diff options
| author | Jeff Layton <jlayton@kernel.org> | 2025-02-20 11:47:13 -0500 |
|---|---|---|
| committer | Chuck Lever <chuck.lever@oracle.com> | 2025-03-10 09:11:09 -0400 |
| commit | 1054e8ffc5c492f341bdf1888b882f1d163dd3d8 (patch) | |
| tree | 30280695ba12656e5db7a3c90d57faf61cd086ae /net/unix/sysctl_net_unix.c | |
| parent | 9254c8ae9b8172d9ad26e620a4bbc604a1efa7fa (diff) | |
| download | linux-1054e8ffc5c492f341bdf1888b882f1d163dd3d8.tar.gz linux-1054e8ffc5c492f341bdf1888b882f1d163dd3d8.tar.bz2 linux-1054e8ffc5c492f341bdf1888b882f1d163dd3d8.zip | |
nfsd: prevent callback tasks running concurrently
The nfsd4_callback workqueue jobs exist to queue backchannel RPCs to
rpciod. Because they run in different workqueue contexts, the rpc_task
can run concurrently with the workqueue job itself, should it become
requeued. This is problematic as there is no locking when accessing the
fields in the nfsd4_callback.
Add a new unsigned long to nfsd4_callback and declare a new
NFSD4_CALLBACK_RUNNING flag to be set in it. When attempting to run a
workqueue job, do a test_and_set_bit() on that flag first, and don't
queue the workqueue job if it returns true. Clear NFSD4_CALLBACK_RUNNING
in nfsd41_destroy_cb().
This also gives us a more reliable mechanism for handling queueing
failures in codepaths where we have to take references under spinlocks.
We can now do the test_and_set_bit on NFSD4_CALLBACK_RUNNING first, and
only take references to the objects if that returns false.
Most of the nfsd4_run_cb() callers are converted to use this new flag or
the nfsd4_try_run_cb() wrapper. The main exception is the callback
channel probe, which has its own synchronization.
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Diffstat (limited to 'net/unix/sysctl_net_unix.c')
0 files changed, 0 insertions, 0 deletions