Message ID | 20230821-batadv-missing-mtu-rtnl-lock-v1-1-1c5a7bfe861e@narfation.org (mailing list archive) |
---|---|
State | Accepted |
Commit | 987aae75fc1041072941ffb622b45ce2359a99b9 |
Delegated to: | Netdev Maintainers |
Headers | show |
Series | [net] batman-adv: Hold rtnl lock during MTU update via netlink | expand |
On Mon, Aug 21, 2023 at 09:48:48PM +0200, Sven Eckelmann wrote: > The automatic recalculation of the maximum allowed MTU is usually triggered > by code sections which are already rtnl lock protected by callers outside > of batman-adv. But when the fragmentation setting is changed via > batman-adv's own batadv genl family, then the rtnl lock is not yet taken. > > But dev_set_mtu requires that the caller holds the rtnl lock because it > uses netdevice notifiers. And this code will then fail the check for this > lock: > > RTNL: assertion failed at net/core/dev.c (1953) > > Cc: stable@vger.kernel.org > Reported-by: syzbot+f8812454d9b3ac00d282@syzkaller.appspotmail.com > Fixes: c6a953cce8d0 ("batman-adv: Trigger events for auto adjusted MTU") > Signed-off-by: Sven Eckelmann <sven@narfation.org> Reviewed-by: Simon Horman <horms@kernel.org> > --- > This problem was just identified by syzbot [1]. I hope it is ok to directly > send this patch to netdev instead of creating a single-patch PR from > the batadv/net branch. If you still prefer a PR then we can also prepare > it. > > [1] https://lore.kernel.org/r/0000000000009bbb4b0603717cde@google.com ...
Hello: This patch was applied to netdev/net.git (main) by Jakub Kicinski <kuba@kernel.org>: On Mon, 21 Aug 2023 21:48:48 +0200 you wrote: > The automatic recalculation of the maximum allowed MTU is usually triggered > by code sections which are already rtnl lock protected by callers outside > of batman-adv. But when the fragmentation setting is changed via > batman-adv's own batadv genl family, then the rtnl lock is not yet taken. > > But dev_set_mtu requires that the caller holds the rtnl lock because it > uses netdevice notifiers. And this code will then fail the check for this > lock: > > [...] Here is the summary with links: - [net] batman-adv: Hold rtnl lock during MTU update via netlink https://git.kernel.org/netdev/net/c/987aae75fc10 You are awesome, thank you!
diff --git a/net/batman-adv/netlink.c b/net/batman-adv/netlink.c index ad5714f737be..6efbc9275aec 100644 --- a/net/batman-adv/netlink.c +++ b/net/batman-adv/netlink.c @@ -495,7 +495,10 @@ static int batadv_netlink_set_mesh(struct sk_buff *skb, struct genl_info *info) attr = info->attrs[BATADV_ATTR_FRAGMENTATION_ENABLED]; atomic_set(&bat_priv->fragmentation, !!nla_get_u8(attr)); + + rtnl_lock(); batadv_update_min_mtu(bat_priv->soft_iface); + rtnl_unlock(); } if (info->attrs[BATADV_ATTR_GW_BANDWIDTH_DOWN]) {
The automatic recalculation of the maximum allowed MTU is usually triggered by code sections which are already rtnl lock protected by callers outside of batman-adv. But when the fragmentation setting is changed via batman-adv's own batadv genl family, then the rtnl lock is not yet taken. But dev_set_mtu requires that the caller holds the rtnl lock because it uses netdevice notifiers. And this code will then fail the check for this lock: RTNL: assertion failed at net/core/dev.c (1953) Cc: stable@vger.kernel.org Reported-by: syzbot+f8812454d9b3ac00d282@syzkaller.appspotmail.com Fixes: c6a953cce8d0 ("batman-adv: Trigger events for auto adjusted MTU") Signed-off-by: Sven Eckelmann <sven@narfation.org> --- This problem was just identified by syzbot [1]. I hope it is ok to directly send this patch to netdev instead of creating a single-patch PR from the batadv/net branch. If you still prefer a PR then we can also prepare it. [1] https://lore.kernel.org/r/0000000000009bbb4b0603717cde@google.com --- net/batman-adv/netlink.c | 3 +++ 1 file changed, 3 insertions(+) --- base-commit: 421d467dc2d483175bad4fb76a31b9e5a3d744cf change-id: 20230821-batadv-missing-mtu-rtnl-lock-bc4cee67731d Best regards,