kernel / kernel-source

Clone
Source Code
GIT

Files

  1.   a99b602ac2b8c237ced40a4769f19ed10f16288a
  2.   patches.suse
  3.   SUNRPC-Fix-a-server-shutdown-leak.patch
Blob Blame History Raw 
From: Benjamin Coddington <bcodding@redhat.com>
Date: Fri, 3 Mar 2023 16:08:32 -0500
Subject: [PATCH] SUNRPC: Fix a server shutdown leak
Git-commit: 9ca6705d9d609441d34f8b853e1e4a6369b3b171
Patch-mainline: v6.3
References: git-fixes

Fix a race where kthread_stop() may prevent the threadfn from ever getting
called.  If that happens the svc_rqst will not be cleaned up.

Fixes: ed6473ddc704 ("NFSv4: Fix callback server shutdown")
Signed-off-by: Benjamin Coddington <bcodding@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
Acked-by: NeilBrown <neilb@suse.com>

---
 net/sunrpc/svc.c |   14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

--- a/net/sunrpc/svc.c
+++ b/net/sunrpc/svc.c
@@ -665,7 +665,8 @@ choose_pool(struct svc_serv *serv, struc
  * Choose a thread to kill, for svc_set_num_threads
  */
 static inline struct task_struct *
-choose_victim(struct svc_serv *serv, struct svc_pool *pool, unsigned int *state)
+choose_victim(struct svc_serv *serv, struct svc_pool *pool, unsigned int *state,
+	      struct svc_rqst **rqstpp)
 {
 	unsigned int i;
 	struct task_struct *task = NULL;
@@ -696,6 +697,8 @@ found_pool:
 		set_bit(RQ_VICTIM, &rqstp->rq_flags);
 		list_del_rcu(&rqstp->rq_all);
 		task = rqstp->rq_task;
+		if (rqstpp)
+			*rqstpp = rqstp;
 	}
 	spin_unlock_bh(&pool->sp_lock);
 
@@ -751,7 +754,7 @@ svc_signal_kthreads(struct svc_serv *ser
 
 	/* destroy old threads */
 	do {
-		task = choose_victim(serv, pool, &state);
+		task = choose_victim(serv, pool, &state, NULL);
 		if (task == NULL)
 			break;
 		send_sig(SIGINT, task, 1);
@@ -799,15 +802,18 @@ EXPORT_SYMBOL_GPL(svc_set_num_threads);
 static int
 svc_stop_kthreads(struct svc_serv *serv, struct svc_pool *pool, int nrservs)
 {
+	struct svc_rqst	*rqstp;
 	struct task_struct *task;
 	unsigned int state = serv->sv_nrthreads-1;
 
 	/* destroy old threads */
 	do {
-		task = choose_victim(serv, pool, &state);
+		task = choose_victim(serv, pool, &state, &rqstp);
 		if (task == NULL)
 			break;
-		kthread_stop(task);
+		/* Did we lose a race to svo_function threadfn? */
+		if (kthread_stop(task) == -EINTR)
+			svc_exit_thread(rqstp);
 		nrservs++;
 	} while (nrservs < 0);
 	return 0;
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.