From: Sage Weil <sage@inktank.com>
Date: Tue, 31 Jul 2012 01:17:13 +0000 (-0700)
Subject: libceph: avoid dropping con mutex before fault
X-Git-Tag: v3.4.20~15
X-Git-Url: https://git.karo-electronics.de/?a=commitdiff_plain;h=328677c24bbae17f3f91ffce3b2351a27933741c;p=karo-tx-linux.git

libceph: avoid dropping con mutex before fault

(cherry picked from commit 8636ea672f0c5ab7478c42c5b6705ebd1db7eb6a)

The ceph_fault() function takes the con mutex, so we should avoid
dropping it before calling it.  This fixes a potential race with
another thread calling ceph_con_close(), or _open(), or similar (we
don't reverify con->state after retaking the lock).

Add annotation so that lockdep realizes we will drop the mutex before
returning.

Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Alex Elder <elder@inktank.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---

diff --git a/net/ceph/messenger.c b/net/ceph/messenger.c
index bb21e5b0fb55..c2f0ca36f4ab 100644
--- a/net/ceph/messenger.c
+++ b/net/ceph/messenger.c
@@ -2336,7 +2336,6 @@ done_unlocked:
 	return;
 
 fault:
-	mutex_unlock(&con->mutex);
 	ceph_fault(con);     /* error/fault path */
 	goto done_unlocked;
 }
@@ -2347,9 +2346,8 @@ fault:
  * exponential backoff
  */
 static void ceph_fault(struct ceph_connection *con)
+	__releases(con->mutex)
 {
-	mutex_lock(&con->mutex);
-
 	pr_err("%s%lld %s %s\n", ENTITY_NAME(con->peer_name),
 	       ceph_pr_addr(&con->peer_addr.in_addr), con->error_msg);
 	dout("fault %p state %lu to peer %s\n",