2019-05-28 16:57:20 +00:00
|
|
|
// SPDX-License-Identifier: GPL-2.0-only
|
2006-11-02 16:19:21 +00:00
|
|
|
/******************************************************************************
|
|
|
|
*******************************************************************************
|
|
|
|
**
|
|
|
|
** Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
|
2009-01-28 18:57:40 +00:00
|
|
|
** Copyright (C) 2004-2009 Red Hat, Inc. All rights reserved.
|
2006-11-02 16:19:21 +00:00
|
|
|
**
|
|
|
|
**
|
|
|
|
*******************************************************************************
|
|
|
|
******************************************************************************/
|
|
|
|
|
|
|
|
/*
|
|
|
|
* lowcomms.c
|
|
|
|
*
|
|
|
|
* This is the "low-level" comms layer.
|
|
|
|
*
|
|
|
|
* It is responsible for sending/receiving messages
|
|
|
|
* from other nodes in the cluster.
|
|
|
|
*
|
|
|
|
* Cluster nodes are referred to by their nodeids. nodeids are
|
|
|
|
* simply 32 bit numbers to the locking module - if they need to
|
2009-01-22 21:26:47 +00:00
|
|
|
* be expanded for the cluster infrastructure then that is its
|
2006-11-02 16:19:21 +00:00
|
|
|
* responsibility. It is this layer's
|
|
|
|
* responsibility to resolve these into IP address or
|
|
|
|
* whatever it needs for inter-node communication.
|
|
|
|
*
|
|
|
|
* The comms level is two kernel threads that deal mainly with
|
|
|
|
* the receiving of messages from other nodes and passing them
|
|
|
|
* up to the mid-level comms layer (which understands the
|
|
|
|
* message format) for execution by the locking core, and
|
|
|
|
* a send thread which does all the setting up of connections
|
|
|
|
* to remote nodes and the sending of data. Threads are not allowed
|
|
|
|
* to send their own data because it may cause them to wait in times
|
|
|
|
* of high load. Also, this way, the sending thread can collect together
|
|
|
|
* messages bound for one node and send them in one block.
|
|
|
|
*
|
2009-01-22 21:26:47 +00:00
|
|
|
* lowcomms will choose to use either TCP or SCTP as its transport layer
|
2007-04-17 14:39:57 +00:00
|
|
|
* depending on the configuration variable 'protocol'. This should be set
|
2009-01-22 21:26:47 +00:00
|
|
|
* to 0 (default) for TCP or 1 for SCTP. It should be configured using a
|
2007-04-17 14:39:57 +00:00
|
|
|
* cluster-wide mechanism as it must be the same on all nodes of the cluster
|
|
|
|
* for the DLM to function.
|
2006-11-02 16:19:21 +00:00
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <asm/ioctls.h>
|
|
|
|
#include <net/sock.h>
|
|
|
|
#include <net/tcp.h>
|
|
|
|
#include <linux/pagemap.h>
|
2007-04-17 14:39:57 +00:00
|
|
|
#include <linux/file.h>
|
2008-05-12 15:04:51 +00:00
|
|
|
#include <linux/mutex.h>
|
2007-04-17 14:39:57 +00:00
|
|
|
#include <linux/sctp.h>
|
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
percpu.h is included by sched.h and module.h and thus ends up being
included when building most .c files. percpu.h includes slab.h which
in turn includes gfp.h making everything defined by the two files
universally available and complicating inclusion dependencies.
percpu.h -> slab.h dependency is about to be removed. Prepare for
this change by updating users of gfp and slab facilities include those
headers directly instead of assuming availability. As this conversion
needs to touch large number of source files, the following script is
used as the basis of conversion.
http://userweb.kernel.org/~tj/misc/slabh-sweep.py
The script does the followings.
* Scan files for gfp and slab usages and update includes such that
only the necessary includes are there. ie. if only gfp is used,
gfp.h, if slab is used, slab.h.
* When the script inserts a new include, it looks at the include
blocks and try to put the new include such that its order conforms
to its surrounding. It's put in the include block which contains
core kernel includes, in the same order that the rest are ordered -
alphabetical, Christmas tree, rev-Xmas-tree or at the end if there
doesn't seem to be any matching order.
* If the script can't find a place to put a new include (mostly
because the file doesn't have fitting include block), it prints out
an error message indicating which .h file needs to be added to the
file.
The conversion was done in the following steps.
1. The initial automatic conversion of all .c files updated slightly
over 4000 files, deleting around 700 includes and adding ~480 gfp.h
and ~3000 slab.h inclusions. The script emitted errors for ~400
files.
2. Each error was manually checked. Some didn't need the inclusion,
some needed manual addition while adding it to implementation .h or
embedding .c file was more appropriate for others. This step added
inclusions to around 150 files.
3. The script was run again and the output was compared to the edits
from #2 to make sure no file was left behind.
4. Several build tests were done and a couple of problems were fixed.
e.g. lib/decompress_*.c used malloc/free() wrappers around slab
APIs requiring slab.h to be added manually.
5. The script was run on all .h files but without automatically
editing them as sprinkling gfp.h and slab.h inclusions around .h
files could easily lead to inclusion dependency hell. Most gfp.h
inclusion directives were ignored as stuff from gfp.h was usually
wildly available and often used in preprocessor macros. Each
slab.h inclusion directive was examined and added manually as
necessary.
6. percpu.h was updated not to include slab.h.
7. Build test were done on the following configurations and failures
were fixed. CONFIG_GCOV_KERNEL was turned off for all tests (as my
distributed build env didn't work with gcov compiles) and a few
more options had to be turned off depending on archs to make things
build (like ipr on powerpc/64 which failed due to missing writeq).
* x86 and x86_64 UP and SMP allmodconfig and a custom test config.
* powerpc and powerpc64 SMP allmodconfig
* sparc and sparc64 SMP allmodconfig
* ia64 SMP allmodconfig
* s390 SMP allmodconfig
* alpha SMP allmodconfig
* um on x86_64 SMP allmodconfig
8. percpu.h modifications were reverted so that it could be applied as
a separate patch and serve as bisection point.
Given the fact that I had only a couple of failures from tests on step
6, I'm fairly confident about the coverage of this conversion patch.
If there is a breakage, it's likely to be something in one of the arch
headers which should be easily discoverable easily on most builds of
the specific arch.
Signed-off-by: Tejun Heo <tj@kernel.org>
Guess-its-ok-by: Christoph Lameter <cl@linux-foundation.org>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
2010-03-24 08:04:11 +00:00
|
|
|
#include <linux/slab.h>
|
2012-03-08 05:55:59 +00:00
|
|
|
#include <net/sctp/sctp.h>
|
2009-01-22 21:24:49 +00:00
|
|
|
#include <net/ipv6.h>
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
#include "dlm_internal.h"
|
|
|
|
#include "lowcomms.h"
|
|
|
|
#include "midcomms.h"
|
|
|
|
#include "config.h"
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
#define NEEDED_RMEM (4*1024*1024)
|
2009-01-28 18:57:40 +00:00
|
|
|
#define CONN_HASH_SIZE 32
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2010-11-12 17:15:20 +00:00
|
|
|
/* Number of messages to send before rescheduling */
|
|
|
|
#define MAX_SEND_MSG_COUNT 25
|
2020-07-27 13:13:38 +00:00
|
|
|
#define DLM_SHUTDOWN_WAIT_TIMEOUT msecs_to_jiffies(10000)
|
2010-11-12 17:15:20 +00:00
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
struct connection {
|
|
|
|
struct socket *sock; /* NULL if not connected */
|
|
|
|
uint32_t nodeid; /* So we know who we are in the list */
|
2007-01-24 11:17:59 +00:00
|
|
|
struct mutex sock_mutex;
|
2007-04-17 14:39:57 +00:00
|
|
|
unsigned long flags;
|
2006-11-02 16:19:21 +00:00
|
|
|
#define CF_READ_PENDING 1
|
2017-09-12 09:01:16 +00:00
|
|
|
#define CF_WRITE_PENDING 2
|
2007-04-17 14:39:57 +00:00
|
|
|
#define CF_INIT_PENDING 4
|
|
|
|
#define CF_IS_OTHERCON 5
|
2009-08-11 21:18:23 +00:00
|
|
|
#define CF_CLOSE 6
|
2010-11-11 05:56:39 +00:00
|
|
|
#define CF_APP_LIMITED 7
|
2017-09-12 08:55:50 +00:00
|
|
|
#define CF_CLOSING 8
|
2020-07-27 13:13:38 +00:00
|
|
|
#define CF_SHUTDOWN 9
|
2020-11-03 01:04:20 +00:00
|
|
|
#define CF_CONNECTED 10
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
struct list_head writequeue; /* List of outgoing writequeue_entries */
|
2006-11-02 16:19:21 +00:00
|
|
|
spinlock_t writequeue_lock;
|
|
|
|
int (*rx_action) (struct connection *); /* What to do when active */
|
2007-04-17 14:39:57 +00:00
|
|
|
void (*connect_action) (struct connection *); /* What to do to connect */
|
2020-07-27 13:13:38 +00:00
|
|
|
void (*shutdown_action)(struct connection *con); /* What to do to shutdown */
|
2006-11-02 16:19:21 +00:00
|
|
|
int retries;
|
|
|
|
#define MAX_CONNECT_RETRIES 3
|
2009-01-28 18:57:40 +00:00
|
|
|
struct hlist_node list;
|
2006-11-02 16:19:21 +00:00
|
|
|
struct connection *othercon;
|
2007-01-15 14:33:34 +00:00
