linux/net/dsa
Vladimir Oltean d06f925f13 net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses
When using the felix driver (the only one which supports UC filtering
and MC filtering) as a DSA master for a random other DSA switch, one can
see the following stack trace when the downstream switch ports join a
VLAN-aware bridge:

=============================
WARNING: suspicious RCU usage
-----------------------------
net/8021q/vlan_core.c:238 suspicious rcu_dereference_protected() usage!

stack backtrace:
Workqueue: dsa_ordered dsa_slave_switchdev_event_work
Call trace:
 lockdep_rcu_suspicious+0x170/0x210
 vlan_for_each+0x8c/0x188
 dsa_slave_sync_uc+0x128/0x178
 __hw_addr_sync_dev+0x138/0x158
 dsa_slave_set_rx_mode+0x58/0x70
 __dev_set_rx_mode+0x88/0xa8
 dev_uc_add+0x74/0xa0
 dsa_port_bridge_host_fdb_add+0xec/0x180
 dsa_slave_switchdev_event_work+0x7c/0x1c8
 process_one_work+0x290/0x568

What it's saying is that vlan_for_each() expects rtnl_lock() context and
it's not getting it, when it's called from the DSA master's ndo_set_rx_mode().

The caller of that - dsa_slave_set_rx_mode() - is the slave DSA
interface's dsa_port_bridge_host_fdb_add() which comes from the deferred
dsa_slave_switchdev_event_work().

We went to great lengths to avoid the rtnl_lock() context in that call
path in commit 0faf890fc5 ("net: dsa: drop rtnl_lock from
dsa_slave_switchdev_event_work"), and calling rtnl_lock() is simply not
an option due to the possibility of deadlocking when calling
dsa_flush_workqueue() from the call paths that do hold rtnl_lock() -
basically all of them.

So, when the DSA master calls vlan_for_each() from its ndo_set_rx_mode(),
the state of the 8021q driver on this device is really not protected
from concurrent access by anything.

Looking at net/8021q/, I don't think that vlan_info->vid_list was
particularly designed with RCU traversal in mind, so introducing an RCU
read-side form of vlan_for_each() - vlan_for_each_rcu() - won't be so
easy, and it also wouldn't be exactly what we need anyway.

In general I believe that the solution isn't in net/8021q/ anyway;
vlan_for_each() is not cut out for this task. DSA doesn't need rtnl_lock()
to be held per se - since it's not a netdev state change that we're
blocking, but rather, just concurrent additions/removals to a VLAN list.
We don't even need sleepable context - the callback of vlan_for_each()
just schedules deferred work.

The proposed escape is to remove the dependency on vlan_for_each() and
to open-code a non-sleepable, rtnl-free alternative to that, based on
copies of the VLAN list modified from .ndo_vlan_rx_add_vid() and
.ndo_vlan_rx_kill_vid().

Fixes: 64fdc5f341 ("net: dsa: sync unicast and multicast addresses for VLAN filters too")
Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>
Link: https://lore.kernel.org/r/20230626154402.3154454-1-vladimir.oltean@nxp.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
2023-06-27 09:37:41 -07:00
..
devlink.c net: dsa: move rest of devlink setup/teardown to devlink.c 2022-11-22 20:41:47 -08:00
devlink.h net: dsa: move rest of devlink setup/teardown to devlink.c 2022-11-22 20:41:47 -08:00
dsa.c net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses 2023-06-27 09:37:41 -07:00
dsa.h net: dsa: rename dsa2.c back into dsa.c and create its header 2022-11-22 20:41:53 -08:00
Kconfig net: dsa: modularize DSA_TAG_PROTO_NONE 2022-11-22 20:41:45 -08:00
Makefile net: dsa: add trace points for FDB/MDB operations 2023-04-12 08:36:07 +01:00
master.c net: dsa: replace NETDEV_PRE_CHANGE_HWTSTAMP notifier with a stub 2023-04-09 15:35:49 +01:00
master.h net: dsa: replace NETDEV_PRE_CHANGE_HWTSTAMP notifier with a stub 2023-04-09 15:35:49 +01:00
netlink.c net: dsa: kill off dsa_priv.h 2022-11-22 20:41:54 -08:00
netlink.h net: dsa: kill off dsa_priv.h 2022-11-22 20:41:54 -08:00
port.c net: dsa: make dsa_port_supports_hwtstamp() construct a fake ifreq 2023-04-03 10:04:27 +01:00
port.h net: dsa: make dsa_port_supports_hwtstamp() construct a fake ifreq 2023-04-03 10:04:27 +01:00
slave.c net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses 2023-06-27 09:37:41 -07:00
slave.h net: dsa: move headers exported by slave.c to slave.h 2022-11-22 20:41:49 -08:00
stubs.c net: dsa: replace NETDEV_PRE_CHANGE_HWTSTAMP notifier with a stub 2023-04-09 15:35:49 +01:00
switch.c net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses 2023-06-27 09:37:41 -07:00
switch.h net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses 2023-06-27 09:37:41 -07:00
tag_8021q.c net: dsa: update TX path comments to not mention skb_mac_header() 2023-04-23 14:16:45 +01:00
tag_8021q.h net: dsa: move tag_8021q headers to their proper place 2022-11-22 20:41:53 -08:00
tag_ar9331.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_brcm.c net: dsa: tag_brcm: legacy: fix daisy-chained switches 2023-03-21 17:29:13 -07:00
tag_dsa.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_gswip.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_hellcreek.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2022-12-08 18:19:59 -08:00
tag_ksz.c net: dsa: tag_ksz: do not rely on skb_mac_header() in TX paths 2023-04-23 14:16:44 +01:00
tag_lan9303.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_mtk.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_none.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_ocelot_8021q.c net: dsa: move tag_8021q headers to their proper place 2022-11-22 20:41:53 -08:00
tag_ocelot.c net: dsa: tag_ocelot: call only the relevant portion of __skb_vlan_pop() on TX 2023-04-23 14:16:45 +01:00
tag_qca.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_rtl4_a.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_rtl8_4.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_rzn1_a5psw.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_sja1105.c net: dsa: tag_sja1105: replace skb_mac_header() with vlan_eth_hdr() 2023-04-23 14:16:44 +01:00
tag_trailer.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag_xrs700x.c net: dsa: move tagging protocol code to tag.{c,h} 2022-11-22 20:41:50 -08:00
tag.c net: dsa: report rx_bytes unadjusted for ETH_HLEN 2023-03-20 09:09:53 +00:00
tag.h net: dsa: update TX path comments to not mention skb_mac_header() 2023-04-23 14:16:45 +01:00
trace.c net: dsa: add trace points for FDB/MDB operations 2023-04-12 08:36:07 +01:00
trace.h net: dsa: add trace points for VLAN operations 2023-04-12 08:36:07 +01:00