From: Cong Wang <xiyou.wangc...@gmail.com>
Date: Fri, 2 Oct 2020 12:13:34 -0700
> Although we take RTNL on dump path, it is possible to
> skip RTNL on insertion path. So the following race condition
> is possible:
>
> rtnl_lock() // no rtnl lock
> mutex_lock(&idrinfo->lock);
> // insert ERR_PTR(-EBUSY)
> mutex_unlock(&idrinfo->lock);
> tc_dump_action()
> rtnl_unlock()
>
> So we have to skip those temporary -EBUSY entries on dump path
> too.
>
> Reported-and-tested-by: syzbot+b47bc4f247856fb4d...@syzkaller.appspotmail.com
> Fixes: 0fedc63fadf0 ("net_sched: commit action insertions together")
> Cc: Vlad Buslov <vla...@mellanox.com>
> Cc: Jamal Hadi Salim <j...@mojatatu.com>
> Cc: Jiri Pirko <j...@resnulli.us>
> Signed-off-by: Cong Wang <xiyou.wangc...@gmail.com>
Applied and queued up for -stable.
