26 Apr
2020
26 Apr
'20
7:58 p.m.
On Sun, Apr 26, 2020 at 1:52 PM Jason A. Donenfeld Jason@zx2c4.com wrote:
It looks like part of the issue might be that I call udp_tunnel6_xmit_skb while holding rcu_read_lock_bh, in drivers/net/wireguard/socket.c. But I think there's good reason to do so, and udp_tunnel6_xmit_skb should be rcu safe. In fact, every.single.other user of udp_tunnel6_xmit_skb in the kernel uses it with rcu locked. So, hm...
In the syzkaller log, it looks like several runs are hitting:
run #0: crashed: INFO: rcu detected stall in netlink_sendmsg
And other runs are hitting yet different functions. So actually, it's not clear that this is the fault of the call to udp_tunnel6_xmit_skb.