Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 61399191 authored by Sage Weil's avatar Sage Weil
Browse files

libceph: recheck con state after allocating incoming message 



We drop the lock when calling the ->alloc_msg() con op, which means
we need to (a) not clobber con->in_msg without the mutex held, and (b)
we need to verify that we are still in the OPEN state when we retake
it to avoid causing any mayhem.  If the state does change, -EAGAIN
will get us back to con_work() and loop.

Signed-off-by: default avatarSage Weil <sage@inktank.com>
Reviewed-by: default avatarAlex Elder <elder@inktank.com>
parent 4740a623

net/ceph/messenger.c

+8 −1
Original line number Diff line number Diff line
@@ -2735,9 +2735,16 @@ static int ceph_con_in_msg_alloc(struct ceph_connection *con, int *skip) 
	BUG_ON(con->in_msg != NULL);



	if (con->ops->alloc_msg) {

		struct ceph_msg *msg;



		mutex_unlock(&con->mutex);

		con->in_msg = con->ops->alloc_msg(con, hdr, skip);

		msg = con->ops->alloc_msg(con, hdr, skip);

		mutex_lock(&con->mutex);

		if (con->state != CON_STATE_OPEN) {

			ceph_msg_put(msg);

			return -EAGAIN;

		}

		con->in_msg = msg;

		if (con->in_msg) {

			con->in_msg->con = con->ops->get(con);

			BUG_ON(con->in_msg->con == NULL);