git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Sabrina Dubroca <sd@queasysnail.net>
	Fri, 23 May 2025 15:11:18 +0000 (17:11 +0200)
committer	Steffen Klassert <steffen.klassert@secunet.com>
	Tue, 3 Jun 2025 13:39:57 +0000 (15:39 +0200)
commit	7eb11c0ab70777b9e5145a5ba1c0a2312c3980b2
tree	1b2bbdde98c7f1f4ca6f253be5edf1dace39c150	tree
parent	94d077c331730510d5611b438640a292097341f0	commit \| diff

xfrm: state: use a consistent pcpu_id in xfrm_state_find

If we get preempted during xfrm_state_find, we could run
xfrm_state_look_at using a different pcpu_id than the one
xfrm_state_find saw. This could lead to ignoring states that should
have matched, and triggering acquires on a CPU that already has a pcpu
state.

    xfrm_state_find starts on CPU1
    pcpu_id = 1
    lookup starts
    <preemption, we're now on CPU2>
    xfrm_state_look_at pcpu_id = 2
       finds a state
found:
    best->pcpu_num != pcpu_id (2 != 1)
    if (!x && !error && !acquire_in_progress) {
        ...
        xfrm_state_alloc
        xfrm_init_tempstate
        ...

This can be avoided by passing the original pcpu_id down to all
xfrm_state_look_at() calls.

Also switch to raw_smp_processor_id, disabling preempting just to
re-enable it immediately doesn't really make sense.

Fixes: 1ddf9916ac09 ("xfrm: Add support for per cpu xfrm state handling.")
Signed-off-by: Sabrina Dubroca <sd@queasysnail.net>
Reviewed-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>