netfilter: mark racy access on ext->gen_id

Message ID	tencent_284407955020261D1B2BD142194A87C9EB0A@qq.com (mailing list archive)
State	Awaiting Upstream
Delegated to:	Netdev Maintainers
Headers	show Received: from out162-62-57-210.mail.qq.com (out162-62-57-210.mail.qq.com [162.62.57.210]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6945D86267; Tue, 23 Apr 2024 11:50:41 +0000 (UTC) Message-ID: <tencent_284407955020261D1B2BD142194A87C9EB0A@qq.com> From: linke li <lilinke99@qq.com> To: Cc: xujianhao01@gmail.com, linke li <lilinke99@qq.com>, Pablo Neira Ayuso <pablo@netfilter.org>, Jozsef Kadlecsik <kadlec@netfilter.org>, Florian Westphal <fw@strlen.de>, "David S. Miller" <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] netfilter: mark racy access on ext->gen_id Date: Tue, 23 Apr 2024 19:50:22 +0800 Precedence: bulk MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	netfilter: mark racy access on ext->gen_id \| expand netfilter: mark racy access on ext->gen_id

Context	Check	Description
netdev/series_format	warning	Single patches do not need cover letters; Target tree name not specified in the subject
netdev/tree_selection	success	Guessed tree name to be net-next
netdev/ynl	success	Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present	success	Fixes tag not required for -next series
netdev/header_inline	success	No static functions without inline keyword in header files
netdev/build_32bit	success	Errors and warnings before: 926 this patch: 926
netdev/build_tools	success	No tools touched, skip
netdev/cc_maintainers	success	CCed 8 of 8 maintainers
netdev/build_clang	success	Errors and warnings before: 937 this patch: 937
netdev/verify_signedoff	success	Signed-off-by tag matches author and committer
netdev/deprecated_api	success	None detected
netdev/check_selftest	success	No net selftest shell script
netdev/verify_fixes	success	No Fixes tag
netdev/build_allmodconfig_warn	success	Errors and warnings before: 937 this patch: 937
netdev/checkpatch	success	total: 0 errors, 0 warnings, 0 checks, 8 lines checked
netdev/build_clang_rust	success	No Rust files in patch. Skipping build
netdev/kdoc	success	Errors and warnings before: 0 this patch: 0
netdev/source_inline	success	Was 0 now: 0

linke li April 23, 2024, 11:50 a.m. UTC

In __nf_ct_ext_find(), ext->gen_id can be changed by 
nf_ct_ext_valid_post(), using WRITE_ONCE. Mark data races on ext->gen_id
as benign using READ_ONCE. 

This patch is aimed at reducing the number of benign races reported by
KCSAN in order to focus future debugging effort on harmful races.

Signed-off-by: linke li <lilinke99@qq.com>
---
 net/netfilter/nf_conntrack_extend.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Florian Westphal April 23, 2024, 12:03 p.m. UTC | #1

linke li <lilinke99@qq.com> wrote:
> In __nf_ct_ext_find(), ext->gen_id can be changed by 
> nf_ct_ext_valid_post(), using WRITE_ONCE. Mark data races on ext->gen_id
> as benign using READ_ONCE. 
> 
> This patch is aimed at reducing the number of benign races reported by
> KCSAN in order to focus future debugging effort on harmful races.

Acked-by: Florian Westphal <fw@strlen.de>

Should proably go to nf tree.

Pablo Neira Ayuso April 24, 2024, 10:20 p.m. UTC | #2

On Tue, Apr 23, 2024 at 02:03:09PM +0200, Florian Westphal wrote:
> linke li <lilinke99@qq.com> wrote:
> > In __nf_ct_ext_find(), ext->gen_id can be changed by 
> > nf_ct_ext_valid_post(), using WRITE_ONCE. Mark data races on ext->gen_id
> > as benign using READ_ONCE. 
> > 
> > This patch is aimed at reducing the number of benign races reported by
> > KCSAN in order to focus future debugging effort on harmful races.
> 
> Acked-by: Florian Westphal <fw@strlen.de>
> 
> Should proably go to nf tree.

