Commit ad6b1340 authored by Stanislav Kinsbursky's avatar Stanislav Kinsbursky Committed by Trond Myklebust

SUNRPC: fix pipe->ops cleanup on pipe dentry unlink

This patch looks late due to GSS AUTH patches sent already. But it fixes a flaw
in RPC PipeFS pipes handling.
I've added this patch in the series, because this series related to pipes. But
it should be a part of previous series named "SUNPRC: cleanup PipeFS for
network-namespace-aware users".

Pipe dentry can be created and destroyed many times during pipe life cycle.
This actually means, that we can't set pipe->ops to NULL in rpc_close_pipes()
and use this variable as a flag, indicating, that pipe's dentry is unlinking.
To follow this restriction, this patch replaces "pipe->ops = NULL" assignment
and checks for NULL with "pipe->dentry = NULL" assignment and checks for
NULL respectively.
This patch also removes check for non-NULL pipe->ops (or pipe->dentry) in
rpc_close_pipes() because it always non-NULL now.
Signed-off-by: default avatarStanislav Kinsbursky <skinsbursky@parallels.com>
Signed-off-by: default avatarTrond Myklebust <Trond.Myklebust@netapp.com>
parent 39cb67b9
...@@ -86,10 +86,6 @@ rpc_timeout_upcall_queue(struct work_struct *work) ...@@ -86,10 +86,6 @@ rpc_timeout_upcall_queue(struct work_struct *work)
void (*destroy_msg)(struct rpc_pipe_msg *); void (*destroy_msg)(struct rpc_pipe_msg *);
spin_lock(&pipe->lock); spin_lock(&pipe->lock);
if (pipe->ops == NULL) {
spin_unlock(&pipe->lock);
return;
}
destroy_msg = pipe->ops->destroy_msg; destroy_msg = pipe->ops->destroy_msg;
if (pipe->nreaders == 0) { if (pipe->nreaders == 0) {
list_splice_init(&pipe->pipe, &free_list); list_splice_init(&pipe->pipe, &free_list);
...@@ -135,8 +131,6 @@ rpc_queue_upcall(struct rpc_pipe *pipe, struct rpc_pipe_msg *msg) ...@@ -135,8 +131,6 @@ rpc_queue_upcall(struct rpc_pipe *pipe, struct rpc_pipe_msg *msg)
int res = -EPIPE; int res = -EPIPE;
spin_lock(&pipe->lock); spin_lock(&pipe->lock);
if (pipe->ops == NULL)
goto out;
if (pipe->nreaders) { if (pipe->nreaders) {
list_add_tail(&msg->list, &pipe->pipe); list_add_tail(&msg->list, &pipe->pipe);
pipe->pipelen += msg->len; pipe->pipelen += msg->len;
...@@ -150,7 +144,6 @@ rpc_queue_upcall(struct rpc_pipe *pipe, struct rpc_pipe_msg *msg) ...@@ -150,7 +144,6 @@ rpc_queue_upcall(struct rpc_pipe *pipe, struct rpc_pipe_msg *msg)
pipe->pipelen += msg->len; pipe->pipelen += msg->len;
res = 0; res = 0;
} }
out:
spin_unlock(&pipe->lock); spin_unlock(&pipe->lock);
wake_up(&pipe->waitq); wake_up(&pipe->waitq);
return res; return res;
...@@ -167,27 +160,23 @@ static void ...@@ -167,27 +160,23 @@ static void
rpc_close_pipes(struct inode *inode) rpc_close_pipes(struct inode *inode)
{ {
struct rpc_pipe *pipe = RPC_I(inode)->pipe; struct rpc_pipe *pipe = RPC_I(inode)->pipe;
const struct rpc_pipe_ops *ops;
int need_release; int need_release;
LIST_HEAD(free_list);
mutex_lock(&inode->i_mutex); mutex_lock(&inode->i_mutex);
ops = pipe->ops; spin_lock(&pipe->lock);
if (ops != NULL) { need_release = pipe->nreaders != 0 || pipe->nwriters != 0;
LIST_HEAD(free_list); pipe->nreaders = 0;
spin_lock(&pipe->lock); list_splice_init(&pipe->in_upcall, &free_list);
need_release = pipe->nreaders != 0 || pipe->nwriters != 0; list_splice_init(&pipe->pipe, &free_list);
pipe->nreaders = 0; pipe->pipelen = 0;
list_splice_init(&pipe->in_upcall, &free_list); pipe->dentry = NULL;
list_splice_init(&pipe->pipe, &free_list); spin_unlock(&pipe->lock);