|
|
|
struct work_struct rwork; /* Receive workqueue */
|
|
|
|
struct work_struct swork; /* Send workqueue */
|
2020-07-27 13:13:38 +00:00
|
|
|
wait_queue_head_t shutdown_wait; /* wait for graceful shutdown */
|
2020-09-24 14:31:26 +00:00
|
|
|
unsigned char *rx_buf;
|
|
|
|
int rx_buflen;
|
|
|
|
int rx_leftover;
|
2020-08-27 19:02:49 +00:00
|
|
|
struct rcu_head rcu;
|
2006-11-02 16:19:21 +00:00
|
|
|
};
|
|
|
|
#define sock2con(x) ((struct connection *)(x)->sk_user_data)
|
|
|
|
|
|
|
|
/* An entry waiting to be sent */
|
|
|
|
struct writequeue_entry {
|
|
|
|
struct list_head list;
|
|
|
|
struct page *page;
|
|
|
|
int offset;
|
|
|
|
int len;
|
|
|
|
int end;
|
|
|
|
int users;
|
|
|
|
struct connection *con;
|
|
|
|
};
|
|
|
|
|
2012-07-26 17:44:30 +00:00
|
|
|
struct dlm_node_addr {
|
|
|
|
struct list_head list;
|
|
|
|
int nodeid;
|
|
|
|
int addr_count;
|
2013-06-14 09:56:12 +00:00
|
|
|
int curr_addr_index;
|
2012-07-26 17:44:30 +00:00
|
|
|
struct sockaddr_storage *addr[DLM_MAX_ADDR_COUNT];
|
|
|
|
};
|
|
|
|
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
static struct listen_sock_callbacks {
|
|
|
|
void (*sk_error_report)(struct sock *);
|
|
|
|
void (*sk_data_ready)(struct sock *);
|
|
|
|
void (*sk_state_change)(struct sock *);
|
|
|
|
void (*sk_write_space)(struct sock *);
|
|
|
|
} listen_sock;
|
|
|
|
|
2012-07-26 17:44:30 +00:00
|
|
|
static LIST_HEAD(dlm_node_addrs);
|
|
|
|
static DEFINE_SPINLOCK(dlm_node_addrs_spin);
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
static struct sockaddr_storage *dlm_local_addr[DLM_MAX_ADDR_COUNT];
|
|
|
|
static int dlm_local_count;
|
2012-03-30 16:46:08 +00:00
|
|
|
static int dlm_allow_conn;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-01-15 14:33:34 +00:00
|
|
|
/* Work queues */
|
|
|
|
static struct workqueue_struct *recv_workqueue;
|
|
|
|
static struct workqueue_struct *send_workqueue;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2009-01-28 18:57:40 +00:00
|
|
|
static struct hlist_head connection_hash[CONN_HASH_SIZE];
|
2020-08-27 19:02:49 +00:00
|
|
|
static DEFINE_SPINLOCK(connections_lock);
|
|
|
|
DEFINE_STATIC_SRCU(connections_srcu);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-01-15 14:33:34 +00:00
|
|
|
static void process_recv_sockets(struct work_struct *work);
|
|
|
|
static void process_send_sockets(struct work_struct *work);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2020-11-03 01:04:22 +00:00
|
|
|
static void sctp_connect_to_sock(struct connection *con);
|
|
|
|
static void tcp_connect_to_sock(struct connection *con);
|
2009-01-28 18:57:40 +00:00
|
|
|
|
|
|
|
/* This is deliberately very simple because most clusters have simple
|
|
|
|
sequential nodeids, so we should be able to go straight to a connection
|
|
|
|
struct in the array */
|
|
|
|
static inline int nodeid_hash(int nodeid)
|
|
|
|
{
|
|
|
|
return nodeid & (CONN_HASH_SIZE-1);
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct connection *__find_con(int nodeid)
|
|
|
|
{
|
2020-08-27 19:02:49 +00:00
|
|
|
int r, idx;
|
2009-01-28 18:57:40 +00:00
|
|
|
struct connection *con;
|
|
|
|
|
|
|
|
r = nodeid_hash(nodeid);
|
|
|
|
|
2020-08-27 19:02:49 +00:00
|
|
|
idx = srcu_read_lock(&connections_srcu);
|
|
|
|
hlist_for_each_entry_rcu(con, &connection_hash[r], list) {
|
|
|
|
if (con->nodeid == nodeid) {
|
|
|
|
srcu_read_unlock(&connections_srcu, idx);
|
2009-01-28 18:57:40 +00:00
|
|
|
return con;
|
2020-08-27 19:02:49 +00:00
|
|
|
}
|
2009-01-28 18:57:40 +00:00
|
|
|
}
|
2020-08-27 19:02:49 +00:00
|
|
|
srcu_read_unlock(&connections_srcu, idx);
|
|
|
|
|
2009-01-28 18:57:40 +00:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2020-11-03 01:04:21 +00:00
|
|
|
static int dlm_con_init(struct connection *con, int nodeid)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2020-09-24 14:31:26 +00:00
|
|
|
con->rx_buflen = dlm_config.ci_buffer_size;
|
|
|
|
con->rx_buf = kmalloc(con->rx_buflen, GFP_NOFS);
|
2020-11-03 01:04:21 +00:00
|
|
|
if (!con->rx_buf)
|
|
|
|
return -ENOMEM;
|
2020-09-24 14:31:26 +00:00
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
con->nodeid = nodeid;
|
|
|
|
mutex_init(&con->sock_mutex);
|
|
|
|
INIT_LIST_HEAD(&con->writequeue);
|
|
|
|
spin_lock_init(&con->writequeue_lock);
|
|
|
|
INIT_WORK(&con->swork, process_send_sockets);
|
|
|
|
INIT_WORK(&con->rwork, process_recv_sockets);
|
2020-07-27 13:13:38 +00:00
|
|
|
init_waitqueue_head(&con->shutdown_wait);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2020-11-03 01:04:22 +00:00
|
|
|
if (dlm_config.ci_protocol == 0)
|
|
|
|
con->connect_action = tcp_connect_to_sock;
|
|
|
|
else
|
|
|
|
con->connect_action = sctp_connect_to_sock;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2020-11-03 01:04:21 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* If 'allocation' is zero then we don't attempt to create a new
|
|
|
|
* connection structure for this node.
|
|
|
|
*/
|
|
|
|
static struct connection *nodeid2con(int nodeid, gfp_t alloc)
|
|
|
|
{
|
|
|
|
struct connection *con, *tmp;
|
|
|
|
int r, ret;
|
|
|
|
|
|
|
|
con = __find_con(nodeid);
|
|
|
|
if (con || !alloc)
|
|
|
|
return con;
|
|
|
|
|
|
|
|
con = kzalloc(sizeof(*con), alloc);
|
|
|
|
if (!con)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
ret = dlm_con_init(con, nodeid);
|
|
|
|
if (ret) {
|
|
|
|
kfree(con);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2020-08-27 19:02:49 +00:00
|
|
|
r = nodeid_hash(nodeid);
|
|
|
|
|
|
|
|
spin_lock(&connections_lock);
|
2020-09-30 22:37:29 +00:00
|
|
|
/* Because multiple workqueues/threads calls this function it can
|
|
|
|
* race on multiple cpu's. Instead of locking hot path __find_con()
|
|
|
|
* we just check in rare cases of recently added nodes again
|
|
|
|
* under protection of connections_lock. If this is the case we
|
|
|
|
* abort our connection creation and return the existing connection.
|
|
|
|
*/
|
|
|
|
tmp = __find_con(nodeid);
|
|
|
|
if (tmp) {
|
|
|
|
spin_unlock(&connections_lock);
|
|
|
|
kfree(con->rx_buf);
|
|
|
|
kfree(con);
|
|
|
|
return tmp;
|
|
|
|
}
|
|
|
|
|
2020-08-27 19:02:49 +00:00
|
|
|
hlist_add_head_rcu(&con->list, &connection_hash[r]);
|
|
|
|
spin_unlock(&connections_lock);
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
return con;
|
|
|
|
}
|
|
|
|
|
2009-01-28 18:57:40 +00:00
|
|
|
/* Loop round all connections */
|
|
|
|
static void foreach_conn(void (*conn_func)(struct connection *c))
|
|
|
|
{
|
2020-08-27 19:02:49 +00:00
|
|
|
int i, idx;
|
2009-01-28 18:57:40 +00:00
|
|
|
struct connection *con;
|
|
|
|
|
2020-08-27 19:02:49 +00:00
|
|
|
idx = srcu_read_lock(&connections_srcu);
|
2009-01-28 18:57:40 +00:00
|
|
|
for (i = 0; i < CONN_HASH_SIZE; i++) {
|
2020-08-27 19:02:49 +00:00
|
|
|
hlist_for_each_entry_rcu(con, &connection_hash[i], list)
|
2009-01-28 18:57:40 +00:00
|
|
|
conn_func(con);
|
|
|
|
}
|
2020-08-27 19:02:49 +00:00
|
|
|
srcu_read_unlock(&connections_srcu, idx);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2012-07-26 17:44:30 +00:00
|
|
|
static struct dlm_node_addr *find_node_addr(int nodeid)
|
|
|
|
{
|
|
|
|
struct dlm_node_addr *na;
|
|
|
|
|
|
|
|
list_for_each_entry(na, &dlm_node_addrs, list) {
|
|
|
|
if (na->nodeid == nodeid)
|
|
|
|
return na;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int addr_compare(struct sockaddr_storage *x, struct sockaddr_storage *y)
|
2007-04-17 14:39:57 +00:00
|
|
|
{
|
2012-07-26 17:44:30 +00:00
|
|
|
switch (x->ss_family) {
|
|
|
|
case AF_INET: {
|
|
|
|
struct sockaddr_in *sinx = (struct sockaddr_in *)x;
|
|
|
|
struct sockaddr_in *siny = (struct sockaddr_in *)y;
|
|
|
|
if (sinx->sin_addr.s_addr != siny->sin_addr.s_addr)
|
|
|
|
return 0;
|
|
|
|
if (sinx->sin_port != siny->sin_port)
|
|
|
|
return 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
case AF_INET6: {
|
|
|
|
struct sockaddr_in6 *sinx = (struct sockaddr_in6 *)x;
|
|
|
|
struct sockaddr_in6 *siny = (struct sockaddr_in6 *)y;
|
|
|
|
if (!ipv6_addr_equal(&sinx->sin6_addr, &siny->sin6_addr))
|
|
|
|
return 0;
|
|
|
|
if (sinx->sin6_port != siny->sin6_port)
|
|
|
|
return 0;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
default:
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
return 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int nodeid_to_addr(int nodeid, struct sockaddr_storage *sas_out,
|
2013-06-14 09:56:12 +00:00
|
|
|
struct sockaddr *sa_out, bool try_new_addr)
|
2012-07-26 17:44:30 +00:00
|
|
|
{
|
|
|
|
struct sockaddr_storage sas;
|
|
|
|
struct dlm_node_addr *na;
|
2007-04-17 14:39:57 +00:00
|
|
|
|
|
|
|
if (!dlm_local_count)
|
|
|
|
return -1;
|
|
|
|
|
2012-07-26 17:44:30 +00:00
|
|
|
spin_lock(&dlm_node_addrs_spin);
|
|
|
|
na = find_node_addr(nodeid);
|
2013-06-14 09:56:12 +00:00
|
|
|
if (na && na->addr_count) {
|
2015-08-11 22:22:23 +00:00
|
|
|
memcpy(&sas, na->addr[na->curr_addr_index],
|
|
|
|
sizeof(struct sockaddr_storage));
|
|
|
|
|
2013-06-14 09:56:12 +00:00
|
|
|
if (try_new_addr) {
