Stefano Garzarella
2019-Nov-08 16:08 UTC
[PATCH] vsock/virtio: fix sock refcnt holding during the shutdown
The "42f5cda5eaf4" commit rightly set SOCK_DONE on peer shutdown,
but there is an issue if we receive the SHUTDOWN(RDWR) while the
virtio_transport_close_timeout() is scheduled.
In this case, when the timeout fires, the SOCK_DONE is already
set and the virtio_transport_close_timeout() will not call
virtio_transport_reset() and virtio_transport_do_close().
This causes that both sockets remain open and will never be released,
preventing the unloading of [virtio|vhost]_transport modules.
This patch fixes this issue, calling virtio_transport_reset() and
virtio_transport_do_close() when we receive the SHUTDOWN(RDWR)
and there is nothing left to read.
Fixes: 42f5cda5eaf4 ("vsock/virtio: set SOCK_DONE on peer shutdown")
Cc: Stephen Barber <smbarber at chromium.org>
Signed-off-by: Stefano Garzarella <sgarzare at redhat.com>
---
net/vmw_vsock/virtio_transport_common.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/net/vmw_vsock/virtio_transport_common.c
b/net/vmw_vsock/virtio_transport_common.c
index 481f7f8a1655..fb2060dffb0a 100644
--- a/net/vmw_vsock/virtio_transport_common.c
+++ b/net/vmw_vsock/virtio_transport_common.c
@@ -947,9 +947,11 @@ virtio_transport_recv_connected(struct sock *sk,
if (le32_to_cpu(pkt->hdr.flags) & VIRTIO_VSOCK_SHUTDOWN_SEND)
vsk->peer_shutdown |= SEND_SHUTDOWN;
if (vsk->peer_shutdown == SHUTDOWN_MASK &&
- vsock_stream_has_data(vsk) <= 0) {
- sock_set_flag(sk, SOCK_DONE);
- sk->sk_state = TCP_CLOSING;
+ vsock_stream_has_data(vsk) <= 0 &&
+ !sock_flag(sk, SOCK_DONE)) {
+ (void)virtio_transport_reset(vsk, NULL);
+
+ virtio_transport_do_close(vsk, true);
}
if (le32_to_cpu(pkt->hdr.flags))
sk->sk_state_change(sk);
--
2.21.0
David Miller
2019-Nov-08 20:19 UTC
[PATCH] vsock/virtio: fix sock refcnt holding during the shutdown
From: Stefano Garzarella <sgarzare at redhat.com> Date: Fri, 8 Nov 2019 17:08:50 +0100> The "42f5cda5eaf4" commit rightly set SOCK_DONE on peer shutdown, > but there is an issue if we receive the SHUTDOWN(RDWR) while the > virtio_transport_close_timeout() is scheduled. > In this case, when the timeout fires, the SOCK_DONE is already > set and the virtio_transport_close_timeout() will not call > virtio_transport_reset() and virtio_transport_do_close(). > This causes that both sockets remain open and will never be released, > preventing the unloading of [virtio|vhost]_transport modules. > > This patch fixes this issue, calling virtio_transport_reset() and > virtio_transport_do_close() when we receive the SHUTDOWN(RDWR) > and there is nothing left to read. > > Fixes: 42f5cda5eaf4 ("vsock/virtio: set SOCK_DONE on peer shutdown") > Cc: Stephen Barber <smbarber at chromium.org> > Signed-off-by: Stefano Garzarella <sgarzare at redhat.com>Applied and queued up for -stable, thanks.
Possibly Parallel Threads
- [RFC v6 0/6] Add virtio transport for AF_VSOCK
- [RFC v6 0/6] Add virtio transport for AF_VSOCK
- [RFC PATCH v1 1/2] vsock: send SIGPIPE on write to shutdowned socket
- [PATCH net] virtio/vsock: fix sock refcnt bug on owner set failure
- [PATCH v2 1/4] vsock: track pkt owner vsock