On 03/08, Eric Dumazet wrote:
> On Sat, Mar 8, 2025 at 5:47 AM Stanislav Fomichev <sdf@xxxxxxxxxxx> wrote:
> >
> > There is a couple of places from which we can arrive to ndo_setup_tc
> > with TC_SETUP_BLOCK/TC_SETUP_FT:
> > - netlink
> > - netlink notifier
> > - netdev notifier
> >
> > Locking netdev too deep in this call chain seems to be problematic
> > (especially assuming some/all of the call_netdevice_notifiers
> > NETDEV_UNREGISTER) might soon be running with the instance lock).
> > Revert to lockless ndo_setup_tc for TC_SETUP_BLOCK/TC_SETUP_FT. NFT
> > framework already takes care of most of the locking. Document
> > the assumptions.
> >
>
>
> >
> > Fixes: c4f0f30b424e ("net: hold netdev instance lock during nft ndo_setup_tc")
> > Signed-off-by: Stanislav Fomichev <sdf@xxxxxxxxxxx>
>
> I think you forgot to mention syzbot.
>
> Reported-by: syzbot+0afb4bcf91e5a1afdcad@xxxxxxxxxxxxxxxxxxxxxxxxx
> Closes: https://lore.kernel.org/netdev/67cb88d1.050a0220.d8275.022d.GAE@xxxxxxxxxx/T/#u
Ah, yes, I was waiting for a repro, but should have attached the proper
tags, thanks!