pipe->pipelen = 0; rpc_purge_list(pipe, &free_list, pipe->ops->destroy_msg, -EPIPE);
pipe->ops = NULL; pipe->nwriters = 0;
spin_unlock(&pipe->lock); if (need_release && pipe->ops->release_pipe)
rpc_purge_list(pipe, &free_list, ops->destroy_msg, -EPIPE); pipe->ops->release_pipe(inode);
pipe->nwriters = 0; cancel_delayed_work_sync(&pipe->queue_timeout);
if (need_release && ops->release_pipe)
ops->release_pipe(inode);
cancel_delayed_work_sync(&pipe->queue_timeout);
}
rpc_inode_setowner(inode, NULL); rpc_inode_setowner(inode, NULL);
mutex_unlock(&inode->i_mutex); mutex_unlock(&inode->i_mutex);
} }
...@@ -223,7 +212,7 @@ rpc_pipe_open(struct inode *inode, struct file *filp) ...@@ -223,7 +212,7 @@ rpc_pipe_open(struct inode *inode, struct file *filp)
int res = -ENXIO; int res = -ENXIO;
mutex_lock(&inode->i_mutex); mutex_lock(&inode->i_mutex);
if (pipe->ops == NULL) if (pipe->dentry == NULL)
goto out; goto out;
first_open = pipe->nreaders == 0 && pipe->nwriters == 0; first_open = pipe->nreaders == 0 && pipe->nwriters == 0;
if (first_open && pipe->ops->open_pipe) { if (first_open && pipe->ops->open_pipe) {
...@@ -249,7 +238,7 @@ rpc_pipe_release(struct inode *inode, struct file *filp) ...@@ -249,7 +238,7 @@ rpc_pipe_release(struct inode *inode, struct file *filp)
int last_close; int last_close;
mutex_lock(&inode->i_mutex); mutex_lock(&inode->i_mutex);
if (pipe->ops == NULL) if (pipe->dentry == NULL)
goto out; goto out;
msg = filp->private_data; msg = filp->private_data;
if (msg != NULL) { if (msg != NULL) {
...@@ -290,7 +279,7 @@ rpc_pipe_read(struct file *filp, char __user *buf, size_t len, loff_t *offset) ...@@ -290,7 +279,7 @@ rpc_pipe_read(struct file *filp, char __user *buf, size_t len, loff_t *offset)
int res = 0; int res = 0;
mutex_lock(&inode->i_mutex); mutex_lock(&inode->i_mutex);
if (pipe->ops == NULL) { if (pipe->dentry == NULL) {
res = -EPIPE; res = -EPIPE;
goto out_unlock; goto out_unlock;
} }
...@@ -333,7 +322,7 @@ rpc_pipe_write(struct file *filp, const char __user *buf, size_t len, loff_t *of ...@@ -333,7 +322,7 @@ rpc_pipe_write(struct file *filp, const char __user *buf, size_t len, loff_t *of
mutex_lock(&inode->i_mutex); mutex_lock(&inode->i_mutex);
res = -EPIPE; res = -EPIPE;
if (pipe->ops != NULL) if (pipe->dentry != NULL)
res = pipe->ops->downcall(filp, buf, len); res = pipe->ops->downcall(filp, buf, len);
mutex_unlock(&inode->i_mutex); mutex_unlock(&inode->i_mutex);
return res; return res;
...@@ -348,7 +337,7 @@ rpc_pipe_poll(struct file *filp, struct poll_table_struct *wait) ...@@ -348,7 +337,7 @@ rpc_pipe_poll(struct file *filp, struct poll_table_struct *wait)
poll_wait(filp, &pipe->waitq, wait); poll_wait(filp, &pipe->waitq, wait);
mask = POLLOUT | POLLWRNORM; mask = POLLOUT | POLLWRNORM;
if (pipe->ops == NULL) if (pipe->dentry == NULL)
mask |= POLLERR | POLLHUP; mask |= POLLERR | POLLHUP;
if (filp->private_data || !list_empty(&pipe->pipe)) if (filp->private_data || !list_empty(&pipe->pipe))
mask |= POLLIN | POLLRDNORM; mask |= POLLIN | POLLRDNORM;
...@@ -365,7 +354,7 @@ rpc_pipe_ioctl(struct file *filp, unsigned int cmd, unsigned long arg) ...@@ -365,7 +354,7 @@ rpc_pipe_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
switch (cmd) { switch (cmd) {
case FIONREAD: case FIONREAD:
spin_lock(&pipe->lock); spin_lock(&pipe->lock);
if (pipe->ops == NULL) { if (pipe->dentry == NULL) {
spin_unlock(&pipe->lock); spin_unlock(&pipe->lock);
return -EPIPE; return -EPIPE;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment