git.kernel.dk Git - linux-block.git/commit

author	David Howells <dhowells@redhat.com>
	Wed, 12 Oct 2022 16:01:25 +0000 (17:01 +0100)
committer	David Howells <dhowells@redhat.com>
	Fri, 6 Jan 2023 09:43:31 +0000 (09:43 +0000)
commit	03fc55adf8761c546d72798264b019c9f672c578
tree	2b72384f6f9ea81038f6f68d8d47e6722238b6e0	tree \| snapshot
parent	a343b174b4bdde851033996960bca5ad1394d04b	commit \| diff

rxrpc: Only disconnect calls in the I/O thread

Only perform call disconnection in the I/O thread to reduce the locking
requirement.

This is the first part of a fix for a race that exists between call
connection and call disconnection whereby the data transmission code adds
the call to the peer error distribution list after the call has been
disconnected (say by the rxrpc socket getting closed).

The fix is to complete the process of moving call connection, data
transmission and call disconnection into the I/O thread and thus forcibly
serialising them.

Note that the issue may predate the overhaul to an I/O thread model that
were included in the merge window for v6.2, but the timing is very much
changed by the change given below.

Fixes: cf37b5987508 ("rxrpc: Move DATA transmission into call processor work item")
Reported-by: syzbot+c22650d2844392afdcfd@syzkaller.appspotmail.com
Signed-off-by: David Howells <dhowells@redhat.com>
cc: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org

include/trace/events/rxrpc.h		diff \| blob \| blame \| history
net/rxrpc/call_event.c		diff \| blob \| blame \| history
net/rxrpc/call_object.c		diff \| blob \| blame \| history
net/rxrpc/input.c		diff \| blob \| blame \| history
net/rxrpc/recvmsg.c		diff \| blob \| blame \| history