diff options
| author |   David Howells <dhowells@redhat.com> | 2020-01-30 21:50:36 +0000 |
|---|---|---|
| committer | David Howells <dhowells@redhat.com> | 2020-02-03 10:25:30 +0000 |
| commit | 5273a191dca65a675dc0bcf3909e59c6933e2831 (patch) | |
| tree | 0944eefed2d209e9bd7ccbdebebedf367757f61a /net/rxrpc/ar-internal.h | |
| parent | rxrpc: Fix missing active use pinning of rxrpc_local object (diff) | |
| download | linux-dev-5273a191dca65a675dc0bcf3909e59c6933e2831.tar.xz linux-dev-5273a191dca65a675dc0bcf3909e59c6933e2831.zip | |
rxrpc: Fix NULL pointer deref due to call->conn being cleared on disconnect
When a call is disconnected, the connection pointer from the call is
cleared to make sure it isn't used again and to prevent further attempted
transmission for the call. Unfortunately, there might be a daemon trying
to use it at the same time to transmit a packet.
Fix this by keeping call->conn set, but setting a flag on the call to
indicate disconnection instead.
Remove also the bits in the transmission functions where the conn pointer is
checked and a ref taken under spinlock as this is now redundant.
Fixes: 8d94aa381dab ("rxrpc: Calls shouldn't hold socket refs")
Signed-off-by: David Howells <dhowells@redhat.com>
Diffstat (limited to '')
| -rw-r--r-- | net/rxrpc/ar-internal.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/net/rxrpc/ar-internal.h b/net/rxrpc/ar-internal.h index 94441fee85bc..7d730c438404 100644 --- a/net/rxrpc/ar-internal.h +++ b/net/rxrpc/ar-internal.h @@ -490,6 +490,7 @@ enum rxrpc_call_flag { RXRPC_CALL_RX_HEARD, /* The peer responded at least once to this call */ RXRPC_CALL_RX_UNDERRUN, /* Got data underrun */ RXRPC_CALL_IS_INTR, /* The call is interruptible */ + RXRPC_CALL_DISCONNECTED, /* The call has been disconnected */ }; /* |