|
|
|
|
na->curr_addr_index++;
|
|
|
|
if (na->curr_addr_index == na->addr_count)
|
|
|
|
na->curr_addr_index = 0;
|
|
|
|
}
|
|
|
|
}
|
2012-07-26 17:44:30 +00:00
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
|
|
|
|
if (!na)
|
|
|
|
return -EEXIST;
|
|
|
|
|
|
|
|
if (!na->addr_count)
|
|
|
|
return -ENOENT;
|
|
|
|
|
|
|
|
if (sas_out)
|
|
|
|
memcpy(sas_out, &sas, sizeof(struct sockaddr_storage));
|
|
|
|
|
|
|
|
if (!sa_out)
|
|
|
|
return 0;
|
2007-04-17 14:39:57 +00:00
|
|
|
|
|
|
|
if (dlm_local_addr[0]->ss_family == AF_INET) {
|
2012-07-26 17:44:30 +00:00
|
|
|
struct sockaddr_in *in4 = (struct sockaddr_in *) &sas;
|
|
|
|
struct sockaddr_in *ret4 = (struct sockaddr_in *) sa_out;
|
2007-04-17 14:39:57 +00:00
|
|
|
ret4->sin_addr.s_addr = in4->sin_addr.s_addr;
|
|
|
|
} else {
|
2012-07-26 17:44:30 +00:00
|
|
|
struct sockaddr_in6 *in6 = (struct sockaddr_in6 *) &sas;
|
|
|
|
struct sockaddr_in6 *ret6 = (struct sockaddr_in6 *) sa_out;
|
2011-11-21 03:39:03 +00:00
|
|
|
ret6->sin6_addr = in6->sin6_addr;
|
2007-04-17 14:39:57 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2012-07-26 17:44:30 +00:00
|
|
|
static int addr_to_nodeid(struct sockaddr_storage *addr, int *nodeid)
|
|
|
|
{
|
|
|
|
struct dlm_node_addr *na;
|
|
|
|
int rv = -EEXIST;
|
2013-06-14 09:56:12 +00:00
|
|
|
int addr_i;
|
2012-07-26 17:44:30 +00:00
|
|
|
|
|
|
|
spin_lock(&dlm_node_addrs_spin);
|
|
|
|
list_for_each_entry(na, &dlm_node_addrs, list) {
|
|
|
|
if (!na->addr_count)
|
|
|
|
continue;
|
|
|
|
|
2013-06-14 09:56:12 +00:00
|
|
|
for (addr_i = 0; addr_i < na->addr_count; addr_i++) {
|
|
|
|
if (addr_compare(na->addr[addr_i], addr)) {
|
|
|
|
*nodeid = na->nodeid;
|
|
|
|
rv = 0;
|
|
|
|
goto unlock;
|
|
|
|
}
|
|
|
|
}
|
2012-07-26 17:44:30 +00:00
|
|
|
}
|
2013-06-14 09:56:12 +00:00
|
|
|
unlock:
|
2012-07-26 17:44:30 +00:00
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
|
|
|
int dlm_lowcomms_addr(int nodeid, struct sockaddr_storage *addr, int len)
|
|
|
|
{
|
|
|
|
struct sockaddr_storage *new_addr;
|
|
|
|
struct dlm_node_addr *new_node, *na;
|
|
|
|
|
|
|
|
new_node = kzalloc(sizeof(struct dlm_node_addr), GFP_NOFS);
|
|
|
|
if (!new_node)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
new_addr = kzalloc(sizeof(struct sockaddr_storage), GFP_NOFS);
|
|
|
|
if (!new_addr) {
|
|
|
|
kfree(new_node);
|
|
|
|
return -ENOMEM;
|
|
|
|
}
|
|
|
|
|
|
|
|
memcpy(new_addr, addr, len);
|
|
|
|
|
|
|
|
spin_lock(&dlm_node_addrs_spin);
|
|
|
|
na = find_node_addr(nodeid);
|
|
|
|
if (!na) {
|
|
|
|
new_node->nodeid = nodeid;
|
|
|
|
new_node->addr[0] = new_addr;
|
|
|
|
new_node->addr_count = 1;
|
|
|
|
list_add(&new_node->list, &dlm_node_addrs);
|
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (na->addr_count >= DLM_MAX_ADDR_COUNT) {
|
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
kfree(new_addr);
|
|
|
|
kfree(new_node);
|
|
|
|
return -ENOSPC;
|
|
|
|
}
|
|
|
|
|
|
|
|
na->addr[na->addr_count++] = new_addr;
|
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
kfree(new_node);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
/* Data available on socket or listen socket received a connect */
|
2014-04-11 20:15:36 +00:00
|
|
|
static void lowcomms_data_ready(struct sock *sk)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2017-09-12 09:01:55 +00:00
|
|
|
struct connection *con;
|
|
|
|
|
|
|
|
read_lock_bh(&sk->sk_callback_lock);
|
|
|
|
con = sock2con(sk);
|
2007-06-01 15:07:26 +00:00
|
|
|
if (con && !test_and_set_bit(CF_READ_PENDING, &con->flags))
|
2007-01-15 14:33:34 +00:00
|
|
|
queue_work(recv_workqueue, &con->rwork);
|
2017-09-12 09:01:55 +00:00
|
|
|
read_unlock_bh(&sk->sk_callback_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static void lowcomms_write_space(struct sock *sk)
|
|
|
|
{
|
2017-09-12 09:01:55 +00:00
|
|
|
struct connection *con;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2017-09-12 09:01:55 +00:00
|
|
|
read_lock_bh(&sk->sk_callback_lock);
|
|
|
|
con = sock2con(sk);
|
2010-11-11 05:56:39 +00:00
|
|
|
if (!con)
|
2017-09-12 09:01:55 +00:00
|
|
|
goto out;
|
2010-11-11 05:56:39 +00:00
|
|
|
|
2020-11-03 01:04:20 +00:00
|
|
|
if (!test_and_set_bit(CF_CONNECTED, &con->flags)) {
|
|
|
|
log_print("successful connected to node %d", con->nodeid);
|
|
|
|
queue_work(send_workqueue, &con->swork);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2010-11-11 05:56:39 +00:00
|
|
|
clear_bit(SOCK_NOSPACE, &con->sock->flags);
|
|
|
|
|
|
|
|
if (test_and_clear_bit(CF_APP_LIMITED, &con->flags)) {
|
|
|
|
con->sock->sk->sk_write_pending--;
|
2015-11-30 04:03:10 +00:00
|
|
|
clear_bit(SOCKWQ_ASYNC_NOSPACE, &con->sock->flags);
|
2010-11-11 05:56:39 +00:00
|
|
|
}
|
|
|
|
|
2017-09-12 08:55:14 +00:00
|
|
|
queue_work(send_workqueue, &con->swork);
|
2017-09-12 09:01:55 +00:00
|
|
|
out:
|
|
|
|
read_unlock_bh(&sk->sk_callback_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static inline void lowcomms_connect_sock(struct connection *con)
|
|
|
|
{
|
2009-08-11 21:18:23 +00:00
|
|
|
if (test_bit(CF_CLOSE, &con->flags))
|
|
|
|
return;
|
2017-09-12 08:55:04 +00:00
|
|
|
queue_work(send_workqueue, &con->swork);
|
|
|
|
cond_resched();
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static void lowcomms_state_change(struct sock *sk)
|
|
|
|
{
|
2015-08-11 22:22:23 +00:00
|
|
|
/* SCTP layer is not calling sk_data_ready when the connection
|
|
|
|
* is done, so we catch the signal through here. Also, it
|
|
|
|
* doesn't switch socket state when entering shutdown, so we
|
|
|
|
* skip the write in that case.
|
|
|
|
*/
|
|
|
|
if (sk->sk_shutdown) {
|
|
|
|
if (sk->sk_shutdown == RCV_SHUTDOWN)
|
|
|
|
lowcomms_data_ready(sk);
|
|
|
|
} else if (sk->sk_state == TCP_ESTABLISHED) {
|
2006-11-02 16:19:21 +00:00
|
|
|
lowcomms_write_space(sk);
|
2015-08-11 22:22:23 +00:00
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2009-05-07 15:54:16 +00:00
|
|
|
int dlm_lowcomms_connect_node(int nodeid)
|
|
|
|
{
|
|
|
|
struct connection *con;
|
|
|
|
|
|
|
|
if (nodeid == dlm_our_nodeid())
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
con = nodeid2con(nodeid, GFP_NOFS);
|
|
|
|
if (!con)
|
|
|
|
return -ENOMEM;
|
|
|
|
lowcomms_connect_sock(con);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2015-08-27 14:34:47 +00:00
|
|
|
static void lowcomms_error_report(struct sock *sk)
|
|
|
|
{
|
2016-02-05 19:39:02 +00:00
|
|
|
struct connection *con;
|
2015-08-27 14:34:47 +00:00
|
|
|
struct sockaddr_storage saddr;
|
2016-02-05 19:39:02 +00:00
|
|
|
void (*orig_report)(struct sock *) = NULL;
|
2015-08-27 14:34:47 +00:00
|
|
|
|
2016-02-05 19:39:02 +00:00
|
|
|
read_lock_bh(&sk->sk_callback_lock);
|
|
|
|
con = sock2con(sk);
|
|
|
|
if (con == NULL)
|
|
|
|
goto out;
|
|
|
|
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
orig_report = listen_sock.sk_error_report;
|
2016-01-18 17:29:15 +00:00
|
|
|
if (con->sock == NULL ||
|
2018-02-12 19:00:20 +00:00
|
|
|
kernel_getpeername(con->sock, (struct sockaddr *)&saddr) < 0) {
|
2015-08-27 14:34:47 +00:00
|
|
|
printk_ratelimited(KERN_ERR "dlm: node %d: socket error "
|
|
|
|
"sending to node %d, port %d, "
|
|
|
|
"sk_err=%d/%d\n", dlm_our_nodeid(),
|
|
|
|
con->nodeid, dlm_config.ci_tcp_port,
|
|
|
|
sk->sk_err, sk->sk_err_soft);
|
|
|
|
} else if (saddr.ss_family == AF_INET) {
|
|
|
|
struct sockaddr_in *sin4 = (struct sockaddr_in *)&saddr;
|
|
|
|
|
|
|
|
printk_ratelimited(KERN_ERR "dlm: node %d: socket error "
|
|
|
|
"sending to node %d at %pI4, port %d, "
|
|
|
|
"sk_err=%d/%d\n", dlm_our_nodeid(),
|
|
|
|
con->nodeid, &sin4->sin_addr.s_addr,
|
|
|
|
dlm_config.ci_tcp_port, sk->sk_err,
|
|
|
|
sk->sk_err_soft);
|
|
|
|
} else {
|
|
|
|
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&saddr;
|
|
|
|
|
|
|
|
printk_ratelimited(KERN_ERR "dlm: node %d: socket error "
|
|
|
|
"sending to node %d at %u.%u.%u.%u, "
|
|
|
|
"port %d, sk_err=%d/%d\n", dlm_our_nodeid(),
|
|
|
|
con->nodeid, sin6->sin6_addr.s6_addr32[0],
|
|
|
|
sin6->sin6_addr.s6_addr32[1],
|
|
|
|
sin6->sin6_addr.s6_addr32[2],
|
|
|
|
sin6->sin6_addr.s6_addr32[3],
|
|
|
|
dlm_config.ci_tcp_port, sk->sk_err,
|
|
|
|
sk->sk_err_soft);
|
|
|
|
}
|
2016-02-05 19:39:02 +00:00
|
|
|
out:
|
|
|
|
read_unlock_bh(&sk->sk_callback_lock);
|
|
|
|
if (orig_report)
|
|
|
|
orig_report(sk);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Note: sk_callback_lock must be locked before calling this function. */
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
static void save_listen_callbacks(struct socket *sock)
|
2016-02-05 19:39:02 +00:00
|
|
|
{
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
struct sock *sk = sock->sk;
|
|
|
|
|
|
|
|
listen_sock.sk_data_ready = sk->sk_data_ready;
|
|
|
|
listen_sock.sk_state_change = sk->sk_state_change;
|
|
|
|
listen_sock.sk_write_space = sk->sk_write_space;
|
|
|
|
listen_sock.sk_error_report = sk->sk_error_report;
|
2016-02-05 19:39:02 +00:00
|
|
|
}
|
|
|
|
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
