From 60ca1ed044669b1ed382515d642cd05aa4792f15 Mon Sep 17 00:00:00 2001
From: "Jason A. Donenfeld" <Jason@zx2c4.com>
Date: Wed, 11 Oct 2017 03:07:40 +0200
Subject: receive: disable bh before using stats seq lock
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Otherwise we might get a situation like this:

       CPU0                    CPU1
       ----                    ----
  lock(tstats lock);
                               local_irq_disable();
                               lock(queue lock);
                               lock(tstats lock);
  <Interrupt>
    lock(queue lock);

CPU1 is waiting for CPU0 to release tstats lock. But CPU0, in the
interrupt handler, is waiting for CPU1 to release queue lock. The
solution is to disable interrupts on CPU0, so that this can't happen.

Note that this only affects 32-bit, since u64_stats_update_begin nops
out on native 64-bit platforms.

Reported-by: René van Dorst <opensource@vdorst.com>
---
 src/receive.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/receive.c b/src/receive.c
index 3ad790b..6efbc08 100644
--- a/src/receive.c
+++ b/src/receive.c
@@ -13,6 +13,7 @@
 #include <linux/udp.h>
 #include <net/ip_tunnels.h>
 
+/* Must be called with bh disabled. */
 static inline void rx_stats(struct wireguard_peer *peer, size_t len)
 {
 	struct pcpu_sw_netstats *tstats = get_cpu_ptr(peer->device->dev->tstats);
@@ -150,7 +151,10 @@ static void receive_handshake_packet(struct wireguard_device *wg, struct sk_buff
 
 	BUG_ON(!peer);
 
+	local_bh_disable();
 	rx_stats(peer, skb->len);
+	local_bh_enable();
+
 	timers_any_authenticated_packet_received(peer);
 	timers_any_authenticated_packet_traversal(peer);
 	peer_put(peer);
-- 
cgit v1.2.3-59-g8ed1b