lagg: wrap lagg_port2req() into LAGG_SLOCK()
ClosedPublic
Actions

Authored by glebius on Jan 18 2024, 7:20 PM.

Details

Reviewers

zlei
gallatin
kp
ae
jtl

Group Reviewers

network

Commits

rG48698ead6ff0: lagg: wrap lagg_port2req() into LAGG_SLOCK()

Summary

Although a port addition is coded in a sequence where first all softc
information is fulfilled and only then it is attached to the lagg, we
still need a locking primitive to guarantee cache invalidation. Panic
observed in the wild shows that lacp_portreq() called via
lagg_port_ioctl(SIOCGLAGGPORT) immediately after port creation may see
lp->lp_psc as NULL and panic. In the core file we will see valid data
all around. A race via lagg_ioctl() wasn't observed but potentially
is possible.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

glebius created this revision.Jan 18 2024, 7:20 PM

Herald added subscribers: melifaro, imp. · View Herald TranscriptJan 18 2024, 7:20 PM

glebius requested review of this revision.Jan 18 2024, 7:20 PM

Harbormaster completed remote builds in B55483: Diff 132950.Jan 18 2024, 7:20 PM

zlei added inline comments.Jan 19 2024, 3:37 AM

sys/net/if_lagg.c
1049	`ifunit()` calls `CK_STAILQ_FOREACH()` so I guess there should not be cache invalidation issues. I'm getting confused.

glebius added inline comments.Jan 22 2024, 10:00 PM

sys/net/if_lagg.c
1049	This isn't related to ifunit() at all. The whole code path of SIOCGLAGGPORT goes lockless. The syscall enters lacp_portreq() without taking any locks. There it may see a NULL lp->lp_psc and panic. The CPU the syscall executes on did not take any measures to synchronize the the CPU that did lacp_port_create() and assigned lp_psc to a value.