tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

iscsi-target: Fix iser explicit logout TX kthread leak

This patch fixes a regression introduced with the following commit
in v4.0-rc1 code, where an explicit iser-target logout would result
in ->tx_thread_active being incorrectly cleared by the logout post
handler, and subsequent TX kthread leak:

commit 88dcd2dab5c23b1c9cfc396246d8f476c872f0ca
Author: Nicholas Bellinger <nab@linux-iscsi.org>
Date: Thu Feb 26 22:19:15 2015 -0800

iscsi-target: Convert iscsi_thread_set usage to kthread.h

To address this bug, change iscsit_logout_post_handler_closesession()
and iscsit_logout_post_handler_samecid() to only cmpxchg() on
->tx_thread_active for traditional iscsi/tcp connections.

This is required because iscsi/tcp connections are invoking logout
post handler logic directly from TX kthread context, while iser
connections are invoking logout post handler logic from a seperate
workqueue context.

Cc: Sagi Grimberg <sagig@mellanox.com>
Cc: <stable@vger.kernel.org> # v3.10+
Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>

Nicholas Bellinger 007d038b e5419865

+16 -2
+16 -2
drivers/target/iscsi/iscsi_target.c
··· 4544 4544 struct iscsi_conn *conn) 4545 4545 { 4546 4546 struct iscsi_session *sess = conn->sess; 4547 - int sleep = cmpxchg(&conn->tx_thread_active, true, false); 4547 + int sleep = 1; 4548 + /* 4549 + * Traditional iscsi/tcp will invoke this logic from TX thread 4550 + * context during session logout, so clear tx_thread_active and 4551 + * sleep if iscsit_close_connection() has not already occured. 4552 + * 4553 + * Since iser-target invokes this logic from it's own workqueue, 4554 + * always sleep waiting for RX/TX thread shutdown to complete 4555 + * within iscsit_close_connection(). 4556 + */ 4557 + if (conn->conn_transport->transport_type == ISCSI_TCP) 4558 + sleep = cmpxchg(&conn->tx_thread_active, true, false); 4548 4559 4549 4560 atomic_set(&conn->conn_logout_remove, 0); 4550 4561 complete(&conn->conn_logout_comp); ··· 4569 4558 static void iscsit_logout_post_handler_samecid( 4570 4559 struct iscsi_conn *conn) 4571 4560 { 4572 - int sleep = cmpxchg(&conn->tx_thread_active, true, false); 4561 + int sleep = 1; 4562 + 4563 + if (conn->conn_transport->transport_type == ISCSI_TCP) 4564 + sleep = cmpxchg(&conn->tx_thread_active, true, false); 4573 4565 4574 4566 atomic_set(&conn->conn_logout_remove, 0); 4575 4567 complete(&conn->conn_logout_comp);