net/smc: protect link down work from execute after lgr freed

author Guangguan Wang <guangguan.wang@linux.alibaba.com>

Wed, 11 Dec 2024 09:21:16 +0000 (17:21 +0800)

committer David S. Miller <davem@davemloft.net>

Sun, 15 Dec 2024 12:34:59 +0000 (12:34 +0000)
author Guangguan Wang <guangguan.wang@linux.alibaba.com>
Wed, 11 Dec 2024 09:21:16 +0000 (17:21 +0800)
committer David S. Miller <davem@davemloft.net>
Sun, 15 Dec 2024 12:34:59 +0000 (12:34 +0000)
diff --git a/net/smc/smc_core.c b/net/smc/smc_core.c

index 500952c2e67bab94355a30448451fb47f12b0569..3b125d348b4aed725bfc662abad0330e2c3248d9 100644 (file)
--- a/net/smc/smc_core.c
+++ b/net/smc/smc_core.c
@@ -1818,7 +1818,9 @@ void smcr_link_down_cond_sched(struct smc_link *lnk)
  {
         if (smc_link_downing(&lnk->state)) {
                 trace_smcr_link_down(lnk, __builtin_return_address(0));
-               schedule_work(&lnk->link_down_wrk);
+               smcr_link_hold(lnk); /* smcr_link_put in link_down_wrk */
+               if (!schedule_work(&lnk->link_down_wrk))
+                       smcr_link_put(lnk);
         }
  }
  
@@ -1850,11 +1852,14 @@ static void smc_link_down_work(struct work_struct *work)
         struct smc_link_group *lgr = link->lgr;
  
         if (list_empty(&lgr->list))
-               return;
+               goto out;
         wake_up_all(&lgr->llc_msg_waiter);
         down_write(&lgr->llc_conf_mutex);
         smcr_link_down(link);
         up_write(&lgr->llc_conf_mutex);
+
+out:
+       smcr_link_put(link); /* smcr_link_hold by schedulers of link_down_work */
  }
  
  static int smc_vlan_by_tcpsk_walk(struct net_device *lower_dev,
author	Guangguan Wang <guangguan.wang@linux.alibaba.com>
	Wed, 11 Dec 2024 09:21:16 +0000 (17:21 +0800)
committer	David S. Miller <davem@davemloft.net>
	Sun, 15 Dec 2024 12:34:59 +0000 (12:34 +0000)