rtnetlink unicasts")
Signed-off-by: Nikolay Aleksandrov <nikolay@cumulusnetworks.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Willy Tarreau <w@1wt.eu>
2019-07-27 21:42:37 +02:00
..
netfilter net: disable fragment reassembly if high_thresh is set to zero 2019-07-27 21:42:34 +02:00
addrconf.c ipv6: correctly add local routes when lo goes up 2019-07-27 21:42:29 +02:00
addrconf_core.c
addrlabel.c ipv6/addrlabel: fix ip6addrlbl_get() 2016-01-28 21:49:33 -08:00
af_inet6.c ipv6: don't call fib6_run_gc() until routing is ready 2019-07-27 21:42:27 +02:00
ah6.c
anycast.c ipv6: fix rtnl locking in setsockopt for anycast and multicast 2019-07-27 21:42:28 +02:00
datagram.c Merge remote-tracking branch 'f2fs/linux-3.10.y' into HEAD 2017-04-18 17:02:28 +02:00
esp6.c
exthdrs.c ipv6: add complete rcu protection around np->opt 2016-09-09 02:36:40 -07:00
exthdrs_core.c This is the 3.10.102 stable release 2017-04-18 17:22:08 +02:00
exthdrs_offload.c ipv6: fix exthdrs offload registration in out_rt path 2015-10-01 12:07:38 +02:00
fib6_rules.c
icmp.c
inet6_connection_sock.c ipv6: add complete rcu protection around np->opt 2016-09-09 02:36:40 -07:00
inet6_hashtables.c
ip6_checksum.c
ip6_fib.c
ip6_flowlabel.c
ip6_gre.c ip6_gre: fix flowi6_proto value in ip6gre_xmit_other() 2019-07-27 21:42:29 +02:00
ip6_icmp.c
ip6_input.c ipv6: Make MLD packets to only be processed locally 2015-10-01 12:07:34 +02:00
ip6_offload.c ipv6: Check ip6_find_1stfragopt() return value properly. 2017-06-22 10:18:42 +00:00
ip6_offload.h
ip6_output.c ipv6: Check ip6_find_1stfragopt() return value properly. 2017-06-22 10:18:42 +00:00
ip6_tunnel.c ip6_tunnel: disable caching when the traffic class is inherited 2019-07-27 21:42:31 +02:00
ip6mr.c ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route 2019-07-27 21:42:37 +02:00
ipcomp6.c
ipv6_sockglue.c ipv6: add complete rcu protection around np->opt 2016-09-09 02:36:40 -07:00
Kconfig
Makefile
mcast.c ipv6: fix rtnl locking in setsockopt for anycast and multicast 2019-07-27 21:42:28 +02:00
mip6.c
ndisc.c ipv6: don't call fib6_run_gc() until routing is ready 2019-07-27 21:42:27 +02:00
netfilter.c
output_core.c ipv6: Prevent overrun when parsing v6 header options 2017-06-07 12:31:04 +02:00
ping.c net: ping: Return EAFNOSUPPORT when appropriate. 2015-09-16 18:20:13 +05:30
proc.c
protocol.c
raw.c Import latest Samsung release 2017-04-18 03:43:52 +02:00
reassembly.c net: disable fragment reassembly if high_thresh is set to zero 2019-07-27 21:42:34 +02:00
route.c ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route 2019-07-27 21:42:37 +02:00
sit.c sit: correct IP protocol used in ipip6_err 2019-07-27 21:41:54 +02:00
syncookies.c ipv6: add complete rcu protection around np->opt 2016-09-09 02:36:40 -07:00
sysctl_net_ipv6.c
tcp_ipv6.c tcp: take care of truncations done by sk_filter() 2019-07-27 21:42:33 +02:00
tcpv6_offload.c
tunnel6.c
udp.c udp: properly support MSG_PEEK with truncated buffers 2017-04-27 23:58:25 -07:00
udp_impl.h
udp_offload.c ipv6: Check ip6_find_1stfragopt() return value properly. 2017-06-22 10:18:42 +00:00
udplite.c
xfrm6_input.c
xfrm6_mode_beet.c
xfrm6_mode_ro.c
xfrm6_mode_transport.c
xfrm6_mode_tunnel.c
xfrm6_output.c
xfrm6_policy.c
xfrm6_state.c
xfrm6_tunnel.c