| Message ID | 20200916004401.146277-1-yhs@fb.com |
|---|---|
| State | New |
| Headers | show |
| Series | [bpf] bpf: fix a rcu warning for bpffs map pretty-print | expand |
On Tue, Sep 15, 2020 at 5:44 PM Yonghong Song <yhs@fb.com> wrote: > > Running selftest > ./btf_btf -p > the kernel had the following warning: > [ 51.528185] WARNING: CPU: 3 PID: 1756 at kernel/bpf/hashtab.c:717 htab_map_get_next_key+0x2eb/0x300 > [ 51.529217] Modules linked in: > [ 51.529583] CPU: 3 PID: 1756 Comm: test_btf Not tainted 5.9.0-rc1+ #878 > [ 51.530346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.el7.centos 04/01/2014 > [ 51.531410] RIP: 0010:htab_map_get_next_key+0x2eb/0x300 > ... > [ 51.542826] Call Trace: > [ 51.543119] map_seq_next+0x53/0x80 > [ 51.543528] seq_read+0x263/0x400 > [ 51.543932] vfs_read+0xad/0x1c0 > [ 51.544311] ksys_read+0x5f/0xe0 > [ 51.544689] do_syscall_64+0x33/0x40 > [ 51.545116] entry_SYSCALL_64_after_hwframe+0x44/0xa9 > > The related source code in kernel/bpf/hashtab.c: > 709 static int htab_map_get_next_key(struct bpf_map *map, void *key, void *next_key) > 710 { > 711 struct bpf_htab *htab = container_of(map, struct bpf_htab, map); > 712 struct hlist_nulls_head *head; > 713 struct htab_elem *l, *next_l; > 714 u32 hash, key_size; > 715 int i = 0; > 716 > 717 WARN_ON_ONCE(!rcu_read_lock_held()); > > In kernel/bpf/inode.c, bpffs map pretty print calls map->ops->map_get_next_key() > without holding a rcu_read_lock(), hence causing the above warning. > To fix the issue, just surrounding map->ops->map_get_next_key() with rcu read lock. > > Reported-by: Alexei Starovoitov <ast@kernel.org> > Cc: Andrii Nakryiko <andriin@fb.com> > Cc: Martin KaFai Lau <kafai@fb.com> > Fixes: a26ca7c982cb ("bpf: btf: Add pretty print support to the basic arraymap") > Signed-off-by: Yonghong Song <yhs@fb.com> > --- LGTM. Acked-by: Andrii Nakryiko <andriin@fb.com> > kernel/bpf/inode.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c > index fb878ba3f22f..18f4969552ac 100644 > --- a/kernel/bpf/inode.c > +++ b/kernel/bpf/inode.c > @@ -226,10 +226,12 @@ static void *map_seq_next(struct seq_file *m, void *v, loff_t *pos) > else > prev_key = key; > > + rcu_read_lock(); > if (map->ops->map_get_next_key(map, prev_key, key)) { > map_iter(m)->done = true; > - return NULL; > + key = NULL; > } > + rcu_read_unlock(); > return key; > } > > -- > 2.24.1 >
On Tue, Sep 15, 2020 at 5:58 PM Andrii Nakryiko <andrii.nakryiko@gmail.com> wrote: > > On Tue, Sep 15, 2020 at 5:44 PM Yonghong Song <yhs@fb.com> wrote: > > > > Running selftest > > ./btf_btf -p > > the kernel had the following warning: > > [ 51.528185] WARNING: CPU: 3 PID: 1756 at kernel/bpf/hashtab.c:717 htab_map_get_next_key+0x2eb/0x300 > > [ 51.529217] Modules linked in: > > [ 51.529583] CPU: 3 PID: 1756 Comm: test_btf Not tainted 5.9.0-rc1+ #878 > > [ 51.530346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.el7.centos 04/01/2014 > > [ 51.531410] RIP: 0010:htab_map_get_next_key+0x2eb/0x300 > > ... > > [ 51.542826] Call Trace: > > [ 51.543119] map_seq_next+0x53/0x80 > > [ 51.543528] seq_read+0x263/0x400 > > [ 51.543932] vfs_read+0xad/0x1c0 > > [ 