static void restore_callbacks(struct socket *sock)
|
2016-02-05 19:39:02 +00:00
|
|
|
{
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
struct sock *sk = sock->sk;
|
|
|
|
|
2016-02-05 19:39:02 +00:00
|
|
|
write_lock_bh(&sk->sk_callback_lock);
|
|
|
|
sk->sk_user_data = NULL;
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
sk->sk_data_ready = listen_sock.sk_data_ready;
|
|
|
|
sk->sk_state_change = listen_sock.sk_state_change;
|
|
|
|
sk->sk_write_space = listen_sock.sk_write_space;
|
|
|
|
sk->sk_error_report = listen_sock.sk_error_report;
|
2016-02-05 19:39:02 +00:00
|
|
|
write_unlock_bh(&sk->sk_callback_lock);
|
2015-08-27 14:34:47 +00:00
|
|
|
}
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
/* Make a socket active */
|
2017-09-12 08:55:32 +00:00
|
|
|
static void add_sock(struct socket *sock, struct connection *con)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2016-02-05 19:39:02 +00:00
|
|
|
struct sock *sk = sock->sk;
|
|
|
|
|
|
|
|
write_lock_bh(&sk->sk_callback_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
con->sock = sock;
|
|
|
|
|
2016-02-05 19:39:02 +00:00
|
|
|
sk->sk_user_data = con;
|
2006-11-02 16:19:21 +00:00
|
|
|
/* Install a data_ready callback */
|
2016-02-05 19:39:02 +00:00
|
|
|
sk->sk_data_ready = lowcomms_data_ready;
|
|
|
|
sk->sk_write_space = lowcomms_write_space;
|
|
|
|
sk->sk_state_change = lowcomms_state_change;
|
|
|
|
sk->sk_allocation = GFP_NOFS;
|
|
|
|
sk->sk_error_report = lowcomms_error_report;
|
|
|
|
write_unlock_bh(&sk->sk_callback_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Add the port number to an IPv6 or 4 sockaddr and return the address
|
2006-11-02 16:19:21 +00:00
|
|
|
length */
|
|
|
|
static void make_sockaddr(struct sockaddr_storage *saddr, uint16_t port,
|
|
|
|
int *addr_len)
|
|
|
|
{
|
2007-04-17 14:39:57 +00:00
|
|
|
saddr->ss_family = dlm_local_addr[0]->ss_family;
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
if (saddr->ss_family == AF_INET) {
|
2006-11-02 16:19:21 +00:00
|
|
|
struct sockaddr_in *in4_addr = (struct sockaddr_in *)saddr;
|
|
|
|
in4_addr->sin_port = cpu_to_be16(port);
|
|
|
|
*addr_len = sizeof(struct sockaddr_in);
|
2007-04-17 14:39:57 +00:00
|
|
|
memset(&in4_addr->sin_zero, 0, sizeof(in4_addr->sin_zero));
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
} else {
|
2006-11-02 16:19:21 +00:00
|
|
|
struct sockaddr_in6 *in6_addr = (struct sockaddr_in6 *)saddr;
|
|
|
|
in6_addr->sin6_port = cpu_to_be16(port);
|
|
|
|
*addr_len = sizeof(struct sockaddr_in6);
|
|
|
|
}
|
2007-07-17 15:53:15 +00:00
|
|
|
memset((char *)saddr + *addr_len, 0, sizeof(struct sockaddr_storage) - *addr_len);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/* Close a remote connection and tidy up */
|
2015-08-11 22:22:21 +00:00
|
|
|
static void close_connection(struct connection *con, bool and_other,
|
|
|
|
bool tx, bool rx)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2017-09-12 08:55:50 +00:00
|
|
|
bool closing = test_and_set_bit(CF_CLOSING, &con->flags);
|
|
|
|
|
2017-09-12 09:02:02 +00:00
|
|
|
if (tx && !closing && cancel_work_sync(&con->swork)) {
|
2015-08-11 22:22:21 +00:00
|
|
|
log_print("canceled swork for node %d", con->nodeid);
|
2017-09-12 09:02:02 +00:00
|
|
|
clear_bit(CF_WRITE_PENDING, &con->flags);
|
|
|
|
}
|
|
|
|
if (rx && !closing && cancel_work_sync(&con->rwork)) {
|
2015-08-11 22:22:21 +00:00
|
|
|
log_print("canceled rwork for node %d", con->nodeid);
|
2017-09-12 09:02:02 +00:00
|
|
|
clear_bit(CF_READ_PENDING, &con->flags);
|
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2015-08-11 22:22:21 +00:00
|
|
|
mutex_lock(&con->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (con->sock) {
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
restore_callbacks(con->sock);
|
2006-11-02 16:19:21 +00:00
|
|
|
sock_release(con->sock);
|
|
|
|
con->sock = NULL;
|
|
|
|
}
|
|
|
|
if (con->othercon && and_other) {
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
/* Will only re-enter once. */
|
2015-08-11 22:22:21 +00:00
|
|
|
close_connection(con->othercon, false, true, true);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
2007-08-02 13:58:14 +00:00
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
con->rx_leftover = 0;
|
2007-08-20 14:13:38 +00:00
|
|
|
con->retries = 0;
|
2020-11-03 01:04:20 +00:00
|
|
|
clear_bit(CF_CONNECTED, &con->flags);
|
2007-08-20 14:13:38 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2017-09-12 08:55:50 +00:00
|
|
|
clear_bit(CF_CLOSING, &con->flags);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2020-07-27 13:13:38 +00:00
|
|
|
static void shutdown_connection(struct connection *con)
|
|
|
|
{
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
if (cancel_work_sync(&con->swork)) {
|
|
|
|
log_print("canceled swork for node %d", con->nodeid);
|
|
|
|
clear_bit(CF_WRITE_PENDING, &con->flags);
|
|
|
|
}
|
|
|
|
|
|
|
|
mutex_lock(&con->sock_mutex);
|
|
|
|
/* nothing to shutdown */
|
|
|
|
if (!con->sock) {
|
|
|
|
mutex_unlock(&con->sock_mutex);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
set_bit(CF_SHUTDOWN, &con->flags);
|
|
|
|
ret = kernel_sock_shutdown(con->sock, SHUT_WR);
|
|
|
|
mutex_unlock(&con->sock_mutex);
|
|
|
|
if (ret) {
|
|
|
|
log_print("Connection %p failed to shutdown: %d will force close",
|
|
|
|
con, ret);
|
|
|
|
goto force_close;
|
|
|
|
} else {
|
|
|
|
ret = wait_event_timeout(con->shutdown_wait,
|
|
|
|
!test_bit(CF_SHUTDOWN, &con->flags),
|
|
|
|
DLM_SHUTDOWN_WAIT_TIMEOUT);
|
|
|
|
if (ret == 0) {
|
|
|
|
log_print("Connection %p shutdown timed out, will force close",
|
|
|
|
con);
|
|
|
|
goto force_close;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
force_close:
|
|
|
|
clear_bit(CF_SHUTDOWN, &con->flags);
|
|
|
|
close_connection(con, false, true, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void dlm_tcp_shutdown(struct connection *con)
|
|
|
|
{
|
|
|
|
if (con->othercon)
|
|
|
|
shutdown_connection(con->othercon);
|
|
|
|
shutdown_connection(con);
|
|
|
|
}
|
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
static int con_realloc_receive_buf(struct connection *con, int newlen)
|
|
|
|
{
|
|
|
|
unsigned char *newbuf;
|
|
|
|
|
|
|
|
newbuf = kmalloc(newlen, GFP_NOFS);
|
|
|
|
if (!newbuf)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
/* copy any leftover from last receive */
|
|
|
|
if (con->rx_leftover)
|
|
|
|
memmove(newbuf, con->rx_buf, con->rx_leftover);
|
|
|
|
|
|
|
|
/* swap to new buffer space */
|
|
|
|
kfree(con->rx_buf);
|
|
|
|
con->rx_buflen = newlen;
|
|
|
|
con->rx_buf = newbuf;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
/* Data received from remote end */
|
|
|
|
static int receive_from_sock(struct connection *con)
|
|
|
|
{
|
|
|
|
int call_again_soon = 0;
|
2020-09-24 14:31:26 +00:00
|
|
|
struct msghdr msg;
|
|
|
|
struct kvec iov;
|
|
|
|
int ret, buflen;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_lock(&con->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-02-01 16:46:33 +00:00
|
|
|
if (con->sock == NULL) {
|
|
|
|
ret = -EAGAIN;
|
|
|
|
goto out_close;
|
|
|
|
}
|
2020-09-24 14:31:26 +00:00
|
|
|
|
2015-08-11 22:22:24 +00:00
|
|
|
if (con->nodeid == 0) {
|
|
|
|
ret = -EINVAL;
|
|
|
|
goto out_close;
|
|
|
|
}
|
2007-02-01 16:46:33 +00:00
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
/* realloc if we get new buffer size to read out */
|
|
|
|
buflen = dlm_config.ci_buffer_size;
|
|
|
|
if (con->rx_buflen != buflen && con->rx_leftover <= buflen) {
|
|
|
|
ret = con_realloc_receive_buf(con, buflen);
|
|
|
|
if (ret < 0)
|
2006-11-02 16:19:21 +00:00
|
|
|
goto out_resched;
|
|
|
|
}
|
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
/* calculate new buffer parameter regarding last receive and
|
|
|
|
* possible leftover bytes
|
2006-11-02 16:19:21 +00:00
|
|
|
*/
|
2020-09-24 14:31:26 +00:00
|
|
|
iov.iov_base = con->rx_buf + con->rx_leftover;
|
|
|
|
iov.iov_len = con->rx_buflen - con->rx_leftover;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
memset(&msg, 0, sizeof(msg));
|
|
|
|
msg.msg_flags = MSG_DONTWAIT | MSG_NOSIGNAL;
|
|
|
|
ret = kernel_recvmsg(con->sock, &msg, &iov, 1, iov.iov_len,
|
|
|
|
msg.msg_flags);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (ret <= 0)
|
|
|
|
goto out_close;
|
2020-09-24 14:31:26 +00:00
|
|
|
else if (ret == iov.iov_len)
|
2015-08-11 22:22:23 +00:00
|
|
|
call_again_soon = 1;
|
2007-01-22 14:51:33 +00:00
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
/* new buflen according readed bytes and leftover from last receive */
|
|
|
|
buflen = ret + con->rx_leftover;
|
|
|
|
ret = dlm_process_incoming_buffer(con->nodeid, con->rx_buf, buflen);
|
|
|
|
if (ret < 0)
|
|
|
|
goto out_close;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
/* calculate leftover bytes from process and put it into begin of
|
|
|
|
* the receive buffer, so next receive we have the full message
|
|
|
|
* at the start address of the receive buffer.
