From patchwork Fri Jan 24 20:47:05 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 3535951 Return-Path: X-Original-To: patchwork-ocfs2-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 96135C02DC for ; Fri, 24 Jan 2014 20:48:18 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id EA1AE20123 for ; Fri, 24 Jan 2014 20:48:13 +0000 (UTC) Received: from aserp1040.oracle.com (aserp1040.oracle.com [141.146.126.69]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 7922820161 for ; Fri, 24 Jan 2014 20:48:08 +0000 (UTC) Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by aserp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s0OKlvW8022178 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Fri, 24 Jan 2014 20:47:58 GMT Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s0OKlvsP029268 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Fri, 24 Jan 2014 20:47:57 GMT Received: from localhost ([127.0.0.1] helo=oss.oracle.com) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1W6nfR-0003mo-07; Fri, 24 Jan 2014 12:47:57 -0800 Received: from acsinet21.oracle.com ([141.146.126.237]) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1W6nee-0003ho-Ii for ocfs2-devel@oss.oracle.com; Fri, 24 Jan 2014 12:47:08 -0800 Received: from userp1030.oracle.com (userp1030.oracle.com [156.151.31.80]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s0OKl7vq027875 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Fri, 24 Jan 2014 20:47:08 GMT Received: from mail-yk0-f202.google.com (mail-yk0-f202.google.com [209.85.160.202]) by userp1030.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s0OKl6Wc023666 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK) for ; Fri, 24 Jan 2014 20:47:07 GMT Received: by mail-yk0-f202.google.com with SMTP id 131so1136575ykp.1 for ; Fri, 24 Jan 2014 12:47:06 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:cc:from:date:mime-version :content-type:content-transfer-encoding:message-id; bh=erQw6xUC/XvxvouoEj9NGpyfI8IUb2hmL8rMLuHB0NU=; b=ew8+dDi0AVGa05xoCE7GDCwMdU5klN3VE1yqkMETjV3Ftv9gded9usGN0hAkhM6fqU P89kmw9KUPJPvinaTlZJj/9NKrLYM55nj8HEMy7dILh+hD0m8QH5TRiKKv8v0KmlfrAW vZqvB6NI+bX5UbjYkE40ALlfqwXo8ux3EFmQB1ebBRFBIfclkP92KKmTvAP+Iwh4Tr2P MQb/Pj3o9rystifdBg0POjx2glGzFoFML2REX6ja6RaWZEwF+TKnxl6yXsdPtywrNa5V e3F3cNowbreAVmge5kikNn6F9RGj1Gt9UQNPNBIgSyc+TaroOiHk/s4LwxUy1tigoeVV v6iw== X-Gm-Message-State: ALoCoQkdeXwMIyHUcgJN4YR9FGox//6jppDJwHlDqADknklThmJlW51kgkXGyMJvv9tAw4GMgzdL X-Received: by 10.58.107.198 with SMTP id he6mr5736191veb.2.1390596426594; Fri, 24 Jan 2014 12:47:06 -0800 (PST) Received: from corp2gmr1-2.hot.corp.google.com (corp2gmr1-2.hot.corp.google.com [172.24.189.93]) by gmr-mx.google.com with ESMTPS id d9si148592yhl.2.2014.01.24.12.47.06 for (version=TLSv1.1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Fri, 24 Jan 2014 12:47:06 -0800 (PST) Received: from localhost.localdomain (akpm3.mtv.corp.google.com [172.17.131.127]) by corp2gmr1-2.hot.corp.google.com (Postfix) with ESMTP id E43E65A4203; Fri, 24 Jan 2014 12:47:05 -0800 (PST) To: ocfs2-devel@oss.oracle.com From: akpm@linux-foundation.org Date: Fri, 24 Jan 2014 12:47:05 -0800 MIME-Version: 1.0 Message-Id: <20140124204705.E43E65A4203@corp2gmr1-2.hot.corp.google.com> X-Flow-Control-Info: class=Pass-to-MM reputation=ipRisk-All ip=209.85.160.202 ct-class=R6 ct-vol1=0 ct-vol2=0 ct-vol3=0 ct-risk=68 ct-spam1=0 ct-spam2=0 ct-bulk=0 rcpts=1 size=2696 