51.544311] ksys_read+0x5f/0xe0 > > [ 51.544689] do_syscall_64+0x33/0x40 > > [ 51.545116] entry_SYSCALL_64_after_hwframe+0x44/0xa9 > > > > The related source code in kernel/bpf/hashtab.c: > > 709 static int htab_map_get_next_key(struct bpf_map *map, void *key, void *next_key) > > 710 { > > 711 struct bpf_htab *htab = container_of(map, struct bpf_htab, map); > > 712 struct hlist_nulls_head *head; > > 713 struct htab_elem *l, *next_l; > > 714 u32 hash, key_size; > > 715 int i = 0; > > 716 > > 717 WARN_ON_ONCE(!rcu_read_lock_held()); > > > > In kernel/bpf/inode.c, bpffs map pretty print calls map->ops->map_get_next_key() > > without holding a rcu_read_lock(), hence causing the above warning. > > To fix the issue, just surrounding map->ops->map_get_next_key() with rcu read lock. > > > > Reported-by: Alexei Starovoitov <ast@kernel.org> > > Cc: Andrii Nakryiko <andriin@fb.com> > > Cc: Martin KaFai Lau <kafai@fb.com> > > Fixes: a26ca7c982cb ("bpf: btf: Add pretty print support to the basic arraymap") > > Signed-off-by: Yonghong Song <yhs@fb.com> > > --- > > LGTM. > > Acked-by: Andrii Nakryiko <andriin@fb.com> Applied. Thanks!
diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c index fb878ba3f22f..18f4969552ac 100644 --- a/kernel/bpf/inode.c +++ b/kernel/bpf/inode.c @@ -226,10 +226,12 @@ static void *map_seq_next(struct seq_file *m, void *v, loff_t *pos) else prev_key = key; + rcu_read_lock(); if (map->ops->map_get_next_key(map, prev_key, key)) { map_iter(m)->done = true; - return NULL; + key = NULL; } + rcu_read_unlock(); return key; }
Running selftest ./btf_btf -p the kernel had the following warning: [ 51.528185] WARNING: CPU: 3 PID: 1756 at kernel/bpf/hashtab.c:717 htab_map_get_next_key+0x2eb/0x300 [ 51.529217] Modules linked in: [ 51.529583] CPU: 3 PID: 1756 Comm: test_btf Not tainted 5.9.0-rc1+ #878 [ 51.530346] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.9.3-1.el7.centos 04/01/2014 [ 51.531410] RIP: 0010:htab_map_get_next_key+0x2eb/0x300 ... [ 51.542826] Call Trace: [ 51.543119] map_seq_next+0x53/0x80 [ 51.543528] seq_read+0x263/0x400 [ 51.543932] vfs_read+0xad/0x1c0 [ 51.544311] ksys_read+0x5f/0xe0 [ 51.544689] do_syscall_64+0x33/0x40 [ 51.545116] entry_SYSCALL_64_after_hwframe+0x44/0xa9 The related source code in kernel/bpf/hashtab.c: 709 static int htab_map_get_next_key(struct bpf_map *map, void *key, void *next_key) 710 { 711 struct bpf_htab *htab = container_of(map, struct bpf_htab, map); 712 struct hlist_nulls_head *head; 713 struct htab_elem *l, *next_l; 714 u32 hash, key_size; 715 int i = 0; 716 717 WARN_ON_ONCE(!rcu_read_lock_held()); In kernel/bpf/inode.c, bpffs map pretty print calls map->ops->map_get_next_key() without holding a rcu_read_lock(), hence causing the above warning. To fix the issue, just surrounding map->ops->map_get_next_key() with rcu read lock. Reported-by: Alexei Starovoitov <ast@kernel.org> Cc: Andrii Nakryiko <andriin@fb.com> Cc: Martin KaFai Lau <kafai@fb.com> Fixes: a26ca7c982cb ("bpf: btf: Add pretty print support to the basic arraymap") Signed-off-by: Yonghong Song <yhs@fb.com> --- kernel/bpf/inode.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)