On Sat, Mar 8, 2025 at 5:47 AM Stanislav Fomichev <sdf@xxxxxxxxxxx> wrote:
>
> There is a couple of places from which we can arrive to ndo_setup_tc
> with TC_SETUP_BLOCK/TC_SETUP_FT:
> - netlink
> - netlink notifier
> - netdev notifier
>
> Locking netdev too deep in this call chain seems to be problematic
> (especially assuming some/all of the call_netdevice_notifiers
> NETDEV_UNREGISTER) might soon be running with the instance lock).
> Revert to lockless ndo_setup_tc for TC_SETUP_BLOCK/TC_SETUP_FT. NFT
> framework already takes care of most of the locking. Document
> the assumptions.
>
>
> Fixes: c4f0f30b424e ("net: hold netdev instance lock during nft ndo_setup_tc")
> Signed-off-by: Stanislav Fomichev <sdf@xxxxxxxxxxx>
I think you forgot to mention syzbot.
Reported-by: syzbot+0afb4bcf91e5a1afdcad@xxxxxxxxxxxxxxxxxxxxxxxxx
Closes: https://lore.kernel.org/netdev/67cb88d1.050a0220.d8275.022d.GAE@xxxxxxxxxx/T/#u
Thanks.