|
|
|
|
*/
|
|
|
|
con->rx_leftover = buflen - ret;
|
|
|
|
if (con->rx_leftover) {
|
|
|
|
memmove(con->rx_buf, con->rx_buf + ret,
|
|
|
|
con->rx_leftover);
|
|
|
|
call_again_soon = true;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if (call_again_soon)
|
|
|
|
goto out_resched;
|
2020-09-24 14:31:26 +00:00
|
|
|
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
return 0;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out_resched:
|
2007-01-15 14:33:34 +00:00
|
|
|
if (!test_and_set_bit(CF_READ_PENDING, &con->flags))
|
|
|
|
queue_work(recv_workqueue, &con->rwork);
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2007-01-22 14:51:33 +00:00
|
|
|
return -EAGAIN;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out_close:
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2007-08-02 13:58:14 +00:00
|
|
|
if (ret != -EAGAIN) {
|
2006-11-02 16:19:21 +00:00
|
|
|
/* Reconnect when there is something to send */
|
2020-07-27 13:13:38 +00:00
|
|
|
close_connection(con, false, true, false);
|
|
|
|
if (ret == 0) {
|
|
|
|
log_print("connection %p got EOF from %d",
|
|
|
|
con, con->nodeid);
|
|
|
|
/* handling for tcp shutdown */
|
|
|
|
clear_bit(CF_SHUTDOWN, &con->flags);
|
|
|
|
wake_up(&con->shutdown_wait);
|
|
|
|
/* signal to breaking receive worker */
|
|
|
|
ret = -1;
|
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
return ret;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Listening socket is busy, accept a connection */
|
2020-05-27 18:22:28 +00:00
|
|
|
static int accept_from_sock(struct connection *con)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
|
|
|
int result;
|
|
|
|
struct sockaddr_storage peeraddr;
|
|
|
|
struct socket *newsock;
|
|
|
|
int len;
|
|
|
|
int nodeid;
|
|
|
|
struct connection *newcon;
|
2007-01-22 14:51:33 +00:00
|
|
|
struct connection *addcon;
|
2020-09-24 14:31:23 +00:00
|
|
|
unsigned int mark;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2012-03-30 16:46:08 +00:00
|
|
|
if (!dlm_allow_conn) {
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_lock_nested(&con->sock_mutex, 0);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2017-09-12 09:01:38 +00:00
|
|
|
if (!con->sock) {
|
|
|
|
mutex_unlock(&con->sock_mutex);
|
|
|
|
return -ENOTCONN;
|
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2017-09-12 09:01:38 +00:00
|
|
|
result = kernel_accept(con->sock, &newsock, O_NONBLOCK);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (result < 0)
|
|
|
|
goto accept_err;
|
|
|
|
|
|
|
|
/* Get the connected socket's peer */
|
|
|
|
memset(&peeraddr, 0, sizeof(peeraddr));
|
2018-02-12 19:00:20 +00:00
|
|
|
len = newsock->ops->getname(newsock, (struct sockaddr *)&peeraddr, 2);
|
|
|
|
if (len < 0) {
|
2006-11-02 16:19:21 +00:00
|
|
|
result = -ECONNABORTED;
|
|
|
|
goto accept_err;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Get the new node's NODEID */
|
|
|
|
make_sockaddr(&peeraddr, 0, &len);
|
2012-07-26 17:44:30 +00:00
|
|
|
if (addr_to_nodeid(&peeraddr, &nodeid)) {
|
2011-07-04 03:25:51 +00:00
|
|
|
unsigned char *b=(unsigned char *)&peeraddr;
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("connect from non cluster node");
|
2011-07-04 03:25:51 +00:00
|
|
|
print_hex_dump_bytes("ss: ", DUMP_PREFIX_NONE,
|
|
|
|
b, sizeof(struct sockaddr_storage));
|
2006-11-02 16:19:21 +00:00
|
|
|
sock_release(newsock);
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
2020-09-24 14:31:23 +00:00
|
|
|
dlm_comm_mark(nodeid, &mark);
|
|
|
|
sock_set_mark(newsock->sk, mark);
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
log_print("got connection from %d", nodeid);
|
|
|
|
|
|
|
|
/* Check to see if we already have a connection to this node. This
|
|
|
|
* could happen if the two nodes initiate a connection at roughly
|
|
|
|
* the same time and the connections cross on the wire.
|
|
|
|
* In this case we store the incoming one in "othercon"
|
|
|
|
*/
|
2009-05-15 15:50:57 +00:00
|
|
|
newcon = nodeid2con(nodeid, GFP_NOFS);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (!newcon) {
|
|
|
|
result = -ENOMEM;
|
|
|
|
goto accept_err;
|
|
|
|
}
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_lock_nested(&newcon->sock_mutex, 1);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (newcon->sock) {
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
struct connection *othercon = newcon->othercon;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
if (!othercon) {
|
2020-08-27 19:02:49 +00:00
|
|
|
othercon = kzalloc(sizeof(*othercon), GFP_NOFS);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (!othercon) {
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("failed to allocate incoming socket");
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&newcon->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
result = -ENOMEM;
|
|
|
|
goto accept_err;
|
|
|
|
}
|
2020-09-24 14:31:26 +00:00
|
|
|
|
2020-11-03 01:04:21 +00:00
|
|
|
result = dlm_con_init(othercon, nodeid);
|
|
|
|
if (result < 0) {
|
2020-09-24 14:31:26 +00:00
|
|
|
kfree(othercon);
|
|
|
|
goto accept_err;
|
|
|
|
}
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
set_bit(CF_IS_OTHERCON, &othercon->flags);
|
2020-11-03 01:04:21 +00:00
|
|
|
newcon->othercon = othercon;
|
2020-07-27 13:13:37 +00:00
|
|
|
} else {
|
|
|
|
/* close other sock con if we have something new */
|
|
|
|
close_connection(othercon, false, true, false);
|
2007-08-20 14:13:38 +00:00
|
|
|
}
|
2020-07-27 13:13:37 +00:00
|
|
|
|
2017-09-12 08:56:00 +00:00
|
|
|
mutex_lock_nested(&othercon->sock_mutex, 2);
|
2020-07-27 13:13:37 +00:00
|
|
|
add_sock(newsock, othercon);
|
|
|
|
addcon = othercon;
|
|
|
|
mutex_unlock(&othercon->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
newcon->rx_action = receive_from_sock;
|
2016-09-23 18:23:26 +00:00
|
|
|
/* accept copies the sk after we've saved the callbacks, so we
|
|
|
|
don't want to save them a second time or comm errors will
|
|
|
|
result in calling sk_error_report recursively. */
|
2017-09-12 08:55:32 +00:00
|
|
|
add_sock(newsock, newcon);
|
2007-01-22 14:51:33 +00:00
|
|
|
addcon = newcon;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&newcon->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Add it to the active queue in case we got data
|
2011-03-31 01:57:33 +00:00
|
|
|
* between processing the accept adding the socket
|
2006-11-02 16:19:21 +00:00
|
|
|
* to the read_sockets list
|
|
|
|
*/
|
2007-01-22 14:51:33 +00:00
|
|
|
if (!test_and_set_bit(CF_READ_PENDING, &addcon->flags))
|
|
|
|
queue_work(recv_workqueue, &addcon->rwork);
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
accept_err:
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2017-09-12 09:01:38 +00:00
|
|
|
if (newsock)
|
|
|
|
sock_release(newsock);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
if (result != -EAGAIN)
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("error accepting connection from node: %d", result);
|
2006-11-02 16:19:21 +00:00
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
static void free_entry(struct writequeue_entry *e)
|
|
|
|
{
|
|
|
|
__free_page(e->page);
|
|
|
|
kfree(e);
|
|
|
|
}
|
|
|
|
|
2013-06-14 09:56:13 +00:00
|
|
|
/*
|
|
|
|
* writequeue_entry_complete - try to delete and free write queue entry
|
|
|
|
* @e: write queue entry to try to delete
|
|
|
|
* @completed: bytes completed
|
|
|
|
*
|
|
|
|
* writequeue_lock must be held.
|
|
|
|
*/
|
|
|
|
static void writequeue_entry_complete(struct writequeue_entry *e, int completed)
|
|
|
|
{
|
|
|
|
e->offset += completed;
|
|
|
|
e->len -= completed;
|
|
|
|
|
|
|
|
if (e->len == 0 && e->users == 0) {
|
|
|
|
list_del(&e->list);
|
|
|
|
free_entry(e);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
/*
|
|
|
|
* sctp_bind_addrs - bind a SCTP socket to all our addresses
|
|
|
|
*/
|
|
|
|
static int sctp_bind_addrs(struct connection *con, uint16_t port)
|
|
|
|
{
|
|
|
|
struct sockaddr_storage localaddr;
|
2020-05-29 12:09:42 +00:00
|
|
|
struct sockaddr *addr = (struct sockaddr *)&localaddr;
|
2015-08-11 22:22:23 +00:00
|
|
|
int i, addr_len, result = 0;
|
|
|
|
|
|
|
|
for (i = 0; i < dlm_local_count; i++) {
|
|
|
|
memcpy(&localaddr, dlm_local_addr[i], sizeof(localaddr));
|
|
|
|
make_sockaddr(&localaddr, port, &addr_len);
|
|
|
|
|
|
|
|
if (!i)
|
2020-05-29 12:09:42 +00:00
|
|
|
result = kernel_bind(con->sock, addr, addr_len);
|
2015-08-11 22:22:23 +00:00
|
|
|
else
|
2020-05-29 12:09:42 +00:00
|
|
|
result = sock_bind_add(con->sock->sk, addr, addr_len);
|
2015-08-11 22:22:23 +00:00
|
|
|
|
|
|
|
if (result < 0) {
|
|
|
|
log_print("Can't bind to %d addr number %d, %d.\n",
|
|
|
|
port, i + 1, result);
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Initiate an SCTP association.
|
|
|
|
This is a special case of send_to_sock() in that we don't yet have a
|
|
|
|
peeled-off socket for this association, so we use the listening socket
|
|
|
|
and add the primary IP address of the remote node.
|
|
|
|
*/
|
2015-08-11 22:22:23 +00:00
|
|
|
static void sctp_connect_to_sock(struct connection *con)
|
2007-04-17 14:39:57 +00:00
|
|
|
{
|
2015-08-11 22:22:23 +00:00
|
|
|
struct sockaddr_storage daddr;
|
|
|
|
int result;
|
|
|
|
int addr_len;
|
|
|
|
struct socket *sock;
|
2020-06-26 17:26:50 +00:00
|
|
|
unsigned int mark;
|
2015-08-11 22:22:23 +00:00
|
|
|
|
|
|
|
if (con->nodeid == 0) {
|
|
|
|
log_print("attempt to connect sock 0 foiled");
|
|
|
|
return;
|
|
|
|
}
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2020-09-24 14:31:23 +00:00
|
|
|
dlm_comm_mark(con->nodeid, &mark);
|
2020-09-24 14:31:22 +00:00
|
|
|
|
2013-06-14 09:56:13 +00:00
|
|
|
mutex_lock(&con->sock_mutex);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
/* Some odd races can cause double-connects, ignore them */
|
|
|
|
if (con->retries++ > MAX_CONNECT_RETRIES)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (con->sock) {
|
|
|
|
log_print("node %d already connected.", con->nodeid);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
memset(&daddr, 0, sizeof(daddr));
|
|
|
|
result = nodeid_to_addr(con->nodeid, &daddr, NULL, true);
|
|
|
|
if (result < 0) {
|
2007-04-17 14:39:57 +00:00
|
|
|
log_print("no address for nodeid %d", con->nodeid);
|
2015-08-11 22:22:23 +00:00
|
|
|
goto out;
|
2007-04-17 14:39:57 +00:00
|
|
|
}
|
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
/* Create a socket to communicate with */
|
|
|
|
result = sock_create_kern(&init_net, dlm_local_addr[0]->ss_family,
|
|
|
|
SOCK_STREAM, IPPROTO_SCTP, &sock);
|
|
|
|
if (result < 0)
|
|
|
|
goto socket_err;
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2020-06-26 17:26:50 +00:00
|
|
|
sock_set_mark(sock->sk, mark);
|
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
con->rx_action = receive_from_sock;
|
2017-09-12 08:55:32 +00:00
|
|
|
add_sock(sock, con);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
/* Bind to all addresses. */
|
|
|
|
if (sctp_bind_addrs(con, 0))
|
|
|
|
goto bind_err;
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
make_sockaddr(&daddr, dlm_config.ci_tcp_port, &addr_len);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
log_print("connecting to %d", con->nodeid);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
/* Turn off Nagle's algorithm */
|
2020-05-29 12:09:40 +00:00
|
|
|
sctp_sock_set_nodelay(sock->sk);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
dlm: make sctp_connect_to_sock() return in specified time
When the user setup a two-ring cluster, DLM kernel module
will automatically selects to use SCTP protocol to communicate
between each node. There will be about 5 minute hang in DLM
kernel module, in case one ring is broken before switching to
another ring, this will potentially affect the dependent upper
applications, e.g. ocfs2, gfs2, clvm and clustered-MD, etc.
