github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-06 05:27:07 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
Linux kernel source tree
982,031 Commits 1 Branch 933 Tags 20 GiB
C 97%
Assembly 1%
Shell 0.6%
Rust 0.5%
Python 0.4%
Other 0.3%
f2cc341fcc
Go to file
Marcelo Ricardo Leitner f2cc341fcc net/sched: fix initialization order when updating chain 0 head 
[ Upstream commit e65812fd22 ]

Currently, when inserting a new filter that needs to sit at the head
of chain 0, it will first update the heads pointer on all devices using
the (shared) block, and only then complete the initialization of the new
element so that it has a "next" element.

This can lead to a situation that the chain 0 head is propagated to
another CPU before the "next" initialization is done. When this race
condition is triggered, packets being matched on that CPU will simply
miss all other filters, and will flow through the stack as if there were
no other filters installed. If the system is using OVS + TC, such
packets will get handled by vswitchd via upcall, which results in much
higher latency and reordering. For other applications it may result in
packet drops.

This is reproducible with a tc only setup, but it varies from system to
system. It could be reproduced with a shared block amongst 10 veth
tunnels, and an ingress filter mirroring packets to another veth.
That's because using the last added veth tunnel to the shared block to
do the actual traffic, it makes the race window bigger and easier to
trigger.

The fix is rather simple, to just initialize the next pointer of the new
filter instance (tp) before propagating the head change.

The fixes tag is pointing to the original code though this issue should
only be observed when using it unlocked.

Fixes: 2190d1d094 ("net: sched: introduce helpers to work with filter chains")
Signed-off-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Vlad Buslov <vladbu@nvidia.com>
Reviewed-by: Davide Caratti <dcaratti@redhat.com>
Link: https://lore.kernel.org/r/b97d5f4eaffeeb9d058155bcab63347527261abf.1649341369.git.marcelo.leitner@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-04-20 09:23:12 +02:00
arch cpuidle: PSCI: Move the has_lpi check to the beginning of the function 2022-04-20 09:23:09 +02:00
block Revert "Revert "block, bfq: honor already-setup queue merges"" 2022-04-08 14:40:32 +02:00
certs certs: Trigger creation of RSA module signing key if it's not an RSA key 2021-09-15 09:50:29 +02:00
crypto crypto: authenc - Fix sleep in atomic context in decrypt_tail 2022-04-08 14:39:59 +02:00
Documentation docs: sysctl/kernel: add missing bit to panic_print 2022-04-08 14:40:44 +02:00
drivers mlxsw: i2c: Fix initialization error flow 2022-04-20 09:23:12 +02:00
fs btrfs: remove unused variable in btrfs_{start,write}_dirty_block_groups() 2022-04-20 09:23:10 +02:00
include net/sched: flower: fix parsing of ethertype following VLAN header 2022-04-20 09:23:11 +02:00
init init/main.c: return 1 from handled __setup() functions 2022-04-13 21:01:01 +02:00
ipc shm: extend forced shm destroy to support objects from several IPC nses 2021-12-01 09:19:10 +01:00
kernel cgroup: Use open-time credentials for process migraton perm checks 2022-04-13 21:01:10 +02:00
lib ubsan: remove CONFIG_UBSAN_OBJECT_SIZE 2022-04-13 21:01:10 +02:00
LICENSES LICENSES/deprecated: add Zlib license text 2020-09-16 14:33:49 +02:00
mm mm: don't skip swap entry even if zap_details specified 2022-04-13 21:01:10 +02:00
net net/sched: fix initialization order when updating chain 0 head 2022-04-20 09:23:12 +02:00
samples samples/bpf, xdpsock: Fix race when running for fix duration of time 2022-04-08 14:40:21 +02:00
scripts ubsan: remove CONFIG_UBSAN_OBJECT_SIZE 2022-04-13 21:01:10 +02:00
security Fix incorrect type in assignment of ipv6 port for audit 2022-04-08 14:40:31 +02:00
sound ASoC: topology: Allow TLV control to be either read or write 2022-04-08 14:40:44 +02:00
tools selftests: cgroup: Test open-time cgroup namespace usage for migration checks 2022-04-13 21:01:10 +02:00
usr usr/include/Makefile: add linux/nfc.h to the compile-test coverage 2022-02-01 17:25:48 +01:00
virt KVM: Prevent module exit until all VMs are freed 2022-04-08 14:40:38 +02:00
.clang-format RDMA 5.10 pull request 2020-10-17 11:18:18 -07:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore kbuild: generate Module.symvers only when vmlinux exists 2021-05-19 10:12:59 +02:00
.mailmap mailmap: add two more addresses of Uwe Kleine-König 2020-12-06 10:19:07 -08:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: Move Jason Cooper to CREDITS 2020-11-30 10:20:34 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS MAINTAINERS: adjust GCC PLUGINS after gcc-plugin.sh removal 2021-12-14 11:32:46 +01:00
Makefile Linux 5.10.111 2022-04-13 21:01:11 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.