Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 12eb5137 authored by Steve Wise's avatar Steve Wise Committed by Doug Ledford
Browse files

iw_cxgb4: stop MPA_REPLY timer when disconnecting 



There exists a race where the application can setup a connection
and then disconnect it before iw_cxgb4 processes the fw4_ack
message.  For passive side connections, the fw4_ack message is
used to know when to stop the ep timer for MPA_REPLY messages.

If the application disconnects before the fw4_ack is handled then
c4iw_ep_disconnect() needs to clean up the timer state and stop the
timer before restarting it for the disconnect timer.  Failure to do this
results in a "timer already started" message and a premature stopping
of the disconnect timer.

Fixes: e4b76a2a ("RDMA/iw_cxgb4: stop_ep_timer() after MPA negotiation")

Signed-off-by: default avatarSteve Wise <swise@opengridcomputing.com>
Signed-off-by: default avatarDoug Ledford <dledford@redhat.com>
parent cea05ead

drivers/infiniband/hw/cxgb4/cm.c

+11 −1
Original line number Original line Diff line number Diff line
@@ -3068,9 +3068,9 @@ static int fw4_ack(struct c4iw_dev *dev, struct sk_buff *skb) 
		PDBG("%s last streaming msg ack ep %p tid %u state %u "

		PDBG("%s last streaming msg ack ep %p tid %u state %u "

		     "initiator %u freeing skb\n", __func__, ep, ep->hwtid,

		     "initiator %u freeing skb\n", __func__, ep, ep->hwtid,

		     state_read(&ep->com), ep->mpa_attr.initiator ? 1 : 0);

		     state_read(&ep->com), ep->mpa_attr.initiator ? 1 : 0);

		mutex_lock(&ep->com.mutex);

		kfree_skb(ep->mpa_skb);

		kfree_skb(ep->mpa_skb);

		ep->mpa_skb = NULL;

		ep->mpa_skb = NULL;

		mutex_lock(&ep->com.mutex);

		if (test_bit(STOP_MPA_TIMER, &ep->com.flags))

		if (test_bit(STOP_MPA_TIMER, &ep->com.flags))

			stop_ep_timer(ep);

			stop_ep_timer(ep);

		mutex_unlock(&ep->com.mutex);

		mutex_unlock(&ep->com.mutex);
@@ -3647,6 +3647,16 @@ int c4iw_ep_disconnect(struct c4iw_ep *ep, int abrupt, gfp_t gfp) 
			ep->com.state = ABORTING;

			ep->com.state = ABORTING;

		else {

		else {

			ep->com.state = CLOSING;

			ep->com.state = CLOSING;



			/*

			 * if we close before we see the fw4_ack() then we fix

			 * up the timer state since we're reusing it.

			 */

			if (ep->mpa_skb &&

			    test_bit(STOP_MPA_TIMER, &ep->com.flags)) {

				clear_bit(STOP_MPA_TIMER, &ep->com.flags);

				stop_ep_timer(ep);

			}

			start_ep_timer(ep);

			start_ep_timer(ep);

		}

		}

		set_bit(CLOSE_SENT, &ep->com.flags);

		set_bit(CLOSE_SENT, &ep->com.flags);