Unfortunately, if the user setup a two-ring cluster, we can not
specify DLM communication protocol with TCP explicitly, since
DLM kernel module only supports SCTP protocol for multiple
ring cluster.
Base on my investigation, the time is spent in sock->ops->connect()
function before returns ETIMEDOUT(-110) error, since O_NONBLOCK
argument in connect() function does not work here, then we should
make sock->ops->connect() function return in specified time via
setting socket SO_SNDTIMEO atrribute.
Signed-off-by: Gang He <ghe@suse.com>
Signed-off-by: David Teigland <teigland@redhat.com>
2018-05-02 15:28:35 +00:00
|
|
|
/*
|
|
|
|
* Make sock->ops->connect() function return in specified time,
|
|
|
|
* since O_NONBLOCK argument in connect() function does not work here,
|
|
|
|
* then, we should restore the default value of this attribute.
|
|
|
|
*/
|
2020-05-28 05:12:12 +00:00
|
|
|
sock_set_sndtimeo(sock->sk, 5);
|
2015-08-11 22:22:23 +00:00
|
|
|
result = sock->ops->connect(sock, (struct sockaddr *)&daddr, addr_len,
|
dlm: remove O_NONBLOCK flag in sctp_connect_to_sock
We should remove O_NONBLOCK flag when calling sock->ops->connect()
in sctp_connect_to_sock() function.
Why?
1. up to now, sctp socket connect() function ignores the flag argument,
that means O_NONBLOCK flag does not take effect, then we should remove
it to avoid the confusion (but is not urgent).
2. for the future, there will be a patch to fix this problem, then the flag
argument will take effect, the patch has been queued at https://git.kernel.o
rg/pub/scm/linux/kernel/git/davem/net.git/commit/net/sctp?id=644fbdeacf1d3ed
d366e44b8ba214de9d1dd66a9.
But, the O_NONBLOCK flag will make sock->ops->connect() directly return
without any wait time, then the connection will not be established, DLM kernel
module will call sock->ops->connect() again and again, the bad results are,
CPU usage is almost 100%, even trigger soft_lockup problem if the related
configurations are enabled,
DLM kernel module also prints lots of messages like,
[Fri Apr 27 11:23:43 2018] dlm: connecting to 172167592
[Fri Apr 27 11:23:43 2018] dlm: connecting to 172167592
[Fri Apr 27 11:23:43 2018] dlm: connecting to 172167592
[Fri Apr 27 11:23:43 2018] dlm: connecting to 172167592
The upper application (e.g. ocfs2 mount command) is hanged at new_lockspace(),
the whole backtrace is as below,
tb0307-nd2:~ # cat /proc/2935/stack
[<0>] new_lockspace+0x957/0xac0 [dlm]
[<0>] dlm_new_lockspace+0xae/0x140 [dlm]
[<0>] user_cluster_connect+0xc3/0x3a0 [ocfs2_stack_user]
[<0>] ocfs2_cluster_connect+0x144/0x220 [ocfs2_stackglue]
[<0>] ocfs2_dlm_init+0x215/0x440 [ocfs2]
[<0>] ocfs2_fill_super+0xcb0/0x1290 [ocfs2]
[<0>] mount_bdev+0x173/0x1b0
[<0>] mount_fs+0x35/0x150
[<0>] vfs_kern_mount.part.23+0x54/0x100
[<0>] do_mount+0x59a/0xc40
[<0>] SyS_mount+0x80/0xd0
[<0>] do_syscall_64+0x76/0x140
[<0>] entry_SYSCALL_64_after_hwframe+0x42/0xb7
[<0>] 0xffffffffffffffff
So, I think we should remove O_NONBLOCK flag here, since DLM kernel module can
not handle non-block sockect in connect() properly.
Signed-off-by: Gang He <ghe@suse.com>
Signed-off-by: David Teigland <teigland@redhat.com>
2018-05-29 03:09:22 +00:00
|
|
|
0);
|
2020-05-28 05:12:12 +00:00
|
|
|
sock_set_sndtimeo(sock->sk, 0);
|
dlm: make sctp_connect_to_sock() return in specified time
When the user setup a two-ring cluster, DLM kernel module
will automatically selects to use SCTP protocol to communicate
between each node. There will be about 5 minute hang in DLM
kernel module, in case one ring is broken before switching to
another ring, this will potentially affect the dependent upper
applications, e.g. ocfs2, gfs2, clvm and clustered-MD, etc.
Unfortunately, if the user setup a two-ring cluster, we can not
specify DLM communication protocol with TCP explicitly, since
DLM kernel module only supports SCTP protocol for multiple
ring cluster.
Base on my investigation, the time is spent in sock->ops->connect()
function before returns ETIMEDOUT(-110) error, since O_NONBLOCK
argument in connect() function does not work here, then we should
make sock->ops->connect() function return in specified time via
setting socket SO_SNDTIMEO atrribute.
Signed-off-by: Gang He <ghe@suse.com>
Signed-off-by: David Teigland <teigland@redhat.com>
2018-05-02 15:28:35 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
if (result == -EINPROGRESS)
|
|
|
|
result = 0;
|
2020-11-03 01:04:20 +00:00
|
|
|
if (result == 0) {
|
|
|
|
if (!test_and_set_bit(CF_CONNECTED, &con->flags))
|
|
|
|
log_print("successful connected to node %d", con->nodeid);
|
2015-08-11 22:22:23 +00:00
|
|
|
goto out;
|
2020-11-03 01:04:20 +00:00
|
|
|
}
|
2013-06-14 09:56:12 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
bind_err:
|
|
|
|
con->sock = NULL;
|
|
|
|
sock_release(sock);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
socket_err:
|
|
|
|
/*
|
|
|
|
* Some errors are fatal and this list might need adjusting. For other
|
|
|
|
* errors we try again until the max number of retries is reached.
|
|
|
|
*/
|
|
|
|
if (result != -EHOSTUNREACH &&
|
|
|
|
result != -ENETUNREACH &&
|
|
|
|
result != -ENETDOWN &&
|
|
|
|
result != -EINVAL &&
|
|
|
|
result != -EPROTONOSUPPORT) {
|
|
|
|
log_print("connect %d try %d error %d", con->nodeid,
|
|
|
|
con->retries, result);
|
|
|
|
mutex_unlock(&con->sock_mutex);
|
|
|
|
msleep(1000);
|
|
|
|
lowcomms_connect_sock(con);
|
|
|
|
return;
|
2007-04-17 14:39:57 +00:00
|
|
|
}
|
2013-06-14 09:56:13 +00:00
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
out:
|
2013-06-14 09:56:13 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2007-04-17 14:39:57 +00:00
|
|
|
}
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
/* Connect a new socket to its peer */
|
2007-04-17 14:39:57 +00:00
|
|
|
static void tcp_connect_to_sock(struct connection *con)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2007-10-25 22:51:54 +00:00
|
|
|
struct sockaddr_storage saddr, src_addr;
|
2006-11-02 16:19:21 +00:00
|
|
|
int addr_len;
|
2009-07-14 17:17:51 +00:00
|
|
|
struct socket *sock = NULL;
|
2020-06-26 17:26:50 +00:00
|
|
|
unsigned int mark;
|
2012-07-26 17:44:30 +00:00
|
|
|
int result;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
if (con->nodeid == 0) {
|
|
|
|
log_print("attempt to connect sock 0 foiled");
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
return;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2020-09-24 14:31:23 +00:00
|
|
|
dlm_comm_mark(con->nodeid, &mark);
|
2020-09-24 14:31:22 +00:00
|
|
|
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_lock(&con->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (con->retries++ > MAX_CONNECT_RETRIES)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/* Some odd races can cause double-connects, ignore them */
|
2012-07-26 17:44:30 +00:00
|
|
|
if (con->sock)
|
2006-11-02 16:19:21 +00:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
/* Create a socket to communicate with */
|
2015-05-09 02:08:05 +00:00
|
|
|
result = sock_create_kern(&init_net, dlm_local_addr[0]->ss_family,
|
|
|
|
SOCK_STREAM, IPPROTO_TCP, &sock);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (result < 0)
|
|
|
|
goto out_err;
|
|
|
|
|
2020-06-26 17:26:50 +00:00
|
|
|
sock_set_mark(sock->sk, mark);
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
memset(&saddr, 0, sizeof(saddr));
|
2013-06-14 09:56:12 +00:00
|
|
|
result = nodeid_to_addr(con->nodeid, &saddr, NULL, false);
|
2012-07-26 17:44:30 +00:00
|
|
|
if (result < 0) {
|
|
|
|
log_print("no address for nodeid %d", con->nodeid);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
goto out_err;
|
2012-07-26 17:44:30 +00:00
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
con->rx_action = receive_from_sock;
|
2020-07-27 13:13:38 +00:00
|
|
|
con->shutdown_action = dlm_tcp_shutdown;
|
2017-09-12 08:55:32 +00:00
|
|
|
add_sock(sock, con);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-10-25 22:51:54 +00:00
|
|
|
/* Bind to our cluster-known address connecting to avoid
|
|
|
|
routing problems */
|
|
|
|
memcpy(&src_addr, dlm_local_addr[0], sizeof(src_addr));
|
|
|
|
make_sockaddr(&src_addr, 0, &addr_len);
|
|
|
|
result = sock->ops->bind(sock, (struct sockaddr *) &src_addr,
|
|
|
|
addr_len);
|
|
|
|
if (result < 0) {
|
|
|
|
log_print("could not bind for connect: %d", result);
|
|
|
|
/* This *may* not indicate a critical error */
|
|
|
|
}
|
|
|
|
|
2007-01-09 15:41:48 +00:00
|
|
|
make_sockaddr(&saddr, dlm_config.ci_tcp_port, &addr_len);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
log_print("connecting to %d", con->nodeid);
|
2010-11-12 17:12:55 +00:00
|
|
|
|
|
|
|
/* Turn off Nagle's algorithm */
|
2020-05-28 05:12:19 +00:00
|
|
|
tcp_sock_set_nodelay(sock->sk);
|
2010-11-12 17:12:55 +00:00
|
|
|
|
2012-07-26 17:44:30 +00:00
|
|
|
result = sock->ops->connect(sock, (struct sockaddr *)&saddr, addr_len,
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
O_NONBLOCK);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (result == -EINPROGRESS)
|
|
|
|
result = 0;
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
if (result == 0)
|
|
|
|
goto out;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out_err:
|
2006-11-02 16:19:21 +00:00
|
|
|
if (con->sock) {
|
|
|
|
sock_release(con->sock);
|
|
|
|
con->sock = NULL;
|
2009-07-14 17:17:51 +00:00
|
|
|
} else if (sock) {
|
|
|
|
sock_release(sock);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
/*
|
|
|
|
* Some errors are fatal and this list might need adjusting. For other
|
|
|
|
* errors we try again until the max number of retries is reached.
