• Taehee Yoo's avatar
    netfilter: ipt_CLUSTERIP: fix sleep-in-atomic bug in clusterip_config_entry_put() · 2a61d8b8
    Taehee Yoo authored
    A proc_remove() can sleep. so that it can't be inside of spin_lock.
    Hence proc_remove() is moved to outside of spin_lock. and it also
    adds mutex to sync create and remove of proc entry(config->pde).
    
    test commands:
    SHELL#1
       %while :; do iptables -A INPUT -p udp -i enp2s0 -d 192.168.1.100 \
    	   --dport 9000  -j CLUSTERIP --new --hashmode sourceip \
    	   --clustermac 01:00:5e:00:00:21 --total-nodes 3 --local-node 3; \
    	   iptables -F; done
    
    SHELL#2
       %while :; do echo +1 > /proc/net/ipt_CLUSTERIP/192.168.1.100; \
    	   echo -1 > /proc/net/ipt_CLUSTERIP/192.168.1.100; done
    
    [ 2949.569864] BUG: sleeping function called from invalid context at kernel/sched/completion.c:99
    [ 2949.579944] in_atomic(): 1, irqs_disabled(): 0, pid: 5472, name: iptables
    [ 2949.587920] 1 lock held by iptables/5472:
    [ 2949.592711]  #0: 000000008f0ebcf2 (&(&cn->lock)->rlock){+...}, at: refcount_dec_and_lock+0x24/0x50
    [ 2949.603307] CPU: 1 PID: 5472 Comm: iptables Tainted: G        W         4.19.0-rc5+ #16
    [ 2949.604212] Hardware name: To be filled by O.E.M. To be filled by O.E.M./Aptio CRB, BIOS 5.6.5 07/08/2015
    [ 2949.604212] Call Trace:
    [ 2949.604212]  dump_stack+0xc9/0x16b
    [ 2949.604212]  ? show_regs_print_info+0x5/0x5
    [ 2949.604212]  ___might_sleep+0x2eb/0x420
    [ 2949.604212]  ? set_rq_offline.part.87+0x140/0x140
    [ 2949.604212]  ? _rcu_barrier_trace+0x400/0x400
    [ 2949.604212]  wait_for_completion+0x94/0x710
    [ 2949.604212]  ? wait_for_completion_interruptible+0x780/0x780
    [ 2949.604212]  ? __kernel_text_address+0xe/0x30
    [ 2949.604212]  ? __lockdep_init_map+0x10e/0x5c0
    [ 2949.604212]  ? __lockdep_init_map+0x10e/0x5c0
    [ 2949.604212]  ? __init_waitqueue_head+0x86/0x130
    [ 2949.604212]  ? init_wait_entry+0x1a0/0x1a0
    [ 2949.604212]  proc_entry_rundown+0x208/0x270
    [ 2949.604212]  ? proc_reg_get_unmapped_area+0x370/0x370
    [ 2949.604212]  ? __lock_acquire+0x4500/0x4500
    [ 2949.604212]  ? complete+0x18/0x70
    [ 2949.604212]  remove_proc_subtree+0x143/0x2a0
    [ 2949.708655]  ? remove_proc_entry+0x390/0x390
    [ 2949.708655]  clusterip_tg_destroy+0x27a/0x630 [ipt_CLUSTERIP]
    [ ... ]
    
    Fixes: b3e456fc ("netfilter: ipt_CLUSTERIP: fix a race condition of proc file creation")
    Signed-off-by: 's avatarTaehee Yoo <ap420073@gmail.com>
    Signed-off-by: 's avatarPablo Neira Ayuso <pablo@netfilter.org>
    2a61d8b8
Name
Last commit
Last update
Documentation Loading commit data...
LICENSES Loading commit data...
arch Loading commit data...
block Loading commit data...
certs Loading commit data...
crypto Loading commit data...
drivers Loading commit data...
firmware Loading commit data...
fs Loading commit data...
include Loading commit data...
init Loading commit data...
ipc Loading commit data...
kernel Loading commit data...
lib Loading commit data...
mm Loading commit data...
net Loading commit data...
samples Loading commit data...
scripts Loading commit data...
security Loading commit data...
sound Loading commit data...
tools Loading commit data...
usr Loading commit data...
virt Loading commit data...
.clang-format Loading commit data...
.cocciconfig Loading commit data...
.get_maintainer.ignore Loading commit data...
.gitattributes Loading commit data...
.gitignore Loading commit data...
.mailmap Loading commit data...
COPYING Loading commit data...
CREDITS Loading commit data...
Kbuild Loading commit data...
Kconfig Loading commit data...
MAINTAINERS Loading commit data...
Makefile Loading commit data...
README Loading commit data...