bpf: Fix mismatched RCU unlock flavour in bpf_out_neigh_v6

pandayeah · Martin KaFai Lau · commit fb86c42a2a5d · 2024-11-08T12:41:43.000-08:00
In the bpf_out_neigh_v6 function, rcu_read_lock() is used to begin an RCU read-side critical section. However, when unlocking, one branch incorrectly uses a different RCU unlock flavour rcu_read_unlock_bh() instead of rcu_read_unlock(). This mismatch in RCU locking flavours can lead to unexpected behavior and potential concurrency issues. This possible bug was identified using a static analysis tool developed by myself, specifically designed to detect RCU-related issues. This patch corrects the mismatched unlock flavour by replacing the incorrect rcu_read_unlock_bh() with the appropriate rcu_read_unlock(), ensuring that the RCU critical section is properly exited. This change prevents potential synchronization issues and aligns with proper RCU usage patterns. Fixes: 09eed11 ("neighbour: switch to standard rcu, instead of rcu_bh") Signed-off-by: Jiawei Ye <jiawei.ye@foxmail.com> Acked-by: Yonghong Song <yonghong.song@linux.dev> Link: https://lore.kernel.org/r/tencent_CFD3D1C3D68B45EA9F52D8EC76D2C4134306@qq.com Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
diff --git a/net/core/filter.c b/net/core/filter.c
@@ -2249,7 +2249,7 @@ static int bpf_out_neigh_v6(struct net *net, struct sk_buff *skb,
 		rcu_read_unlock();
 		return ret;
 	}
-	rcu_read_unlock_bh();
+	rcu_read_unlock();
 	if (dst)
 		IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
 out_drop:

Original file line number	Diff line number	Diff line change
`@@ -2249,7 +2249,7 @@ static int bpf_out_neigh_v6(struct net net, struct sk_buff skb,`
`2249`	`2249`	`rcu_read_unlock();`
`2250`	`2250`	`return ret;`
`2251`	`2251`	`}`
`2252`		`- rcu_read_unlock_bh();`
	`2252`	`+ rcu_read_unlock();`
`2253`	`2253`	`if (dst)`
`2254`	`2254`	`IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);`
`2255`	`2255`	`out_drop:`