net: igmp: fix data-race in igmp_ifc_timer_expire()
Eric Dumazet authored
[ Upstream commit 4a2b285e ]

Fix the data-race reported by syzbot [1]
Issue here is that igmp_ifc_timer_expire() can update in_dev->mr_ifc_count
while another change just occured from another context.

in_dev->mr_ifc_count is only 8bit wide, so the race had little
consequences.

[1]
BUG: KCSAN: data-race in igmp_ifc_event / igmp_ifc_timer_expire

write to 0xffff8881051e3062 of 1 bytes by task 12547 on cpu 0:
 igmp_ifc_event+0x1d5/0x290 net/ipv4/igmp.c:821
 igmp_group_added+0x462/0x490 net/ipv4/igmp.c:1356
 ____ip_mc_inc_group+0x3ff/0x500 net/ipv4/igmp.c:1461
 __ip_mc_join_group+0x24d/0x2c0 net/ipv4/igmp.c:2199
 ip_mc_join_group_ssm+0x20/0x30 net/ipv4/igmp.c:2218
 do_ip_setsockopt net/ipv4/ip_sockglue.c:1285 [inline]
 ip_setsockopt+0x1827/0x2a80 net/ipv4/ip_sockglue.c:1423
 tcp_setsockopt+0x8c/0xa0 net/ipv4/tcp.c:3657
 sock_common_setsockopt+0x5d/0x70 net/core/sock.c:3362
 __sys_setsockopt+0x18f/0x200 net/socket.c:2159
 __...
24e1b7db
Name Last commit Last update
Documentation Documentation: Fix intiramfs script name
LICENSES LICENSES/deprecated: add Zlib license text
arch ARC: fp: set FPU_STATUS.FWE to enable FPU_STATUS update on context switch
block blk-iolatency: error out if blk_get_queue() failed in iolatency_set_limit()
certs certs: add 'x509_revocation_list' to gitignore
crypto crypto: sm2 - fix a memory leak in sm2
drivers net: dsa: microchip: ksz8795: Fix VLAN filtering
fs ceph: reduce contention in ceph_check_delayed_caps()
include net/mlx5: Synchronize correct IRQ when destroying CQ
init sched/core: Initialize the idle task with preemption disabled
ipc ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
kernel bpf: Fix integer overflow involving bucket_size
lib net: add kcov handle to skb extensions
mm memblock: make for_each_mem_range() traverse MEMBLOCK_HOTPLUG regions
net net: igmp: fix data-race in igmp_ifc_timer_expire()
samples samples/bpf: Fix the error return code of xdp_redirect's main()
scripts scripts/tracing: fix the bug that can't parse raw_trace_func
security bpf: Add lockdown check for probe_write_user helper
sound ASoC: cs42l42: Fix LRCLK frame start edge
tools libbpf: Fix probe for BPF_PROG_TYPE_CGROUP_SOCKOPT
usr Merge branch 'work.fdpic' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
virt KVM: Do not leak memory for duplicate debugfs directories
.clang-format Merge tag 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/rdma/rdma
.cocciconfig scripts: add Linux .cocciconfig for coccinelle
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl
.gitattributes .gitattributes: use 'dts' diff driver for dts files
.gitignore kbuild: generate Module.symvers only when vmlinux exists
.mailmap mailmap: add two more addresses of Uwe Kleine-König
COPYING COPYING: state that all contributions really are covered by this file
CREDITS MAINTAINERS: Move Jason Cooper to CREDITS
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y
Kconfig kbuild: ensure full rebuild when the compiler is updated
MAINTAINERS f2fs: move ioctl interface definitions to separated file
Makefile Linux 5.10.59
README Drop all 00-INDEX files from Documentation/
Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.