|
|
|
|
*/
|
2012-07-26 17:44:30 +00:00
|
|
|
if (result != -EHOSTUNREACH &&
|
|
|
|
result != -ENETUNREACH &&
|
|
|
|
result != -ENETDOWN &&
|
|
|
|
result != -EINVAL &&
|
|
|
|
result != -EPROTONOSUPPORT) {
|
|
|
|
log_print("connect %d try %d error %d", con->nodeid,
|
|
|
|
con->retries, result);
|
|
|
|
mutex_unlock(&con->sock_mutex);
|
|
|
|
msleep(1000);
|
2006-11-02 16:19:21 +00:00
|
|
|
lowcomms_connect_sock(con);
|
2012-07-26 17:44:30 +00:00
|
|
|
return;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out:
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
return;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
static struct socket *tcp_create_listen_sock(struct connection *con,
|
|
|
|
struct sockaddr_storage *saddr)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
struct socket *sock = NULL;
|
2006-11-02 16:19:21 +00:00
|
|
|
int result = 0;
|
|
|
|
int addr_len;
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
if (dlm_local_addr[0]->ss_family == AF_INET)
|
2006-11-02 16:19:21 +00:00
|
|
|
addr_len = sizeof(struct sockaddr_in);
|
|
|
|
else
|
|
|
|
addr_len = sizeof(struct sockaddr_in6);
|
|
|
|
|
|
|
|
/* Create a socket to communicate with */
|
2015-05-09 02:08:05 +00:00
|
|
|
result = sock_create_kern(&init_net, dlm_local_addr[0]->ss_family,
|
|
|
|
SOCK_STREAM, IPPROTO_TCP, &sock);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (result < 0) {
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("Can't create listening comms socket");
|
2006-11-02 16:19:21 +00:00
|
|
|
goto create_out;
|
|
|
|
}
|
|
|
|
|
2020-06-26 17:26:49 +00:00
|
|
|
sock_set_mark(sock->sk, dlm_config.ci_mark);
|
|
|
|
|
2010-11-12 17:12:55 +00:00
|
|
|
/* Turn off Nagle's algorithm */
|
2020-05-28 05:12:19 +00:00
|
|
|
tcp_sock_set_nodelay(sock->sk);
|
2010-11-12 17:12:55 +00:00
|
|
|
|
2020-05-28 05:12:09 +00:00
|
|
|
sock_set_reuseaddr(sock->sk);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2017-09-12 09:01:55 +00:00
|
|
|
write_lock_bh(&sock->sk->sk_callback_lock);
|
2016-02-05 19:39:02 +00:00
|
|
|
sock->sk->sk_user_data = con;
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
save_listen_callbacks(sock);
|
2020-05-27 18:22:28 +00:00
|
|
|
con->rx_action = accept_from_sock;
|
2017-09-12 09:01:55 +00:00
|
|
|
write_unlock_bh(&sock->sk->sk_callback_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
/* Bind to our port */
|
2007-01-09 15:41:48 +00:00
|
|
|
make_sockaddr(saddr, dlm_config.ci_tcp_port, &addr_len);
|
2006-11-02 16:19:21 +00:00
|
|
|
result = sock->ops->bind(sock, (struct sockaddr *) saddr, addr_len);
|
|
|
|
if (result < 0) {
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("Can't bind to port %d", dlm_config.ci_tcp_port);
|
2006-11-02 16:19:21 +00:00
|
|
|
sock_release(sock);
|
|
|
|
sock = NULL;
|
|
|
|
con->sock = NULL;
|
|
|
|
goto create_out;
|
|
|
|
}
|
2020-05-28 05:12:15 +00:00
|
|
|
sock_set_keepalive(sock->sk);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
result = sock->ops->listen(sock, 5);
|
|
|
|
if (result < 0) {
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("Can't listen on port %d", dlm_config.ci_tcp_port);
|
2006-11-02 16:19:21 +00:00
|
|
|
sock_release(sock);
|
|
|
|
sock = NULL;
|
|
|
|
goto create_out;
|
|
|
|
}
|
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
create_out:
|
2006-11-02 16:19:21 +00:00
|
|
|
return sock;
|
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Get local addresses */
|
|
|
|
static void init_local(void)
|
|
|
|
{
|
|
|
|
struct sockaddr_storage sas, *addr;
|
|
|
|
int i;
|
|
|
|
|
2007-04-23 15:26:21 +00:00
|
|
|
dlm_local_count = 0;
|
2012-03-21 14:18:34 +00:00
|
|
|
for (i = 0; i < DLM_MAX_ADDR_COUNT; i++) {
|
2007-04-17 14:39:57 +00:00
|
|
|
if (dlm_our_addr(&sas, i))
|
|
|
|
break;
|
|
|
|
|
2016-06-23 04:52:01 +00:00
|
|
|
addr = kmemdup(&sas, sizeof(*addr), GFP_NOFS);
|
2007-04-17 14:39:57 +00:00
|
|
|
if (!addr)
|
|
|
|
break;
|
|
|
|
dlm_local_addr[dlm_local_count++] = addr;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-08-27 19:02:50 +00:00
|
|
|
static void deinit_local(void)
|
|
|
|
{
|
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < dlm_local_count; i++)
|
|
|
|
kfree(dlm_local_addr[i]);
|
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Initialise SCTP socket and bind to all interfaces */
|
|
|
|
static int sctp_listen_for_all(void)
|
|
|
|
{
|
|
|
|
struct socket *sock = NULL;
|
2015-08-11 22:22:23 +00:00
|
|
|
int result = -EINVAL;
|
2009-11-30 22:34:43 +00:00
|
|
|
struct connection *con = nodeid2con(0, GFP_NOFS);
|
2007-04-17 14:39:57 +00:00
|
|
|
|
|
|
|
if (!con)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
|
|
|
log_print("Using SCTP for communications");
|
|
|
|
|
2015-05-09 02:08:05 +00:00
|
|
|
result = sock_create_kern(&init_net, dlm_local_addr[0]->ss_family,
|
2015-08-11 22:22:23 +00:00
|
|
|
SOCK_STREAM, IPPROTO_SCTP, &sock);
|
2007-04-17 14:39:57 +00:00
|
|
|
if (result < 0) {
|
|
|
|
log_print("Can't create comms socket, check SCTP is loaded");
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2020-05-28 05:12:16 +00:00
|
|
|
sock_set_rcvbuf(sock->sk, NEEDED_RMEM);
|
2020-06-26 17:26:49 +00:00
|
|
|
sock_set_mark(sock->sk, dlm_config.ci_mark);
|
2020-05-29 12:09:40 +00:00
|
|
|
sctp_sock_set_nodelay(sock->sk);
|
2013-06-14 09:56:14 +00:00
|
|
|
|
2016-02-05 19:39:02 +00:00
|
|
|
write_lock_bh(&sock->sk->sk_callback_lock);
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Init con struct */
|
|
|
|
sock->sk->sk_user_data = con;
|
DLM: Fix saving of NULL callbacks
In a previous patch I noted that accept() often copies the struct
sock (sk) which overwrites the sock callbacks. However, in testing
we discovered that the dlm connection structures (con) are sometimes
deleted and recreated as connections come and go, and since they're
zeroed out by kmem_cache_zalloc, the saved callback pointers are
also initialized to zero. But with today's DLM code, the callbacks
are only saved when a socket is added.
During recovery testing, we discovered a common situation in which
the new con is initialized to zero, then a socket is added after
accept(). In this case, the sock's saved values are all NULL, but
the saved values are wiped out, due to accept(). Therefore, we
don't have a known good copy of the callbacks from which we can
restore.
Since the struct sock callbacks are always good after listen(),
this patch saves the known good values after listen(). These good
values are then used for subsequent restores.
