mirror of
https://github.com/FEX-Emu/linux.git
synced 2024-12-18 15:09:53 +00:00
SUNRPC: Ensure we release the socket write lock if the rpc_task exits early
If the rpc_task exits while holding the socket write lock before it has allocated an rpc slot, then the usual mechanism for releasing the write lock in xprt_release() is defeated. The problem occurs if the call to xprt_lock_write() initially fails, so that the rpc_task is put on the xprt->sending wait queue. If the task exits after being assigned the lock by __xprt_lock_write_func, but before it has retried the call to xprt_lock_and_alloc_slot(), then it calls xprt_release() while holding the write lock, but will immediately exit due to the test for task->tk_rqstp != NULL. Reported-by: Chris Perl <chris.perl@gmail.com> Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com> Cc: stable@vger.kernel.org [>= 3.1]
This commit is contained in:
parent
d287b8750e
commit
87ed50036b
@ -972,8 +972,7 @@ static void rpc_async_release(struct work_struct *work)
|
||||
|
||||
static void rpc_release_resources_task(struct rpc_task *task)
|
||||
{
|
||||
if (task->tk_rqstp)
|
||||
xprt_release(task);
|
||||
xprt_release(task);
|
||||
if (task->tk_msg.rpc_cred) {
|
||||
put_rpccred(task->tk_msg.rpc_cred);
|
||||
task->tk_msg.rpc_cred = NULL;
|
||||
|
@ -1136,10 +1136,18 @@ static void xprt_request_init(struct rpc_task *task, struct rpc_xprt *xprt)
|
||||
void xprt_release(struct rpc_task *task)
|
||||
{
|
||||
struct rpc_xprt *xprt;
|
||||
struct rpc_rqst *req;
|
||||
struct rpc_rqst *req = task->tk_rqstp;
|
||||
|
||||
if (!(req = task->tk_rqstp))
|
||||
if (req == NULL) {
|
||||
if (task->tk_client) {
|
||||
rcu_read_lock();
|
||||
xprt = rcu_dereference(task->tk_client->cl_xprt);
|
||||
if (xprt->snd_task == task)
|
||||
xprt_release_write(xprt, task);
|
||||
rcu_read_unlock();
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
xprt = req->rq_xprt;
|
||||
if (task->tk_ops->rpc_count_stats != NULL)
|
||||
|
Loading…
Reference in New Issue
Block a user