KCSAN: data-race in packet_do_bind / packet

KCSAN: data-race in packet_do_bind / packet_getname (5)
Status: internal: reported on 2021/06/15 14:39
Reported-by: syzbot+@syzkaller.appspotmail.com
Fix commit: e032f7c9c7ce net/packet: annotate accesses to po->ifindex
Patched on: [ci-qemu-upstream ci-qemu-upstream-386 ci-qemu2-arm64 ci-qemu2-arm64-compat ci-qemu2-arm64-mte ci-qemu2-riscv64 ci-upstream-bpf-kasan-gce ci-upstream-bpf-next-kasan-gce ci-upstream-gce-leak ci-upstream-kasan-gce ci-upstream-kasan-gce-386 ci-upstream-kasan-gce-root ci-upstream-kasan-gce-selinux-root ci-upstream-kasan-gce-smack-root ci-upstream-kmsan-gce ci-upstream-kmsan-gce-386 ci-upstream-linux-next-kasan-gce-root ci-upstream-net-kasan-gce ci-upstream-net-this-kasan-gce ci2-upstream-kcsan-gce ci2-upstream-usb], missing on: [ci-qemu2-arm32]
First crash: 118d, last: 39d

similar bugs (4):
Kernel	Title	Count	Last	Reported	Patched	Status
upstream	KCSAN: data-race in packet_do_bind / packet_getname	16	539d	637d	0/22	auto-closed as invalid on 2020/04/11 02:48
upstream	KCSAN: data-race in packet_do_bind / packet_getname (3)	8	323d	360d	0/22	auto-closed as invalid on 2020/10/09 06:50
upstream	KCSAN: data-race in packet_do_bind / packet_getname (2)	2	432d	454d	0/22	closed as invalid on 2020/06/18 14:24
upstream	KCSAN: data-race in packet_do_bind / packet_getname (4)	5	175d	225d	0/22	auto-closed as invalid on 2021/03/06 13:33

Sample crash report:

==================================================================
BUG: KCSAN: data-race in packet_do_bind / packet_getname

write to 0xffff888143ce3cbc of 4 bytes by task 25573 on cpu 1:
 packet_do_bind+0x420/0x7e0 net/packet/af_packet.c:3191
 packet_bind+0xc3/0xd0 net/packet/af_packet.c:3255
 __sys_bind+0x200/0x290 net/socket.c:1637
 __do_sys_bind net/socket.c:1648 [inline]
 __se_sys_bind net/socket.c:1646 [inline]
 __x64_sys_bind+0x3d/0x50 net/socket.c:1646
 do_syscall_64+0x4a/0x90 arch/x86/entry/common.c:47
 entry_SYSCALL_64_after_hwframe+0x44/0xae

read to 0xffff888143ce3cbc of 4 bytes by task 25578 on cpu 0:
 packet_getname+0x5b/0x1a0 net/packet/af_packet.c:3525
 __sys_getsockname+0x10e/0x1a0 net/socket.c:1887
 __do_sys_getsockname net/socket.c:1902 [inline]
 __se_sys_getsockname net/socket.c:1899 [inline]
 __x64_sys_getsockname+0x3e/0x50 net/socket.c:1899
 do_syscall_64+0x4a/0x90 arch/x86/entry/common.c:47
 entry_SYSCALL_64_after_hwframe+0x44/0xae

value changed: 0x00000000 -> 0x00000001

Reported by Kernel Concurrency Sanitizer on:
CPU: 0 PID: 25578 Comm: syz-executor.5 Not tainted 5.13.0-rc6-syzkaller #0
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
==================================================================

Crashes (4):
Manager	Time	Kernel	Commit	Syzkaller	Config	Log	Report	VM info	Title
ci2-upstream-kcsan-gce	2021/06/15 09:02	upstream	009c9aa5be65	1ba81399	.config	log	report	info	KCSAN: data-race in packet_do_bind / packet_getname
ci2-upstream-kcsan-gce	2021/05/11 23:23	upstream	88b06399c9c7	b3c3bb8e	.config	log	report	info	KCSAN: data-race in packet_do_bind / packet_getname
ci2-upstream-kcsan-gce	2021/04/07 10:53	upstream	2d743660786e	6a81331a	.config	log	report	info	KCSAN: data-race in packet_do_bind / packet_getname
ci2-upstream-kcsan-gce	2021/03/28 02:53	upstream	0f4498cef9f5	a8529b82	.config	log	report	info	KCSAN: data-race in packet_do_bind / packet_getname