[PATCH] af_rxrpc accept race (was: RxRPC: 3 issues found in my example code)
Tim Smith
tim at electronghost.co.uk
Tue May 13 12:54:56 PDT 2014
On Tuesday 13 May 2014 10:31:54 David Howells wrote:
> Tim Smith <tim at electronghost.co.uk> wrote:
> > rxrpc_setup_incoming_call() is static and is called only from
> > rxrpc_accept_incoming_call(), which already contains this check.
>
> But no lock is held that prevents the state from changing in
> rxrpc_release_sock(). Further, you may have slept in the course of
> allocating memory.
>
> You've also taken away the lock (local->services_lock) that prevents the
> service from being removed whilst we're trying to give it the new call -
> which may mean you add the new call *after* rxrpc_release_calls_on_socket()
> has run in the release path because rxrpc_release_sock() doesn't hold
> rx->call_lock in and of itself.
OK, so the correct thing to attempt to reduce the lockage would be to
1) allocate memory for the call (need it no matter what)
2) take the lock for the service.
If it's not being removed give it the call
If it *is* being removed drop the lock & make a new one.
First I must fix the accept race correctly though.
--
Tim Smith <tim at electronghost.co.uk>
"Hey, I'm the Doctor! I can save the universe with a kettle and some
string! And look at me, I'm wearing a vegetable."
-- The Doctor, talking to himself
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.infradead.org/pipermail/linux-afs/attachments/20140513/4673519e/attachment.sig>
More information about the linux-afs
mailing list