Re: Fwd: [PATCH][SMB3 client] fix TCP timers deadlock after rmmod

From: Wang Zhaolong
Date: Wed Apr 02 2025 - 00:43:56 EST

Next message: Jiri Slaby: "Re: [PATCH] tty: serial: samsung: Fix potential buffer overflow in clkname"
Previous message: Andrew Morton: "Re: [PATCH v5 3/3] mm/mempolicy: Support memory hotplug in weighted interleave"
In reply to: Kuniyuki Iwashima: "Re: Fwd: [PATCH][SMB3 client] fix TCP timers deadlock after rmmod"
Next in thread: Kuniyuki Iwashima: "Re: Fwd: [PATCH][SMB3 client] fix TCP timers deadlock after rmmod"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

sorry for the late response.

I tested this patch below and it works fine.

Best Regards,
Wang Zhaolong

I verified the patch below fixed the null-ptr-deref in lockdep by
preventing cifs from being unloaded while TCP sockets are alive.

I'll post this officialy, and once this is merged and pulled into
the cifs tree, I'll send a revert of e9f2517a3e18.

---8<---
diff --git a/include/net/sock.h b/include/net/sock.h
index 8daf1b3b12c6..e6515ef9116a 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -547,6 +547,10 @@ struct sock {
struct rcu_head sk_rcu;
netns_tracker ns_tracker;
struct xarray sk_user_frags;
+
+#if IS_ENABLED(CONFIG_PROVE_LOCKING) && IS_ENABLED(CONFIG_MODULES)
+ struct module *sk_owner;
+#endif
};
struct sock_bh_locked {
@@ -1583,6 +1587,16 @@ static inline void sk_mem_uncharge(struct sock *sk, int size)
sk_mem_reclaim(sk);
}
+#if IS_ENABLED(CONFIG_PROVE_LOCKING) && IS_ENABLED(CONFIG_MODULES)
+static inline void sk_set_owner(struct sock *sk, struct module *owner)
+{
+ __module_get(owner);
+ sk->sk_owner = owner;
+}
+#else
+#define sk_set_owner(sk, owner)
+#endif
+
/*
* Macro so as to not evaluate some arguments when
* lockdep is not enabled.
@@ -1592,6 +1606,7 @@ static inline void sk_mem_uncharge(struct sock *sk, int size)
*/
#define sock_lock_init_class_and_name(sk, sname, skey, name, key) \
do { \
+ sk_set_owner(sk, THIS_MODULE); \
sk->sk_lock.owned = 0; \
init_waitqueue_head(&sk->sk_lock.wq); \
spin_lock_init(&(sk)->sk_lock.slock); \
diff --git a/net/core/sock.c b/net/core/sock.c
index 323892066def..b54f12faad1c 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -2324,6 +2324,12 @@ static void __sk_destruct(struct rcu_head *head)
__netns_tracker_free(net, &sk->ns_tracker, false);
net_passive_dec(net);
}
+
+#if IS_ENABLED(CONFIG_PROVE_LOCKING) && IS_ENABLED(CONFIG_MODULES)
+ if (sk->sk_owner)
+ module_put(sk->sk_owner);
+#endif
+
sk_prot_free(sk->sk_prot_creator, sk);
}
---8<---

Next message: Jiri Slaby: "Re: [PATCH] tty: serial: samsung: Fix potential buffer overflow in clkname"
Previous message: Andrew Morton: "Re: [PATCH v5 3/3] mm/mempolicy: Support memory hotplug in weighted interleave"
In reply to: Kuniyuki Iwashima: "Re: Fwd: [PATCH][SMB3 client] fix TCP timers deadlock after rmmod"
Next in thread: Kuniyuki Iwashima: "Re: Fwd: [PATCH][SMB3 client] fix TCP timers deadlock after rmmod"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]