summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2020-09-30 00:29:44 +0300
committerDavid Howells <dhowells@redhat.com>2020-10-15 15:28:00 +0300
commitf3af4ad1e08a8a9e61878b9f72751a5b76b3baf9 (patch)
treefb7134dfebe6cd067613723a0ccc454f6bea55bb
parentd25e2e9388eda61b6e298585024ee3355f50c493 (diff)
downloadlinux-f3af4ad1e08a8a9e61878b9f72751a5b76b3baf9.tar.xz
rxrpc: Fix bundle counting for exclusive connections
Fix rxrpc_unbundle_conn() to not drop the bundle usage count when cleaning up an exclusive connection. Based on the suggested fix from Hillf Danton. Fixes: 245500d853e9 ("rxrpc: Rewrite the client connection manager") Reported-by: syzbot+d57aaf84dd8a550e6d91@syzkaller.appspotmail.com Signed-off-by: David Howells <dhowells@redhat.com> cc: Hillf Danton <hdanton@sina.com>
-rw-r--r--net/rxrpc/conn_client.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/net/rxrpc/conn_client.c b/net/rxrpc/conn_client.c
index 78c845a4f1ad..5d9adfd4c84f 100644
--- a/net/rxrpc/conn_client.c
+++ b/net/rxrpc/conn_client.c
@@ -901,7 +901,7 @@ static void rxrpc_unbundle_conn(struct rxrpc_connection *conn)
struct rxrpc_bundle *bundle = conn->bundle;
struct rxrpc_local *local = bundle->params.local;
unsigned int bindex;
- bool need_drop = false;
+ bool need_drop = false, need_put = false;
int i;
_enter("C=%x", conn->debug_id);
@@ -928,10 +928,11 @@ static void rxrpc_unbundle_conn(struct rxrpc_connection *conn)
if (i == ARRAY_SIZE(bundle->conns) && !bundle->params.exclusive) {
_debug("erase bundle");
rb_erase(&bundle->local_node, &local->client_bundles);
+ need_put = true;
}
spin_unlock(&local->client_bundles_lock);
- if (i == ARRAY_SIZE(bundle->conns))
+ if (need_put)
rxrpc_put_bundle(bundle);
}