Re: mmotm 2010-04-28 - RCU whinges
From: Eric Dumazet
Date: Mon May 03 2010 - 10:58:57 EST
Le lundi 03 mai 2010 Ã 10:30 -0400, Valdis.Kletnieks@xxxxxx a Ãcrit :
> [ 9.128899] Netfilter messages via NETLINK v0.30.
> [ 9.128919] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
> [ 9.129108] CONFIG_NF_CT_ACCT is deprecated and will be removed soon. Please use
> [ 9.129110] nf_conntrack.acct=1 kernel parameter, acct=1 nf_conntrack module option or
> [ 9.129113] sysctl net.netfilter.nf_conntrack_acct=1 to enable it.
> [ 9.129135] ctnetlink v0.93: registering with nfnetlink.
> [ 9.129452] ip_tables: (C) 2000-2006 Netfilter Core Team
> [ 9.129506]
> [ 9.129507] ===================================================
> [ 9.129683] [ INFO: suspicious rcu_dereference_check() usage. ]
> [ 9.129777] ---------------------------------------------------
> [ 9.129872] net/netfilter/nf_log.c:55 invoked rcu_dereference_check() without protection!
> [ 9.129969]
> [ 9.129969] other info that might help us debug this:
> [ 9.129970]
> [ 9.130232]
> [ 9.130232] rcu_scheduler_active = 1, debug_locks = 0
> [ 9.130407] 1 lock held by swapper/1:
> [ 9.130525] #0: (nf_log_mutex){+.+...}, at: [<ffffffff81481154>] nf_log_register+0x57/0x10f
> [ 9.130955]
> [ 9.130956] stack backtrace:
> [ 9.131162] Pid: 1, comm: swapper Tainted: G W 2.6.34-rc5-mmotm0428 #2
> [ 9.131259] Call Trace:
> [ 9.131370] [<ffffffff81064832>] lockdep_rcu_dereference+0xaa/0xb2
> [ 9.131466] [<ffffffff814811db>] nf_log_register+0xde/0x10f
> [ 9.131579] [<ffffffff81b5ca28>] ? log_tg_init+0x0/0x29
> [ 9.131689] [<ffffffff81b5ca4d>] log_tg_init+0x25/0x29
> [ 9.131800] [<ffffffff810001ef>] do_one_initcall+0x59/0x14e
> [ 9.131912] [<ffffffff81b2e68a>] kernel_init+0x144/0x1ce
> [ 9.132033] [<ffffffff81003414>] kernel_thread_helper+0x4/0x10
> [ 9.132146] [<ffffffff81598a40>] ? restore_args+0x0/0x30
> [ 9.132257] [<ffffffff81b2e546>] ? kernel_init+0x0/0x1ce
> [ 9.132370] [<ffffffff81003410>] ? kernel_thread_helper+0x0/0x10
> [ 9.132513] TCP bic registered
>
Thanks for the report !
[PATCH] net: nf_log RCU fixes
nf_log_register() and nf_log_unregister() use a mutex to have exclusive
access to nf_logers[]. Use appropriate rcu_dereference_protected()
lockdep annotation.
Reported-by: Valdis Kletnieks <Valdis.Kletnieks@xxxxxx>
Signed-off-by: Eric Dumazet <eric.dumazet@xxxxxxxxx>
---
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
index 015725a..7df37fd 100644
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -52,7 +52,8 @@ int nf_log_register(u_int8_t pf, struct nf_logger *logger)
} else {
/* register at end of list to honor first register win */
list_add_tail(&logger->list[pf], &nf_loggers_l[pf]);
- llog = rcu_dereference(nf_loggers[pf]);
+ llog = rcu_dereference_protected(nf_loggers[pf],
+ lockdep_is_held(&nf_log_mutex));
if (llog == NULL)
rcu_assign_pointer(nf_loggers[pf], logger);
}
@@ -70,7 +71,8 @@ void nf_log_unregister(struct nf_logger *logger)
mutex_lock(&nf_log_mutex);
for (i = 0; i < ARRAY_SIZE(nf_loggers); i++) {
- c_logger = rcu_dereference(nf_loggers[i]);
+ c_logger = rcu_dereference_protected(nf_loggers[i],
+ lockdep_is_held(&nf_log_mutex));
if (c_logger == logger)
rcu_assign_pointer(nf_loggers[i], NULL);
list_del(&logger->list[i]);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/