Skip to content

Commit 145686b

Browse files
Ursula Braundavem330
Ursula Braun
authored and
davem330
committed
smc: fix mutex unlocks during link group creation
Link group creation is synchronized with the smc_create_lgr_pending lock. In smc_listen_work() this mutex is sometimes unlocked, even though it has not been locked before. This issue will surface in presence of the SMC rendezvous code. Signed-off-by: Ursula Braun <[email protected]> Signed-off-by: David S. Miller <[email protected]>
1 parent 3fc27b7 commit 145686b

File tree

1 file changed

+15
-11
lines changed

1 file changed

+15
-11
lines changed

net/smc/af_smc.c

Lines changed: 15 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -808,15 +808,15 @@ static void smc_listen_work(struct work_struct *work)
808808
rc = local_contact;
809809
if (rc == -ENOMEM)
810810
reason_code = SMC_CLC_DECL_MEM;/* insufficient memory*/
811-
goto decline_rdma;
811+
goto decline_rdma_unlock;
812812
}
813813
link = &new_smc->conn.lgr->lnk[SMC_SINGLE_LINK];
814814

815815
/* create send buffer and rmb */
816816
rc = smc_buf_create(new_smc);
817817
if (rc) {
818818
reason_code = SMC_CLC_DECL_MEM;
819-
goto decline_rdma;
819+
goto decline_rdma_unlock;
820820
}
821821

822822
smc_close_init(new_smc);
@@ -831,58 +831,58 @@ static void smc_listen_work(struct work_struct *work)
831831
buf_desc->mr_rx[SMC_SINGLE_LINK]);
832832
if (rc) {
833833
reason_code = SMC_CLC_DECL_INTERR;
834-
goto decline_rdma;
834+
goto decline_rdma_unlock;
835835
}
836836
}
837837
}
838838
smc_rmb_sync_sg_for_device(&new_smc->conn);
839839

840840
rc = smc_clc_send_accept(new_smc, local_contact);
841841
if (rc)
842-
goto out_err;
842+
goto out_err_unlock;
843843

844844
/* receive SMC Confirm CLC message */
845845
reason_code = smc_clc_wait_msg(new_smc, &cclc, sizeof(cclc),
846846
SMC_CLC_CONFIRM);
847847
if (reason_code < 0)
848-
goto out_err;
848+
goto out_err_unlock;
849849
if (reason_code > 0)
850-
goto decline_rdma;
850+
goto decline_rdma_unlock;
851851
smc_conn_save_peer_info(new_smc, &cclc);
852852
if (local_contact == SMC_FIRST_CONTACT)
853853
smc_link_save_peer_info(link, &cclc);
854854

855855
rc = smc_rmb_rtoken_handling(&new_smc->conn, &cclc);
856856
if (rc) {
857857
reason_code = SMC_CLC_DECL_INTERR;
858-
goto decline_rdma;
858+
goto decline_rdma_unlock;
859859
}
860860

861861
if (local_contact == SMC_FIRST_CONTACT) {
862862
rc = smc_ib_ready_link(link);
863863
if (rc) {
864864
reason_code = SMC_CLC_DECL_INTERR;
865-
goto decline_rdma;
865+
goto decline_rdma_unlock;
866866
}
867867
/* QP confirmation over RoCE fabric */
868868
reason_code = smc_serv_conf_first_link(new_smc);
869869
if (reason_code < 0) {
870870
/* peer is not aware of a problem */
871871
rc = reason_code;
872-
goto out_err;
872+
goto out_err_unlock;
873873
}
874874
if (reason_code > 0)
875-
goto decline_rdma;
875+
goto decline_rdma_unlock;
876876
}
877877

878878
smc_tx_init(new_smc);
879+
mutex_unlock(&smc_create_lgr_pending);
879880

880881
out_connected:
881882
sk_refcnt_debug_inc(newsmcsk);
882883
if (newsmcsk->sk_state == SMC_INIT)
883884
newsmcsk->sk_state = SMC_ACTIVE;
884885
enqueue:
885-
mutex_unlock(&smc_create_lgr_pending);
886886
lock_sock_nested(&lsmc->sk, SINGLE_DEPTH_NESTING);
887887
if (lsmc->sk.sk_state == SMC_LISTEN) {
888888
smc_accept_enqueue(&lsmc->sk, newsmcsk);
@@ -896,6 +896,8 @@ static void smc_listen_work(struct work_struct *work)
896896
sock_put(&lsmc->sk); /* sock_hold in smc_tcp_listen_work */
897897
return;
898898

899+
decline_rdma_unlock:
900+
mutex_unlock(&smc_create_lgr_pending);
899901
decline_rdma:
900902
/* RDMA setup failed, switch back to TCP */
901903
smc_conn_free(&new_smc->conn);
@@ -907,6 +909,8 @@ static void smc_listen_work(struct work_struct *work)
907909
}
908910
goto out_connected;
909911

912+
out_err_unlock:
913+
mutex_unlock(&smc_create_lgr_pending);
910914
out_err:
911915
newsmcsk->sk_state = SMC_CLOSED;
912916
smc_conn_free(&new_smc->conn);

0 commit comments

Comments
 (0)