lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZuEPsZ3yrLqHNRUt@pop-os.localdomain>
Date: Tue, 10 Sep 2024 20:34:09 -0700
From: Cong Wang <xiyou.wangcong@...il.com>
To: Matthieu Baerts <matttbe@...nel.org>
Cc: netdev@...r.kernel.org, mptcp@...ts.linux.dev,
	Cong Wang <cong.wang@...edance.com>,
	syzbot+f4aacdfef2c6a6529c3e@...kaller.appspotmail.com,
	Mat Martineau <martineau@...nel.org>,
	Geliang Tang <geliang@...nel.org>
Subject: Re: [Patch net] mptcp: initialize sock lock with its own lockdep keys

On Mon, Sep 09, 2024 at 05:03:32PM +0200, Matthieu Baerts wrote:
> Hi Cong Wang,
> 
> On 08/09/2024 20:06, Cong Wang wrote:
> > From: Cong Wang <cong.wang@...edance.com>
> > 
> > In mptcp_pm_nl_create_listen_socket(), we already initialize mptcp sock
> > lock with mptcp_slock_keys and mptcp_keys. But that is not sufficient,
> > at least mptcp_init_sock() and mptcp_sk_clone_init() still miss it.
> > 
> > As reported by syzbot, mptcp_sk_clone_init() is challenging due to that
> > sk_clone_lock() immediately locks the new sock after preliminary
> > initialization. To fix that, introduce ->init_clone() for struct proto
> > and call it right after the sock_lock_init(), so now mptcp sock could
> > initialize the sock lock again with its own lockdep keys.
> 
> Thank you for this patch!
> 
> The fix looks good to me, but I need to double-check if we can avoid
> modifying the proto structure. Here is a first review.
> 
> 
> From what I understand, it looks like syzbot reported a lockdep false
> positive issue, right? In this case, can you clearly mention that in the
> commit message, to avoid misinterpretations?
> 
> > Reported-by: syzbot+f4aacdfef2c6a6529c3e@...kaller.appspotmail.com
> 
> checkpatch.pl reports that "Reported-by: should be immediately followed
> by Closes: with a URL to the report".

Sure, didn't know this is helpful.

> 
> Also, even if it is a false positive, it sounds better to consider this
> as a fix, to avoid having new bug reports about that. In this case, can
> you please add a "Fixes: <commit>" tag and a "Cc: stable" tag here please?

I intended not to provide one because I don't think this needs to go to
-stable, it only fixes a lockdep warning instead of a real deadlock.
Please let me know if you prefer to target -stable.

> 
> > Cc: Matthieu Baerts <matttbe@...nel.org>
> > Cc: Mat Martineau <martineau@...nel.org>
> > Cc: Geliang Tang <geliang@...nel.org>
> 
> (If a new version is needed here, feel free to remove the Netdev ML from
> the CC list, and only add the MPTCP ML: we can apply this patch on MPTCP
> side first, and send it to Netdev later, when it will be ready and
> validated)

OK.

> 
> > Signed-off-by: Cong Wang <cong.wang@...edance.com>
> > ---
> >  include/net/sock.h     |  1 +
> >  net/core/sock.c        |  2 ++
> >  net/mptcp/pm_netlink.c | 18 ++++++++++++------
> >  net/mptcp/protocol.c   |  7 +++++++
> >  net/mptcp/protocol.h   |  1 +
> >  5 files changed, 23 insertions(+), 6 deletions(-)
> > 
> > diff --git a/include/net/sock.h b/include/net/sock.h
> > index cce23ac4d514..7032009c0a94 100644
> > --- a/include/net/sock.h
> > +++ b/include/net/sock.h
> > @@ -1226,6 +1226,7 @@ struct proto {
> >  	int			(*ioctl)(struct sock *sk, int cmd,
> >  					 int *karg);
> >  	int			(*init)(struct sock *sk);
> > +	void			(*init_clone)(struct sock *sk);
> >  	void			(*destroy)(struct sock *sk);
> >  	void			(*shutdown)(struct sock *sk, int how);
> >  	int			(*setsockopt)(struct sock *sk, int level,
> > diff --git a/net/core/sock.c b/net/core/sock.c
> > index 9abc4fe25953..747d7e479d69 100644
> > --- a/net/core/sock.c
> > +++ b/net/core/sock.c
> > @@ -2325,6 +2325,8 @@ struct sock *sk_clone_lock(const struct sock *sk, const gfp_t priority)
> >  	}
> >  	sk_node_init(&newsk->sk_node);
> >  	sock_lock_init(newsk);
> > +	if (prot->init_clone)
> > +		prot->init_clone(newsk);
> 
> If the idea is to introduce a new ->init_clone(), should it not be
> called ->lock_init() (or ->init_lock()) and replace the call to
> sock_lock_init() when defined?