Can I get a Fixes: tag for this one?

Pablo Neira Ayuso April 25, 2024, 9:36 a.m. UTC | #3

On Tue, Apr 23, 2024 at 07:50:22PM +0800, linke li wrote:
> In __nf_ct_ext_find(), ext->gen_id can be changed by 
> nf_ct_ext_valid_post(), using WRITE_ONCE. Mark data races on ext->gen_id
> as benign using READ_ONCE. 
> 
> This patch is aimed at reducing the number of benign races reported by
> KCSAN in order to focus future debugging effort on harmful races.

There are a more uses ext->gen_id in the code, my understanding this
patch is just a stub.

Eric Dumazet April 25, 2024, 9:54 a.m. UTC | #4

On Thu, Apr 25, 2024 at 11:36 AM Pablo Neira Ayuso <pablo@netfilter.org> wrote:
>
> On Tue, Apr 23, 2024 at 07:50:22PM +0800, linke li wrote:
> > In __nf_ct_ext_find(), ext->gen_id can be changed by
> > nf_ct_ext_valid_post(), using WRITE_ONCE. Mark data races on ext->gen_id
> > as benign using READ_ONCE.
> >
> > This patch is aimed at reducing the number of benign races reported by
> > KCSAN in order to focus future debugging effort on harmful races.
>
> There are a more uses ext->gen_id in the code, my understanding this
> patch is just a stub.

Anyway, ext->gen_id was already read and stored in @this_id

I would probably avoid reading it a second time.

diff --git a/net/netfilter/nf_conntrack_extend.c
b/net/netfilter/nf_conntrack_extend.c
index dd62cc12e7750734fec9be8a90fd0defcbc815e0..747797b20bc7417a2b7270d84f62d24991a4b982
100644
--- a/net/netfilter/nf_conntrack_extend.c
+++ b/net/netfilter/nf_conntrack_extend.c
@@ -141,7 +141,7 @@ void *__nf_ct_ext_find(const struct nf_ct_ext *ext, u8 id)
        if (!__nf_ct_ext_exist(ext, id))
                return NULL;

-       if (this_id == 0 || ext->gen_id == gen_id)
+       if (this_id == 0 || this_id == gen_id)
                return (void *)ext + ext->offset[id];

        return NULL;

Florian Westphal April 25, 2024, 10:04 a.m. UTC | #5

Eric Dumazet <edumazet@google.com> wrote:
> > There are a more uses ext->gen_id in the code, my understanding this
> > patch is just a stub.
> 
> Anyway, ext->gen_id was already read and stored in @this_id
> 
> I would probably avoid reading it a second time.
 
> diff --git a/net/netfilter/nf_conntrack_extend.c
> b/net/netfilter/nf_conntrack_extend.c
> index dd62cc12e7750734fec9be8a90fd0defcbc815e0..747797b20bc7417a2b7270d84f62d24991a4b982
> 100644
> --- a/net/netfilter/nf_conntrack_extend.c
> +++ b/net/netfilter/nf_conntrack_extend.c
> @@ -141,7 +141,7 @@ void *__nf_ct_ext_find(const struct nf_ct_ext *ext, u8 id)
>         if (!__nf_ct_ext_exist(ext, id))
>                 return NULL;
> 
> -       if (this_id == 0 || ext->gen_id == gen_id)
> +       if (this_id == 0 || this_id == gen_id)
>                 return (void *)ext + ext->offset[id];
> 
>         return NULL;
> 

Right, that should work, unconfirmed entries are not exposed to other
cpus and confirmed entries get their id set to 0.

netfilter: mark racy access on ext->gen_id

Checks

Commit Message

Comments

Patch