[14/25] lustre: lnet: safe access to msg

Message ID	1537930097-11624-15-git-send-email-jsimmons@infradead.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <lustre-devel-bounces@lists.lustre.org> From: James Simmons <jsimmons@infradead.org> To: Andreas Dilger <adilger@whamcloud.com>, Oleg Drokin <green@whamcloud.com>, NeilBrown <neilb@suse.com> Date: Tue, 25 Sep 2018 22:48:06 -0400 Message-Id: <1537930097-11624-15-git-send-email-jsimmons@infradead.org> In-Reply-To: <1537930097-11624-1-git-send-email-jsimmons@infradead.org> References: <1537930097-11624-1-git-send-email-jsimmons@infradead.org> Subject: [lustre-devel] [PATCH 14/25] lustre: lnet: safe access to msg Precedence: list Cc: Amir Shehata <ashehata@whamcloud.com>, Lustre Development List <lustre-devel@lists.lustre.org> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: lustre-devel-bounces@lists.lustre.org Sender: "lustre-devel" <lustre-devel-bounces@lists.lustre.org>
Series	lustre: lnet: remaining fixes for multi-rail \| expand [00/25] lustre: lnet: remaining fixes for multi-rail [01/25] lustre: lnet: remove ni from lnet_finalize [02/25] lustre: lnet: Allow min stats to be reset in peers and nis [03/25] lustre: lnet: remove debug ioctl [04/25] lustre: lnet: Normalize ioctl interface [05/25] lustre: lnet: fix race in lnet shutdown path [06/25] lustre: lnet: loopback NID in lnet_select_pathway() [07/25] lustre: lnet: rename LNET_MAX_INTERFACES [08/25] lustre: lnet: selftest MR fix [09/25] lustre: lnet: prevent assert on ln_state [10/25] lustre: lnet: increment per NI stats [11/25] lustre: lnet: Fix lost lock [12/25] lustre: lnet: correct locking in legacy add net [13/25] lustre: lnet: fix lnet_cpt_of_md() [14/25] lustre: lnet: safe access to msg [15/25] lustre: o2iblnd: reconnect peer for REJ_INVALID_SERVICE_ID [16/25] lustre: o2iblnd: kill timedout txs from ibp_tx_queue [17/25] lustre: o2iblnd: multiple sges for work request [18/25] lustre: lnd: Turn on 2 sges by default [19/25] lustre: lnd: Don't Assert On Reconnect with MultiQP [20/25] lustre: lnet: handle empty CPTs [21/25] lustre: lnet: set LND tunables properly [22/25] lustre: lnd: Don't Page Align remote_addr with FastReg [23/25] lustre: lnd: pending transmits dropped silently [24/25] lustre: socklnd: propagate errors on send failure [25/25] lustre: ko2iblnd: allow for discontiguous fragments

Message ID

1537930097-11624-15-git-send-email-jsimmons@infradead.org (mailing list archive)

State

New, archived

Headers

From: James Simmons <jsimmons@infradead.org>
To: Andreas Dilger <adilger@whamcloud.com>, Oleg Drokin <green@whamcloud.com>,
 NeilBrown <neilb@suse.com>
Date: Tue, 25 Sep 2018 22:48:06 -0400
Message-Id: <1537930097-11624-15-git-send-email-jsimmons@infradead.org>
In-Reply-To: <1537930097-11624-1-git-send-email-jsimmons@infradead.org>
References: <1537930097-11624-1-git-send-email-jsimmons@infradead.org>
Subject: [lustre-devel] [PATCH 14/25] lustre: lnet: safe access to msg
Precedence: list
Cc: Amir Shehata <ashehata@whamcloud.com>,
 Lustre Development List <lustre-devel@lists.lustre.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: lustre-devel-bounces@lists.lustre.org
Sender: "lustre-devel" <lustre-devel-bounces@lists.lustre.org>

Series

lustre: lnet: remaining fixes for multi-rail | expand

Commit Message

James Simmons Sept. 26, 2018, 2:48 a.m. UTC

From: Amir Shehata <ashehata@whamcloud.com>

When tx credits are returned if there are pending messages they
need to be sent. Messages could have different tx_cpts, so the
correct one needs to be locked. After lnet_post_send_locked(),
if we locked a different CPT then we need to relock the correct one
However, as part of lnet_post_send_locked(), lnet_finalze() can
be called which can free the message. Therefore, the cpt of the
message being passed must be cached in order to prevent access to
freed memory.

Signed-off-by: Amir Shehata <ashehata@whamcloud.com>
WC-bug-id: https://jira.whamcloud.com/browse/LU-9817
Reviewed-on: https://review.whamcloud.com/28308
Reviewed-by: Olaf Weber <olaf.weber@hpe.com>
Reviewed-by: Sonia Sharma <sharmaso@whamcloud.com>
Reviewed-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
 drivers/staging/lustre/lnet/lnet/lib-move.c | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/drivers/staging/lustre/lnet/lnet/lib-move.c b/drivers/staging/lustre/lnet/lnet/lib-move.c
index 4d74421..e8c0216 100644
--- a/drivers/staging/lustre/lnet/lnet/lib-move.c
+++ b/drivers/staging/lustre/lnet/lnet/lib-move.c
@@ -847,6 +847,8 @@ 
 
 		txpeer->lpni_txcredits++;
 		if (txpeer->lpni_txcredits <= 0) {
+			int msg2_cpt;
+
 			msg2 = list_entry(txpeer->lpni_txq.next,
 					  struct lnet_msg, msg_list);
 			list_del(&msg2->msg_list);
@@ -855,13 +857,26 @@ 
 			LASSERT(msg2->msg_txpeer == txpeer);
 			LASSERT(msg2->msg_tx_delayed);
 
-			if (msg2->msg_tx_cpt != msg->msg_tx_cpt) {
+			msg2_cpt = msg2->msg_tx_cpt;
+
+			/*
+			 * The msg_cpt can be different from the msg2_cpt
+			 * so we need to make sure we lock the correct cpt
+			 * for msg2.
+			 * Once we call lnet_post_send_locked() it is no
+			 * longer safe to access msg2, since it could've
+			 * been freed by lnet_finalize(), but we still
+			 * need to relock the correct cpt, so we cache the
+			 * msg2_cpt for the purpose of the check that
+			 * follows the call to lnet_pose_send_locked().
+			 */
+			if (msg2_cpt != msg->msg_tx_cpt) {
 				lnet_net_unlock(msg->msg_tx_cpt);
-				lnet_net_lock(msg2->msg_tx_cpt);
+				lnet_net_lock(msg2_cpt);
 			}
 			(void)lnet_post_send_locked(msg2, 1);
-			if (msg2->msg_tx_cpt != msg->msg_tx_cpt) {
-				lnet_net_unlock(msg2->msg_tx_cpt);
+			if (msg2_cpt != msg->msg_tx_cpt) {
+				lnet_net_unlock(msg2_cpt);
 				lnet_net_lock(msg->msg_tx_cpt);
 			}
 		} else {

[14/25] lustre: lnet: safe access to msg

Commit Message

Patch