• J
    tipc: eliminate struct tipc_subscriber · df79d040
    Jon Maloy 提交于
    It is unnecessary to keep two structures, struct tipc_conn and struct
    tipc_subscriber, with a one-to-one relationship and still with different
    life cycles. The fact that the two often run in different contexts, and
    still may access each other via direct pointers constitutes an additional
    hazard, something we have experienced at several occasions, and still
    see happening.
    
    We have identified at least two remaining problems that are easier to
    fix if we simplify the topology server data structure somewhat.
    
    - When there is a race between a subscription up/down event and a
      timeout event, it is fully possible that the former might be delivered
      after the latter, leading to confusion for the receiver.
    
    - The function tipc_subcrp_timeout() is executing in interrupt context,
      while the following call chain is at least theoretically possible:
      tipc_subscrp_timeout()
        tipc_subscrp_send_event()
          tipc_conn_sendmsg()
            conn_put()
              tipc_conn_kref_release()
                sock_release(sock)
    
    I.e., we end up calling a function that might try to sleep in
    interrupt context. To eliminate this, we need to ensure that the
    tipc_conn structure and the socket, as well as the subscription
    instances, only are deleted in work queue context, i.e., after the
    timeout event really has been sent out.
    
    We now remove this unnecessary complexity, by merging data and
    functionality of the subscriber structure into struct tipc_conn
    and the associated file server.c. We thereafter add a spinlock and
    a new 'inactive' state to the subscription structure. Using those,
    both problems described above can be easily solved.
    Acked-by: NYing Xue <ying.xue@windriver.com>
    Signed-off-by: NJon Maloy <jon.maloy@ericsson.com>
    Signed-off-by: NDavid S. Miller <davem@davemloft.net>
    df79d040
subscr.h 3.7 KB