The commit is pushed to "branch-rh7-3.10.0-862.14.4.vz7.72.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git after rh7-3.10.0-862.14.4.vz7.72.9 ------> commit fb8a0a11992e4f8ab03b9601eb520e5749bbc73c Author: Kirill Tkhai <ktk...@virtuozzo.com> Date: Tue Oct 16 18:04:29 2018 +0300
fuse kio: Use sio eof instead of parent to determ abort We can't just null sio->parent, since this is not synchronized with socket callbacks. They can already take this counter, and then delay for a while. This patch starts reworking of pcs_sockio and pcs_rpc destruction, and makes the parent pointer be nulled later. This will allow to take sio->parent refcounter for each sio in next patches and to keep parent alive till callbacks end. Signed-off-by: Kirill Tkhai <ktk...@virtuozzo.com> Reviewed-by: Pavel Butsykin <pbutsy...@virtuozzo.com> ===================== Patchset description: Order pcs_rpc and pcs_sockio destruction and close leaked socket https://pmc.acronis.com/browse/VSTOR-15305 Ploop can asynchronously unmap regions by sending IOCB_CMD_UNMAP_ITER, but this command isn't quite correctly interpreted in Fuse. Moreover, in Fast-path mode, fallocate(FALLOC_FL_PUNCH_HOLE|FALLOC_FL_ZERO_RANGE) falls to fuse user daemon and it can lead to data corruption. Let's fix it. Kirill Tkhai (9): fuse kio: Use __maybe_unused fuse kio: Use sio eof instead of parent to determ abort fuse kio: Reorder callback assignment fuse kio: Add pcs_cleanup_wq fuse kio: Destroy rpc in work func fuse kio: Introduce pcs_sk_kick_queue() fuse kio: Dereference sk_user_data under rcu fuse kio: Fix rpc socket leak on rpc_abort() fuse kio: Hold pcs_rpc counter till sio may be freed --- fs/fuse/kio/pcs/pcs_rpc.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/fuse/kio/pcs/pcs_rpc.c b/fs/fuse/kio/pcs/pcs_rpc.c index 92c0b78d6326..e7ae4bfd9feb 100644 --- a/fs/fuse/kio/pcs/pcs_rpc.c +++ b/fs/fuse/kio/pcs/pcs_rpc.c @@ -206,7 +206,7 @@ void rpc_abort(struct pcs_rpc * ep, int fatal, int error) if (ep->gc) list_lru_del(&ep->gc->lru, &ep->lru_link); - sio->parent = NULL; + sio->eof = NULL; pcs_sock_error(sio, error); } @@ -332,7 +332,7 @@ static void rpc_eof_cb(struct pcs_sockio * sio) { struct pcs_rpc * ep = sio->parent; - if (ep == NULL) + if (WARN_ON_ONCE(ep == NULL)) return; /* Dead socket is finally closed, we could already open another one. @@ -532,7 +532,7 @@ struct pcs_msg *rpc_get_hdr(struct pcs_sockio * sio, u32 *msg_size) struct pcs_msg * msg; void (*next_input)(struct pcs_msg *); - if (ep == NULL) + if (WARN_ON_ONCE(ep == NULL)) return NULL; /* Fatal stream format error */ _______________________________________________ Devel mailing list Devel@openvz.org https://lists.openvz.org/mailman/listinfo/devel