[PATCH] BUG: using smp_processor_id() in preemptible [00000000] code: syz.3.1627/12102 caller is nft_inner_eval+0xda/0x18e0 net/netfilter/nft_inner.c:251

From: Pei Xiao
Date: Fri Nov 22 2024 - 05:07:40 EST


---
net/netfilter/nft_inner.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/net/netfilter/nft_inner.c b/net/netfilter/nft_inner.c
index 928312d01eb1..86c94d8b90c8 100644
--- a/net/netfilter/nft_inner.c
+++ b/net/netfilter/nft_inner.c
@@ -248,9 +248,13 @@ static bool nft_inner_parse_needed(const struct nft_inner *priv,
static void nft_inner_eval(const struct nft_expr *expr, struct nft_regs *regs,
const struct nft_pktinfo *pkt)
{
- struct nft_inner_tun_ctx *tun_ctx = this_cpu_ptr(&nft_pcpu_tun_ctx);
+ struct nft_inner_tun_ctx *tun_ctx;
const struct nft_inner *priv = nft_expr_priv(expr);

+ local_bh_disable();
+ tun_ctx = this_cpu_ptr(&nft_pcpu_tun_ctx);
+ local_bh_enable();
+
if (nft_payload_inner_offset(pkt) < 0)
goto err;

--
2.34.1