From patchwork Wed Mar 19 21:10:01 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 3861351 Return-Path: X-Original-To: patchwork-ocfs2-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 33DB4BF540 for ; Wed, 19 Mar 2014 21:10:39 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 57AD8201DE for ; Wed, 19 Mar 2014 21:10:38 +0000 (UTC) Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 4F87B201EC for ; Wed, 19 Mar 2014 21:10:37 +0000 (UTC) Received: from acsinet22.oracle.com (acsinet22.oracle.com [141.146.126.238]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s2JLAQUu009745 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 19 Mar 2014 21:10:27 GMT Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51]) by acsinet22.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s2JLAPl5017350 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 19 Mar 2014 21:10:25 GMT Received: from localhost ([127.0.0.1] helo=oss.oracle.com) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1WQNkn-0003CQ-IM; Wed, 19 Mar 2014 14:10:25 -0700 Received: from ucsinet21.oracle.com ([156.151.31.93]) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1WQNkS-0003AD-FC for ocfs2-devel@oss.oracle.com; Wed, 19 Mar 2014 14:10:04 -0700 Received: from aserp1030.oracle.com (aserp1030.oracle.com [141.146.126.68]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s2JLA3R7021804 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 19 Mar 2014 21:10:04 GMT Received: from mail-oa0-f74.google.com (mail-oa0-f74.google.com [209.85.219.74]) by aserp1030.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s2JLA25u016461 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=OK) for ; Wed, 19 Mar 2014 21:10:03 GMT Received: by mail-oa0-f74.google.com with SMTP id i7so1789457oag.3 for ; Wed, 19 Mar 2014 14:10:02 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:cc:from:date:mime-version :content-type:content-transfer-encoding:message-id; bh=mA0Xm5WQGIpLb8to1i8gz/W3MkxucRTsurhOe3wD+zQ=; b=WtL8evnojYQbxccFXb82TgQQ8aWTdau6ZDwRZoygGneo/GGE5tvCD1mb72145tFBzK sgWIvPV45G80hF5aX4nFFcjWdy/clwRTu7HHkm61ltjlg1U1hjHns/FwtZ0Ach0/jE14 FmrNH+Jg7mhRpYwQCOJCvkOodXg31Fh/zOdPqV8E3rxNBTCkeGerM5QQgMy3JPzedo6S 5FHGmMg17LvyhkPbq1e8Lhw80LmO1kMo73ftWfHuFbtyPmCkkBxG309YFvl3ocUkocQK Ubayo0TN7F/XrSZNOblo3FzrIThk5ysPyg4lRHaSx+ppRlsbJrUehf/RKf9CaKQUI+I9 fFFw== X-Gm-Message-State: ALoCoQnipM3eEoeIN9ahga0dqt1lzlOkzHv704L36fanrIIEwzMFQ/ePKxg1p3PyhH8z/HhZQ235 X-Received: by 10.182.126.137 with SMTP id my9mr1978603obb.13.1395263402758; Wed, 19 Mar 2014 14:10:02 -0700 (PDT) Received: from corp2gmr1-1.hot.corp.google.com (corp2gmr1-1.hot.corp.google.com [172.24.189.92]) by gmr-mx.google.com with ESMTPS id a66si1695492yhb.6.2014.03.19.14.10.02 for (version=TLSv1.1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 19 Mar 2014 14:10:02 -0700 (PDT) Received: from localhost.localdomain (akpm3.mtv.corp.google.com [172.17.131.127]) by corp2gmr1-1.hot.corp.google.com (Postfix) with ESMTP id B3B3831C1E1; Wed, 19 Mar 2014 14:10:01 -0700 (PDT) To: ocfs2-devel@oss.oracle.com From: akpm@linux-foundation.org Date: Wed, 19 Mar 2014 14:10:01 -0700 MIME-Version: 1.0 Message-Id: <20140319211001.B3B3831C1E1@corp2gmr1-1.hot.corp.google.com> X-Flow-Control-Info: class=Pass-to-MM reputation=ipRisk-All ip=209.85.219.74 ct-class=R5 ct-vol1=-98 ct-vol2=7 ct-vol3=6 ct-risk=50 ct-spam1=81 ct-spam2=8 ct-bulk=0 