kernel/events/uprobes.c | 2 ++ 1 file changed, 2 insertions(+)
Acquire RCU trace lock in filter_chain() to protect
list_for_each_entry_rcu() iteration, protecting the list iteration in a
RCU read section.
Prior to this fix, list_for_each_entry_srcu() was called without holding
the required lock, triggering warnings when RCU_PROVING is enabled:
kernel/events/uprobes.c:937 RCU-list traversed without holding the required lock!!
Signed-off-by: Breno Leitao <leitao@debian.org>
Fixes: cc01bd044e6a ("uprobes: travers uprobe's consumer list locklessly under SRCU protection")
---
kernel/events/uprobes.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c
index fa04b14a7d72353adc440742016b813da6c812d2..afdaa45a43ac3948f7983175eda808c989e8738a 100644
--- a/kernel/events/uprobes.c
+++ b/kernel/events/uprobes.c
@@ -1103,11 +1103,13 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm)
bool ret = false;
down_read(&uprobe->consumer_rwsem);
+ rcu_read_lock_trace();
list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) {
ret = consumer_filter(uc, mm);
if (ret)
break;
}
+ rcu_read_unlock_trace();
up_read(&uprobe->consumer_rwsem);
return ret;
---
base-commit: 5b913f5d7d7fe0f567dea8605f21da6eaa1735fb
change-id: 20241107-rcu_probe-bef660d84990
Best regards,
--
Breno Leitao <leitao@debian.org>
On Thu, Nov 07, 2024 at 09:14:45AM -0800, Breno Leitao wrote: > Acquire RCU trace lock in filter_chain() to protect > list_for_each_entry_rcu() iteration, protecting the list iteration in a > RCU read section. > > Prior to this fix, list_for_each_entry_srcu() was called without holding > the required lock, triggering warnings when RCU_PROVING is enabled: > > kernel/events/uprobes.c:937 RCU-list traversed without holding the required lock!! > > Signed-off-by: Breno Leitao <leitao@debian.org> > Fixes: cc01bd044e6a ("uprobes: travers uprobe's consumer list locklessly under SRCU protection") > --- > kernel/events/uprobes.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c > index fa04b14a7d72353adc440742016b813da6c812d2..afdaa45a43ac3948f7983175eda808c989e8738a 100644 > --- a/kernel/events/uprobes.c > +++ b/kernel/events/uprobes.c > @@ -1103,11 +1103,13 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm) > bool ret = false; > > down_read(&uprobe->consumer_rwsem); > + rcu_read_lock_trace(); > list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) { Maybe I'm confused, but isn't uprobe->consumer list protected by uprobe->consumer_rwsem, which we hold for reading? That is, AFAICT this is a false positive and we should be doing this instead, no? diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c index a76ddc5fc982..a5405e9ef9f5 100644 --- a/kernel/events/uprobes.c +++ b/kernel/events/uprobes.c @@ -1104,7 +1104,7 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm) bool ret = false; down_read(&uprobe->consumer_rwsem); - list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) { + list_for_each_entry(uc, &uprobe->consumers, cons_node) { ret = consumer_filter(uc, mm); if (ret) break;
On Fri, Nov 8, 2024 at 1:00 AM Peter Zijlstra <peterz@infradead.org> wrote: > > On Thu, Nov 07, 2024 at 09:14:45AM -0800, Breno Leitao wrote: > > Acquire RCU trace lock in filter_chain() to protect > > list_for_each_entry_rcu() iteration, protecting the list iteration in a > > RCU read section. > > > > Prior to this fix, list_for_each_entry_srcu() was called without holding > > the required lock, triggering warnings when RCU_PROVING is enabled: > > > > kernel/events/uprobes.c:937 RCU-list traversed without holding the required lock!! > > > > Signed-off-by: Breno Leitao <leitao@debian.org> > > Fixes: cc01bd044e6a ("uprobes: travers uprobe's consumer list locklessly under SRCU protection") > > --- > > kernel/events/uprobes.c | 2 ++ > > 1 file changed, 2 insertions(+) > > > > diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c > > index fa04b14a7d72353adc440742016b813da6c812d2..afdaa45a43ac3948f7983175eda808c989e8738a 100644 > > --- a/kernel/events/uprobes.c > > +++ b/kernel/events/uprobes.c > > @@ -1103,11 +1103,13 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm) > > bool ret = false; > > > > down_read(&uprobe->consumer_rwsem); > > + rcu_read_lock_trace(); > > list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) { > > Maybe I'm