'lock_init' or 'init_lock' reads like we are initalizing a lock. :)

> 
> >  	bh_lock_sock(newsk);
> >  	newsk->sk_backlog.head	= newsk->sk_backlog.tail = NULL;
> >  	newsk->sk_backlog.len = 0;
> > diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
> > index f891bc714668..5f9f06180c67 100644
> > --- a/net/mptcp/pm_netlink.c
> > +++ b/net/mptcp/pm_netlink.c
> > @@ -1052,10 +1052,20 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet,
> >  static struct lock_class_key mptcp_slock_keys[2];
> >  static struct lock_class_key mptcp_keys[2];
> >  
> > +void mptcp_sock_lock_init(struct sock *sk)
> 
> If this helper is used by different parts in MPTCP, I think it would be
> better to move it (and the associated keys) to protocol.c: such helper
> is not specific to the Netlink path-manager, more to MPTCP in general.

Sure, if you don't mind more lines of changes.

> 
> > +{
> > +	bool is_ipv6 = sk->sk_family == AF_INET6;
> > +
> > +	sock_lock_init_class_and_name(sk,
> > +				is_ipv6 ? "mlock-AF_INET6" : "mlock-AF_INET",
> > +				&mptcp_slock_keys[is_ipv6],
> > +				is_ipv6 ? "msk_lock-AF_INET6" : "msk_lock-AF_INET",
> > +				&mptcp_keys[is_ipv6]);
> 
> The alignment is not OK, and checkpatch.pl is complaining about that.
> Can you keep the same indentation as it was before please?

Sure, sorry for missing this.

> 
> > +}
> > +
> >  static int mptcp_pm_nl_create_listen_socket(struct sock *sk,
> >  					    struct mptcp_pm_addr_entry *entry)
> >  {
> > -	bool is_ipv6 = sk->sk_family == AF_INET6;
> >  	int addrlen = sizeof(struct sockaddr_in);
> >  	struct sockaddr_storage addr;
> >  	struct sock *newsk, *ssk;
> > @@ -1077,11 +1087,7 @@ static int mptcp_pm_nl_create_listen_socket(struct sock *sk,
> >  	 * modifiers in several places, re-init the lock class for the msk
> >  	 * socket to an mptcp specific one.
> >  	 */
> 
> Please also move this comment above to the new mptcp_sock_lock_init()
> function.

OK.

> 
> > -	sock_lock_init_class_and_name(newsk,
> > -				      is_ipv6 ? "mlock-AF_INET6" : "mlock-AF_INET",
> > -				      &mptcp_slock_keys[is_ipv6],
> > -				      is_ipv6 ? "msk_lock-AF_INET6" : "msk_lock-AF_INET",
> > -				      &mptcp_keys[is_ipv6]);
> > +	mptcp_sock_lock_init(newsk);
> >  
> >  	lock_sock(newsk);
> >  	ssk = __mptcp_nmpc_sk(mptcp_sk(newsk));
> > diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
> > index 37ebcb7640eb..ce68ff4475d0 100644
> > --- a/net/mptcp/protocol.c
> > +++ b/net/mptcp/protocol.c
> > @@ -2839,6 +2839,7 @@ static int mptcp_init_sock(struct sock *sk)
> >  	int ret;
> >  
> >  	__mptcp_init_sock(sk);
> > +	mptcp_sock_lock_init(sk);
> >  
> >  	if (!mptcp_is_enabled(net))
> >  		return -ENOPROTOOPT;
> > @@ -2865,6 +2866,11 @@ static int mptcp_init_sock(struct sock *sk)
> >  	return 0;
> >  }
> >  
> > +static void mptcp_init_clone(struct sock *sk)
> > +{
> > +	mptcp_sock_lock_init(sk);
> > +}
> > +
> >  static void __mptcp_clear_xmit(struct sock *sk)
> >  {
> >  	struct mptcp_sock *msk = mptcp_sk(sk);
> > @@ -3801,6 +3807,7 @@ static struct proto mptcp_prot = {
> >  	.name		= "MPTCP",
> >  	.owner		= THIS_MODULE,
> >  	.init		= mptcp_init_sock,
> > +	.init_clone	= mptcp_init_clone,
> 
> If 'mptcp_sock_lock_init()' is moved in this file, and 'init_clone' is
> renamed to 'lock_init', maybe directly use 'mptcp_sock_lock_init' here?

Sounds better.

> 
> >  	.connect	= mptcp_connect,
> >  	.disconnect	= mptcp_disconnect,
> >  	.close		= mptcp_close,
> > diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
> > index 3b22313d1b86..457c01eac25f 100644
> > --- a/net/mptcp/protocol.h
> > +++ b/net/mptcp/protocol.h
> > @@ -1135,6 +1135,7 @@ static inline u8 subflow_get_local_id(const struct mptcp_subflow_context *subflo
> >  
> >  void __init mptcp_pm_nl_init(void);
> >  void mptcp_pm_nl_work(struct mptcp_sock *msk);
> > +void mptcp_sock_lock_init(struct sock *sk);
> 
> (if the definition is moved to protocol.c, please also move it elsewhere
> here, e.g. around mptcp_sk_clone_init())

Got it.

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