• S
    iser-target: Fix connected_handler + teardown flow race · 19e2090f
    Sagi Grimberg 提交于
    Take isert_conn pointer from cm_id->qp->qp_context. This
    will allow us to know that the cm_id context is always
    the network portal. This will make the cm_id event check
    (connection or network portal) more reliable.
    
    In order to avoid a NULL dereference in cma_id->qp->qp_context
    we destroy the qp after we destroy the cm_id (and make the
    dereference safe). session stablishment/teardown sequences
    can happen in parallel, we should take into account that
    connected_handler might race with connection teardown flow.
    
    Also, protect isert_conn->conn_device->active_qps decrement
    within the error patch during QP creation failure and the
    normal teardown path in isert_connect_release().
    
    Squashed:
    
    iser-target: Decrement completion context active_qps in error flow
    Signed-off-by: NSagi Grimberg <sagig@mellanox.com>
    Cc: <stable@vger.kernel.org> # v3.10+
    Signed-off-by: NNicholas Bellinger <nab@linux-iscsi.org>
    19e2090f
ib_isert.c 93.3 KB