confused, but isn't uprobe->consumer list protected by > uprobe->consumer_rwsem, which we hold for reading? > > That is, AFAICT this is a false positive and we should be doing this > instead, no? Yep, you are absolutely right. RCU-protected traversal is important only for handler_chain() and handle_uretprobe_chain(). Here it's all under lock, so no need for RCU protection. > > > diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c > index a76ddc5fc982..a5405e9ef9f5 100644 > --- a/kernel/events/uprobes.c > +++ b/kernel/events/uprobes.c > @@ -1104,7 +1104,7 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm) > bool ret = false; > > down_read(&uprobe->consumer_rwsem); > - list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) { > + list_for_each_entry(uc, &uprobe->consumers, cons_node) { Acked-by: Andrii Nakryiko <andrii@kernel.org> > ret = consumer_filter(uc, mm); > if (ret) > break;
On Fri, Nov 08, 2024 at 09:28:17AM -0800, Andrii Nakryiko wrote: > On Fri, Nov 8, 2024 at 1:00 AM Peter Zijlstra <peterz@infradead.org> wrote: > > > > On Thu, Nov 07, 2024 at 09:14:45AM -0800, Breno Leitao wrote: > > > Acquire RCU trace lock in filter_chain() to protect > > > list_for_each_entry_rcu() iteration, protecting the list iteration in a > > > RCU read section. > > > > > > Prior to this fix, list_for_each_entry_srcu() was called without holding > > > the required lock, triggering warnings when RCU_PROVING is enabled: > > > > > > kernel/events/uprobes.c:937 RCU-list traversed without holding the required lock!! > > > > > > Signed-off-by: Breno Leitao <leitao@debian.org> > > > Fixes: cc01bd044e6a ("uprobes: travers uprobe's consumer list locklessly under SRCU protection") > > > --- > > > kernel/events/uprobes.c | 2 ++ > > > 1 file changed, 2 insertions(+) > > > > > > diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c > > > index fa04b14a7d72353adc440742016b813da6c812d2..afdaa45a43ac3948f7983175eda808c989e8738a 100644 > > > --- a/kernel/events/uprobes.c > > > +++ b/kernel/events/uprobes.c > > > @@ -1103,11 +1103,13 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm) > > > bool ret = false; > > > > > > down_read(&uprobe->consumer_rwsem); > > > + rcu_read_lock_trace(); > > > list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) { > > > > Maybe I'm confused, but isn't uprobe->consumer list protected by > > uprobe->consumer_rwsem, which we hold for reading? > > > > That is, AFAICT this is a false positive and we should be doing this > > instead, no? > > Yep, you are absolutely right. RCU-protected traversal is important > only for handler_chain() and handle_uretprobe_chain(). Here it's all > under lock, so no need for RCU protection. Thanks. I will update
On Thu, Nov 7, 2024 at 9:16 AM Breno Leitao <leitao@debian.org> wrote: > > Acquire RCU trace lock in filter_chain() to protect > list_for_each_entry_rcu() iteration, protecting the list iteration in a > RCU read section. > > Prior to this fix, list_for_each_entry_srcu() was called without holding > the required lock, triggering warnings when RCU_PROVING is enabled: > > kernel/events/uprobes.c:937 RCU-list traversed without holding the required lock!! > > Signed-off-by: Breno Leitao <leitao@debian.org> > Fixes: cc01bd044e6a ("uprobes: travers uprobe's consumer list locklessly under SRCU protection") > --- > kernel/events/uprobes.c | 2 ++ > 1 file changed, 2 insertions(+) LGTM, thanks Reviewed-by: Andrii Nakryiko <andrii@kernel.org> > > diff --git a/kernel/events/uprobes.c b/kernel/events/uprobes.c > index fa04b14a7d72353adc440742016b813da6c812d2..afdaa45a43ac3948f7983175eda808c989e8738a 100644 > --- a/kernel/events/uprobes.c > +++ b/kernel/events/uprobes.c > @@ -1103,11 +1103,13 @@ static bool filter_chain(struct uprobe *uprobe, struct mm_struct *mm) > bool ret = false; > > down_read(&uprobe->consumer_rwsem); > + rcu_read_lock_trace(); > list_for_each_entry_rcu(uc, &uprobe->consumers, cons_node, rcu_read_lock_trace_held()) { > ret = consumer_filter(uc, mm); > if (ret) > break; > } > + rcu_read_unlock_trace(); > up_read(&uprobe->consumer_rwsem); > > return ret; > > --- > base-commit: 5b913f5d7d7fe0f567dea8605f21da6eaa1735fb > change-id: 20241107-rcu_probe-bef660d84990 > > Best regards, > -- > Breno Leitao <leitao@debian.org> >
© 2016 - 2024 Red Hat, Inc.