Go to file
Qian Cai 86b18aaa2b skbuff: fix a data race in skb_queue_len()
sk_buff.qlen can be accessed concurrently as noticed by KCSAN,

 BUG: KCSAN: data-race in __skb_try_recv_from_queue / unix_dgram_sendmsg

 read to 0xffff8a1b1d8a81c0 of 4 bytes by task 5371 on cpu 96:
  unix_dgram_sendmsg+0x9a9/0xb70 include/linux/skbuff.h:1821
				 net/unix/af_unix.c:1761
  ____sys_sendmsg+0x33e/0x370
  ___sys_sendmsg+0xa6/0xf0
  __sys_sendmsg+0x69/0xf0
  __x64_sys_sendmsg+0x51/0x70
  do_syscall_64+0x91/0xb47
  entry_SYSCALL_64_after_hwframe+0x49/0xbe

 write to 0xffff8a1b1d8a81c0 of 4 bytes by task 1 on cpu 99:
  __skb_try_recv_from_queue+0x327/0x410 include/linux/skbuff.h:2029
  __skb_try_recv_datagram+0xbe/0x220
  unix_dgram_recvmsg+0xee/0x850
  ____sys_recvmsg+0x1fb/0x210
  ___sys_recvmsg+0xa2/0xf0
  __sys_recvmsg+0x66/0xf0
  __x64_sys_recvmsg+0x51/0x70
  do_syscall_64+0x91/0xb47
  entry_SYSCALL_64_after_hwframe+0x49/0xbe

Since only the read is operating as lockless, it could introduce a logic
bug in unix_recvq_full() due to the load tearing. Fix it by adding
a lockless variant of skb_queue_len() and unix_recvq_full() where
READ_ONCE() is on the read while WRITE_ONCE() is on the write similar to
the commit d7d16a8935 ("net: add skb_queue_empty_lockless()").

Signed-off-by: Qian Cai <cai@lca.pw>
Signed-off-by: David S. Miller <davem@davemloft.net>
2020-02-06 13:59:10 +01:00
arch ARM development updates for 5.6-rc1: 2020-02-04 13:12:19 +00:00
block SCSI misc on 20200129 2020-01-29 18:16:16 -08:00
certs certs: Add wrapper function to check blacklisted binary hash 2019-11-12 12:25:50 +11:00
crypto treewide: remove redundant IS_ERR() before error code check 2020-02-04 03:05:27 +00:00
Documentation Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-02-04 13:32:20 +00:00
drivers net: mvneta: move rx_dropped and rx_errors in per-cpu stats 2020-02-06 11:29:38 +01:00
fs overlayfs update for 5.6 2020-02-04 11:45:21 +00:00
include skbuff: fix a data race in skb_queue_len() 2020-02-06 13:59:10 +01:00
init init/main.c: fix misleading "This architecture does not have kernel memory protection" message 2020-01-31 10:30:41 -08:00
ipc proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
kernel proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
lib lib: new testcases for bitmap_parse{_user} 2020-02-04 03:05:27 +00:00
LICENSES LICENSES: Rename other to deprecated 2019-05-03 06:34:32 -06:00
mm Merge branch 'akpm' (patches from Andrew) 2020-02-04 07:24:48 +00:00
net skbuff: fix a data race in skb_queue_len() 2020-02-06 13:59:10 +01:00
samples proc: convert everything to "struct proc_ops" 2020-02-04 03:05:26 +00:00
scripts mm: remove __krealloc 2020-02-04 03:05:24 +00:00
security linux-kselftest-5.6-rc1-kunit 2020-01-29 15:25:34 -08:00
sound treewide: remove redundant IS_ERR() before error code check 2020-02-04 03:05:27 +00:00
tools mptcp: fix use-after-free for ipv6 2020-02-06 11:25:09 +01:00
usr initramfs: do not show compression mode choice if INITRAMFS_SOURCE is empty 2020-02-03 17:31:43 +00:00
virt Merge branch 'cve-2019-3016' into kvm-next-5.6 2020-01-30 18:47:59 +01:00
.clang-format clang-format: Update with the latest for_each macro list 2019-08-31 10:00:51 +02:00
.cocciconfig scripts: add Linux .cocciconfig for coccinelle 2016-07-22 12:13:39 +02:00
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore modpost: dump missing namespaces into a single modules.nsdeps file 2019-11-11 20:10:01 +09:00
.mailmap RTC for 5.6 2020-02-04 07:03:40 +00:00
COPYING COPYING: use the new text with points to the license files 2018-03-23 12:41:45 -06:00
CREDITS open: introduce openat2(2) syscall 2020-01-18 09:19:18 -05:00
Kbuild kbuild: do not descend to ./Kbuild when cleaning 2019-08-21 21:03:58 +09:00
Kconfig docs: kbuild: convert docs to ReST and rename to *.rst 2019-06-14 14:21:21 -06:00
MAINTAINERS Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2020-02-04 13:32:20 +00:00
Makefile Kbuild updates for v5.6 2020-02-01 10:01:52 -08:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.