rcpts=1 size=2705 X-Sendmail-CM-Score: 0.00% X-Sendmail-CM-Analysis: v=2.1 cv=M6p0dUAs c=1 sm=1 tr=0 a=sEfDGsXKJPjMYcPlQbbHAw==:117 a=cIRLelQfaewA:10 a=NEiEQogP1MkA:10 a=os2CZ2fo8YAA:10 a=Z4Rwk6OoAAAA:8 a=1XWaLZrsAAAA:8 a=yPCof4ZbAAAA:8 a=iox4zFpeAAAA:8 a=IXr_WNlcAAAA:8 a=WnQWLQ4DOG3nJC99kGAA:9 a=e4xtJxf3 HDoA:10 a=7DSvI1NPTFQA:10 a=n9GBPR9yFnkA:10 a=T5ZRoNnfl4MA:10 a=jbrJJM5MRmoA:10 X-Sendmail-CT-RefID: str=0001.0A010204.532A07AB.0051, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0 X-Sendmail-CT-Classification: not spam Cc: mfasheh@suse.com Subject: [Ocfs2-devel] [patch 3/8] ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN X-BeenThere: ocfs2-devel@oss.oracle.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ocfs2-devel-bounces@oss.oracle.com Errors-To: ocfs2-devel-bounces@oss.oracle.com X-Source-IP: acsinet22.oracle.com [141.146.126.238] X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, T_RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: Tariq Saeed Subject: ocfs2/o2net: o2net_listen_data_ready should do nothing if socket state is not TCP_LISTEN Orabug: 17330860 When accepting an incomming connection o2net_accept_one clones a child data socket from the parent listening socket. It then proceeds to setup the child with callback o2net_data_ready() and sk_user_data to NULL. If data arrives in this window, o2net_listen_data_ready will be called with some non-deterministic value in sk_user_data (not inherited). We panic when we page fault on sk_user_data -- in parent it is sock_def_readable(). The fix is to recognize that this is a data socket being set up by looking at the socket state and do nothing. Signed-off-by: Tariq Saseed Signed-off-by: Srinivas Eeda Reviewed-by: Mark Fasheh Cc: Joel Becker Signed-off-by: Andrew Morton --- fs/ocfs2/cluster/tcp.c | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff -puN fs/ocfs2/cluster/tcp.c~ocfs2-o2net-o2net_listen_data_ready-should-do-nothing-if-socket-state-is-not-tcp_listen fs/ocfs2/cluster/tcp.c --- a/fs/ocfs2/cluster/tcp.c~ocfs2-o2net-o2net_listen_data_ready-should-do-nothing-if-socket-state-is-not-tcp_listen +++ a/fs/ocfs2/cluster/tcp.c @@ -1973,18 +1973,30 @@ static void o2net_listen_data_ready(stru goto out; } - /* ->sk_data_ready is also called for a newly established child socket - * before it has been accepted and the acceptor has set up their - * data_ready.. we only want to queue listen work for our listening - * socket */ + /* This callback may called twice when a new connection + * is being established as a child socket inherits everything + * from a parent LISTEN socket, including the data_ready cb of + * the parent. This leads to a hazard. In o2net_accept_one() + * we are still initializing the child socket but have not + * changed the inherited data_ready callback yet when + * data starts arriving. + * We avoid this hazard by checking the state. + * For the listening socket, the state will be TCP_LISTEN; for the new + * socket, will be TCP_ESTABLISHED. Also, in this case, + * sk->sk_user_data is not a valid function pointer. + */ + if (sk->sk_state == TCP_LISTEN) { mlog(ML_TCP, "bytes: %d\n", bytes); queue_work(o2net_wq, &o2net_listen_work); + } else { + ready = NULL; } out: read_unlock(&sk->sk_callback_lock); - ready(sk, bytes); + if (ready != NULL) + ready(sk, bytes); } static int o2net_open_listening_sock(__be32 addr, __be16 port)