Thread (6 messages) 6 messages, 3 authors, 2021-07-06

Re: [PATCH] xfrm: Fix RCU vs hash_resize_mutex lock inversion

From: Varad Gautam <hidden>
Date: 2021-06-30 12:12:24
Also in: lkml, stable

On 6/30/21 8:57 AM, Steffen Klassert wrote:
On Mon, Jun 28, 2021 at 03:34:28PM +0200, Frederic Weisbecker wrote:
quoted
xfrm_bydst_resize() calls synchronize_rcu() while holding
hash_resize_mutex. But then on PREEMPT_RT configurations,
xfrm_policy_lookup_bytype() may acquire that mutex while running in an
RCU read side critical section. This results in a deadlock.

In fact the scope of hash_resize_mutex is way beyond the purpose of
xfrm_policy_lookup_bytype() to just fetch a coherent and stable policy
for a given destination/direction, along with other details.

The lower level net->xfrm.xfrm_policy_lock, which among other things
protects per destination/direction references to policy entries, is
enough to serialize and benefit from priority inheritance against the
write side. As a bonus, it makes it officially a per network namespace
synchronization business where a policy table resize on namespace A
shouldn't block a policy lookup on namespace B.

Fixes: 77cc278f7b20 (xfrm: policy: Use sequence counters with associated lock)
Cc: stable@vger.kernel.org
Cc: Ahmed S. Darwish <redacted>
Cc: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Varad Gautam <redacted>
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>
Cc: David S. Miller <davem@davemloft.net>
Signed-off-by: Frederic Weisbecker <frederic@kernel.org>
Your patch has a conflicht with ("commit d7b0408934c7 xfrm: policy: Read
seqcount outside of rcu-read side in xfrm_policy_lookup_bytype")
from Varad. Can you please rebase onto the ipsec tree?

Btw. Varad, your above mentioned patch tried to fix the same issue.
Do we still need it, or is it obsolete with the fix from Frederic?
The patch "xfrm: policy: Read seqcount outside of rcu-read side in
xfrm_policy_lookup_bytype" shouldn't be needed after Frederic's fix since
the offending mutex is now gone. It can be dropped.

Regards,
Varad
Thanks!
-- 
SUSE Software Solutions Germany GmbH
Maxfeldstr. 5
90409 Nürnberg
Germany

HRB 36809, AG Nürnberg
Geschäftsführer: Felix Imendörffer
Keyboard shortcuts
hback out one level
jnext message in thread
kprevious message in thread
ldrill in
Escclose help / fold thread tree
?toggle this help