RE: [PATCH net] hv_netvsc: fix potential deadlock in netvsc_vf_setxdp()

From: Haiyang Zhang
Date: Sun May 18 2025 - 12:23:59 EST

Next message: Johannes Weiner: "Re: [PATCH v4 4/4] mm/page_isolation: remove migratetype parameter from more functions."
Previous message: Rik van Riel: "Re: [PATCH v2] x86/mm: resize user_pcid_flush_mask for PTI / broadcast TLB flush combination"
In reply to: Saurabh Sengar: "[PATCH net] hv_netvsc: fix potential deadlock in netvsc_vf_setxdp()"
Next in thread: ALOK TIWARI: "Re: [PATCH net] hv_netvsc: fix potential deadlock in netvsc_vf_setxdp()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> -----Original Message-----
> From: Saurabh Sengar <ssengar@xxxxxxxxxxxxxxxxxxx>
> Sent: Saturday, May 17, 2025 11:48 PM
> To: KY Srinivasan <kys@xxxxxxxxxxxxx>; Haiyang Zhang
> <haiyangz@xxxxxxxxxxxxx>; wei.liu@xxxxxxxxxx; Dexuan Cui
> <decui@xxxxxxxxxxxxx>; andrew+netdev@xxxxxxx; davem@xxxxxxxxxxxxx;
> edumazet@xxxxxxxxxx; pabeni@xxxxxxxxxx; horms@xxxxxxxxxx; ast@xxxxxxxxxx;
> daniel@xxxxxxxxxxxxx; hawk@xxxxxxxxxx; john.fastabend@xxxxxxxxx;
> sdf@xxxxxxxxxxx; kuniyu@xxxxxxxxxx; ahmed.zaki@xxxxxxxxx;
> aleksander.lobakin@xxxxxxxxx; linux-hyperv@xxxxxxxxxxxxxxx;
> netdev@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx; bpf@xxxxxxxxxxxxxxx
> Cc: Saurabh Singh Sengar <ssengar@xxxxxxxxxxxxx>; stable@xxxxxxxxxxxxxxx;
> Saurabh Sengar <ssengar@xxxxxxxxxxxxxxxxxxx>
> Subject: [PATCH net] hv_netvsc: fix potential deadlock in
> netvsc_vf_setxdp()
>
> The MANA driver's probe registers netdevice via the following call chain:
>
> mana_probe()
> register_netdev()
> register_netdevice()
>
> register_netdevice() calls notifier callback for netvsc driver,
> holding the netdev mutex via netdev_lock_ops().
>
> Further this netvsc notifier callback end up attempting to acquire the
> same lock again in dev_xdp_propagate() leading to deadlock.
>
> netvsc_netdev_event()
> netvsc_vf_setxdp()
> dev_xdp_propagate()
>
> This deadlock was not observed so far because net_shaper_ops was never
> set and this lock in noop in this case. Fix this by using
> netif_xdp_propagate instead of dev_xdp_propagate to avoid recursive
> locking in this path.
>
> This issue has not observed so far because net_shaper_ops was unset,
> making the lock path effectively a no-op. To prevent recursive locking
> and avoid this deadlock, replace dev_xdp_propagate() with
> netif_xdp_propagate(), which does not acquire the lock again.
>
> Also, clean up the unregistration path by removing unnecessary call to
> netvsc_vf_setxdp(), since unregister_netdevice_many_notify() already
> performs this cleanup via dev_xdp_uninstall.
>
> Fixes: 97246d6d21c2 ("net: hold netdev instance lock during ndo_bpf")
> Cc: stable@xxxxxxxxxxxxxxx
> Signed-off-by: Saurabh Sengar <ssengar@xxxxxxxxxxxxxxxxxxx>

Reviewed-by: Haiyang Zhang <haiyangz@xxxxxxxxxxxxx>

Next message: Johannes Weiner: "Re: [PATCH v4 4/4] mm/page_isolation: remove migratetype parameter from more functions."
Previous message: Rik van Riel: "Re: [PATCH v2] x86/mm: resize user_pcid_flush_mask for PTI / broadcast TLB flush combination"
In reply to: Saurabh Sengar: "[PATCH net] hv_netvsc: fix potential deadlock in netvsc_vf_setxdp()"
Next in thread: ALOK TIWARI: "Re: [PATCH net] hv_netvsc: fix potential deadlock in netvsc_vf_setxdp()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]