[PATCH v5 01/14] nvmet-fcloop: track ref counts for nports
Daniel Wagner
dwagner at suse.de
Thu Apr 24 04:13:48 PDT 2025
On Thu, Apr 24, 2025 at 12:08:33PM +0200, Hannes Reinecke wrote:
> > + nport = fcloop_nport_lookup(nodename, portname);
> > + if (!nport)
> > + return -ENOENT;
> > + spin_lock_irqsave(&fcloop_lock, flags);
> > + tport = __unlink_target_port(nport);
> > spin_unlock_irqrestore(&fcloop_lock, flags);
> Hmm. This now has a race condition; we're taking the lock
> during lokup, drop the lock, take the lock again, and unlink
> the port.
> Please do a __fcloop_nport_lookup() function which doesn't
> take a lock and avoid this race.
The lock is protecting the list iteration not the object itself. The
lookup function will increase the refcount, so it doesn't get freed
after the unlock. How is this racing?
More information about the Linux-nvme
mailing list