X-SPF-Info: PASS::mail-yk0-f202.google.com X-Sendmail-CM-Score: 0.00% X-Sendmail-CM-Analysis: v=2.1 cv=LpmrlBtc c=1 sm=1 tr=0 a=KuQAKfTBe1t0skOjdBJ24Q==:117 a=pKjvOmu2eXUA:10 a=NEiEQogP1MkA:10 a=os2CZ2fo8YAA:10 a=Z4Rwk6OoAAAA:8 a=1XWaLZrsAAAA:8 a=yPCof4ZbAAAA:8 a=joFl4FKkruoA:10 a=IXr_WNlcAAAA:8 a=iox4zFpeAAAA:8 a=WnQWLQ4DOG3nJC9 9kGAA:9 a=e4xtJxf3HDoA:10 a=7DSvI1NPTFQA:10 a=T5ZRoNnfl4MA:10 a=n9GBPR9yFnkA:10 a=jbrJJM5MRmoA:10 X-Sendmail-CT-Classification: not spam X-Sendmail-CT-RefID: str=0001.0A090203.52E2D14B.0096, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0 Cc: mfasheh@suse.com Subject: [Ocfs2-devel] [patch 06/11] ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN X-BeenThere: ocfs2-devel@oss.oracle.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ocfs2-devel-bounces@oss.oracle.com Errors-To: ocfs2-devel-bounces@oss.oracle.com X-Source-IP: acsinet21.oracle.com [141.146.126.237] X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Tariq Saeed Subject: ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN Orabug: 17330860 When accepting an incomming connection o2net_accept_one clones a child data socket from the parent listening socket. It then proceeds to setup the child with callback o2net_data_ready() and sk_user_data to NULL. If data arrives in this window, o2net_listen_data_ready will be called with some non-deterministic value in sk_user_data (not inherited). We panic when we page fault on sk_user_data -- in parent it is sock_def_readable(). The fix is to recognize that this is a data socket being set up by looking at the socket state and do nothing. Signed-off-by: Tariq Saseed Signed-off-by: Srinivas Eeda Cc: Joel Becker Cc: Mark Fasheh Signed-off-by: Andrew Morton Signed-off-by: Mark Fasheh Reviewed-by: is the appropriate tag in this case? Reviewed-by: Mark Fasheh --- fs/ocfs2/cluster/tcp.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff -puN fs/ocfs2/cluster/tcp.c~ocfs2-o2net-o2net_listen_data_ready-should-do-nothing-if-socket-state-is-not-tcp_listen fs/ocfs2/cluster/tcp.c --- a/fs/ocfs2/cluster/tcp.c~ocfs2-o2net-o2net_listen_data_ready-should-do-nothing-if-socket-state-is-not-tcp_listen +++ a/fs/ocfs2/cluster/tcp.c @@ -1973,18 +1973,30 @@ static void o2net_listen_data_ready(stru goto out; } - /* ->sk_data_ready is also called for a newly established child socket - * before it has been accepted and the acceptor has set up their - * data_ready.. we only want to queue listen work for our listening - * socket */ + /* This callback may called twice when a new connection + * is being established as a child socket inherits everything + * from a parent LISTEN socket, including the data_ready cb of + * the parent. This leads to a hazard. In o2net_accept_one() + * we are still initializing the child socket but have not + * changed the inherited data_ready callback yet when + * data starts arriving. + * We avoid this hazard by checking the state. + * For the listening socket, the state will be TCP_LISTEN; for the new + * socket, will be TCP_ESTABLISHED. Also, in this case, + * sk->sk_user_data is not a valid function pointer. + */ + if (sk->sk_state == TCP_LISTEN) { mlog(ML_TCP, "bytes: %d\n", bytes); queue_work(o2net_wq, &o2net_listen_work); + } else { + ready = NULL; } out: read_unlock(&sk->sk_callback_lock); - ready(sk, bytes); + if (ready != NULL) + ready(sk, bytes); } static int o2net_open_listening_sock(__be32 addr, __be16 port)