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Reviewed-by: Tadashi Miyauchi <miyauchi@toshiba-tops.co.jp>
Signed-off-by: David Teigland <teigland@redhat.com>
2017-09-12 08:55:23 +00:00
|
|
|
save_listen_callbacks(sock);
|
2007-04-17 14:39:57 +00:00
|
|
|
con->sock = sock;
|
|
|
|
con->sock->sk->sk_data_ready = lowcomms_data_ready;
|
2020-05-27 18:22:28 +00:00
|
|
|
con->rx_action = accept_from_sock;
|
2007-04-17 14:39:57 +00:00
|
|
|
|
2016-02-05 19:39:02 +00:00
|
|
|
write_unlock_bh(&sock->sk->sk_callback_lock);
|
|
|
|
|
2015-08-11 22:22:23 +00:00
|
|
|
/* Bind to all addresses. */
|
|
|
|
if (sctp_bind_addrs(con, dlm_config.ci_tcp_port))
|
|
|
|
goto create_delsock;
|
2007-04-17 14:39:57 +00:00
|
|
|
|
|
|
|
result = sock->ops->listen(sock, 5);
|
|
|
|
if (result < 0) {
|
|
|
|
log_print("Can't set socket listening");
|
|
|
|
goto create_delsock;
|
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
create_delsock:
|
|
|
|
sock_release(sock);
|
|
|
|
con->sock = NULL;
|
|
|
|
out:
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int tcp_listen_for_all(void)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
|
|
|
struct socket *sock = NULL;
|
2009-11-30 22:34:43 +00:00
|
|
|
struct connection *con = nodeid2con(0, GFP_NOFS);
|
2006-11-02 16:19:21 +00:00
|
|
|
int result = -EINVAL;
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
if (!con)
|
|
|
|
return -ENOMEM;
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
/* We don't support multi-homed hosts */
|
2007-04-17 14:39:57 +00:00
|
|
|
if (dlm_local_addr[1] != NULL) {
|
2007-04-26 18:46:49 +00:00
|
|
|
log_print("TCP protocol can't handle multi-homed hosts, "
|
|
|
|
"try SCTP");
|
2007-04-17 14:39:57 +00:00
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
log_print("Using TCP for communications");
|
|
|
|
|
|
|
|
sock = tcp_create_listen_sock(con, dlm_local_addr[0]);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (sock) {
|
2017-09-12 08:55:32 +00:00
|
|
|
add_sock(sock, con);
|
2006-11-02 16:19:21 +00:00
|
|
|
result = 0;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
result = -EADDRINUSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return result;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
static struct writequeue_entry *new_writequeue_entry(struct connection *con,
|
|
|
|
gfp_t allocation)
|
|
|
|
{
|
|
|
|
struct writequeue_entry *entry;
|
|
|
|
|
|
|
|
entry = kmalloc(sizeof(struct writequeue_entry), allocation);
|
|
|
|
if (!entry)
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
entry->page = alloc_page(allocation);
|
|
|
|
if (!entry->page) {
|
|
|
|
kfree(entry);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
entry->offset = 0;
|
|
|
|
entry->len = 0;
|
|
|
|
entry->end = 0;
|
|
|
|
entry->users = 0;
|
|
|
|
entry->con = con;
|
|
|
|
|
|
|
|
return entry;
|
|
|
|
}
|
|
|
|
|
2007-04-26 18:46:49 +00:00
|
|
|
void *dlm_lowcomms_get_buffer(int nodeid, int len, gfp_t allocation, char **ppc)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
|
|
|
struct connection *con;
|
|
|
|
struct writequeue_entry *e;
|
|
|
|
int offset = 0;
|
|
|
|
|
2020-11-03 01:04:18 +00:00
|
|
|
if (len > LOWCOMMS_MAX_TX_BUFFER_LEN) {
|
|
|
|
BUILD_BUG_ON(PAGE_SIZE < LOWCOMMS_MAX_TX_BUFFER_LEN);
|
|
|
|
log_print("failed to allocate a buffer of size %d", len);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
con = nodeid2con(nodeid, allocation);
|
|
|
|
if (!con)
|
|
|
|
return NULL;
|
|
|
|
|
2007-01-02 17:08:54 +00:00
|
|
|
spin_lock(&con->writequeue_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
e = list_entry(con->writequeue.prev, struct writequeue_entry, list);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
if ((&e->list == &con->writequeue) ||
|
mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros
PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
ago with promise that one day it will be possible to implement page
cache with bigger chunks than PAGE_SIZE.
This promise never materialized. And unlikely will.
We have many places where PAGE_CACHE_SIZE assumed to be equal to
PAGE_SIZE. And it's constant source of confusion on whether
PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
especially on the border between fs and mm.
Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
breakage to be doable.
Let's stop pretending that pages in page cache are special. They are
not.
The changes are pretty straight-forward:
- <foo> << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- <foo> >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> <foo>;
- PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};
- page_cache_get() -> get_page();
- page_cache_release() -> put_page();
This patch contains automated changes generated with coccinelle using
script below. For some reason, coccinelle doesn't patch header files.
I've called spatch for them manually.
The only adjustment after coccinelle is revert of changes to
PAGE_CAHCE_ALIGN definition: we are going to drop it later.
There are few places in the code where coccinelle didn't reach. I'll
fix them manually in a separate patch. Comments and documentation also
will be addressed with the separate patch.
virtual patch
@@
expression E;
@@
- E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
expression E;
@@
- E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
+ E
@@
@@
- PAGE_CACHE_SHIFT
+ PAGE_SHIFT
@@
@@
- PAGE_CACHE_SIZE
+ PAGE_SIZE
@@
@@
- PAGE_CACHE_MASK
+ PAGE_MASK
@@
expression E;
@@
- PAGE_CACHE_ALIGN(E)
+ PAGE_ALIGN(E)
@@
expression E;
@@
- page_cache_get(E)
+ get_page(E)
@@
expression E;
@@
- page_cache_release(E)
+ put_page(E)
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
Acked-by: Michal Hocko <mhocko@suse.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-04-01 12:29:47 +00:00
|
|
|
(PAGE_SIZE - e->end < len)) {
|
2006-11-02 16:19:21 +00:00
|
|
|
e = NULL;
|
|
|
|
} else {
|
|
|
|
offset = e->end;
|
|
|
|
e->end += len;
|
2012-10-18 14:57:19 +00:00
|
|
|
e->users++;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
spin_unlock(&con->writequeue_lock);
|
|
|
|
|
|
|
|
if (e) {
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
got_one:
|
2006-11-02 16:19:21 +00:00
|
|
|
*ppc = page_address(e->page) + offset;
|
|
|
|
return e;
|
|
|
|
}
|
|
|
|
|
|
|
|
e = new_writequeue_entry(con, allocation);
|
|
|
|
if (e) {
|
|
|
|
spin_lock(&con->writequeue_lock);
|
|
|
|
offset = e->end;
|
|
|
|
e->end += len;
|
2012-10-18 14:57:19 +00:00
|
|
|
e->users++;
|
2006-11-02 16:19:21 +00:00
|
|
|
list_add_tail(&e->list, &con->writequeue);
|
|
|
|
spin_unlock(&con->writequeue_lock);
|
|
|
|
goto got_one;
|
|
|
|
}
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
void dlm_lowcomms_commit_buffer(void *mh)
|
|
|
|
{
|
|
|
|
struct writequeue_entry *e = (struct writequeue_entry *)mh;
|
|
|
|
struct connection *con = e->con;
|
|
|
|
int users;
|
|
|
|
|
2007-01-02 17:08:54 +00:00
|
|
|
spin_lock(&con->writequeue_lock);
|
2006-11-02 16:19:21 +00:00
|
|
|
users = --e->users;
|
|
|
|
if (users)
|
|
|
|
goto out;
|
|
|
|
e->len = e->end - e->offset;
|
|
|
|
spin_unlock(&con->writequeue_lock);
|
|
|
|
|
2017-09-12 08:55:14 +00:00
|
|
|
queue_work(send_workqueue, &con->swork);
|
2006-11-02 16:19:21 +00:00
|
|
|
return;
|
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out:
|
2006-11-02 16:19:21 +00:00
|
|
|
spin_unlock(&con->writequeue_lock);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Send a message */
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
static void send_to_sock(struct connection *con)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
|
|
|
int ret = 0;
|
|
|
|
const int msg_flags = MSG_DONTWAIT | MSG_NOSIGNAL;
|
|
|
|
struct writequeue_entry *e;
|
|
|
|
int len, offset;
|
2010-11-12 17:15:20 +00:00
|
|
|
int count = 0;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_lock(&con->sock_mutex);
|
2006-11-02 16:19:21 +00:00
|
|
|
if (con->sock == NULL)
|
|
|
|
goto out_connect;
|
|
|
|
|
|
|
|
spin_lock(&con->writequeue_lock);
|
|
|
|
for (;;) {
|
|
|
|
e = list_entry(con->writequeue.next, struct writequeue_entry,
|
|
|
|
list);
|
|
|
|
if ((struct list_head *) e == &con->writequeue)
|
|
|
|
break;
|
|
|
|
|
|
|
|
len = e->len;
|
|
|
|
offset = e->offset;
|
|
|
|
BUG_ON(len == 0 && e->users == 0);
|
|
|
|
spin_unlock(&con->writequeue_lock);
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
if (len) {
|
2009-08-24 18:18:04 +00:00
|
|
|
ret = kernel_sendpage(con->sock, e->page, offset, len,
|
|
|
|
msg_flags);
|
2007-09-14 07:49:21 +00:00
|
|
|
if (ret == -EAGAIN || ret == 0) {
|
2010-11-11 05:56:39 +00:00
|
|
|
if (ret == -EAGAIN &&
|
2015-11-30 04:03:10 +00:00
|
|
|
test_bit(SOCKWQ_ASYNC_NOSPACE, &con->sock->flags) &&
|
2010-11-11 05:56:39 +00:00
|
|
|
!test_and_set_bit(CF_APP_LIMITED, &con->flags)) {
|
|
|
|
/* Notify TCP that we're limited by the
|
|
|
|
* application window size.
|
|
|
|
*/
|
|
|
|
set_bit(SOCK_NOSPACE, &con->sock->flags);
|
|
|
|
con->sock->sk->sk_write_pending++;
|
|
|
|
}
|
2007-09-14 07:49:21 +00:00
|
|
|
cond_resched();
|
2006-11-02 16:19:21 +00:00
|
|
|
goto out;
|
2012-08-13 06:29:55 +00:00
|
|
|
} else if (ret < 0)
|
2006-11-02 16:19:21 +00:00
|
|
|
goto send_error;
|
2007-09-14 07:49:21 +00:00
|
|
|
}
|
2010-11-12 17:15:20 +00:00
|
|
|
|
|
|
|
/* Don't starve people filling buffers */
|
|
|
|
if (++count >= MAX_SEND_MSG_COUNT) {
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
cond_resched();
|
2010-11-12 17:15:20 +00:00
|
|
|
count = 0;
|
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
spin_lock(&con->writequeue_lock);
|
2013-06-14 09:56:13 +00:00
|
|
|
writequeue_entry_complete(e, ret);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
spin_unlock(&con->writequeue_lock);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out:
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
return;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
send_error:
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2020-07-27 13:13:37 +00:00
|
|
|
close_connection(con, false, false, true);
|
2017-09-12 08:55:14 +00:00
|
|
|
/* Requeue the send work. When the work daemon runs again, it will try
|
|
|
|
a new connection, then call this function again. */
|
|
|
|
queue_work(send_workqueue, &con->swork);
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
return;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
out_connect:
|
2007-01-24 11:17:59 +00:00
|
|
|
mutex_unlock(&con->sock_mutex);
|
2017-09-12 08:55:14 +00:00
|
|
|
queue_work(send_workqueue, &con->swork);
|
|
|
|
cond_resched();
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
static void clean_one_writequeue(struct connection *con)
|
|
|
|
{
|
2009-01-28 18:57:40 +00:00
|
|
|
struct writequeue_entry *e, *safe;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
spin_lock(&con->writequeue_lock);
|
2009-01-28 18:57:40 +00:00
|
|
|
list_for_each_entry_safe(e, safe, &con->writequeue, list) {
|
2006-11-02 16:19:21 +00:00
|
|
|
list_del(&e->list);
|
|
|
|
free_entry(e);
|
|
|
|
}
|
|
|
|
spin_unlock(&con->writequeue_lock);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Called from recovery when it knows that a node has
|
|
|
|
left the cluster */
|
|
|
|
int dlm_lowcomms_close(int nodeid)
|
|
|
|
{
|
|
|
|
struct connection *con;
|
2012-07-26 17:44:30 +00:00
|
|
|
struct dlm_node_addr *na;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
log_print("closing connection to node %d", nodeid);
|
|
|
|
con = nodeid2con(nodeid, 0);
|
|
|
|
if (con) {
|
2009-08-11 21:18:23 +00:00
|
|
|
set_bit(CF_CLOSE, &con->flags);
|
2015-08-11 22:22:21 +00:00
|
|
|
close_connection(con, true, true, true);
|
2006-11-02 16:19:21 +00:00
|
|
|
clean_one_writequeue(con);
|
2020-11-03 01:04:19 +00:00
|
|
|
if (con->othercon)
|
|
|
|
clean_one_writequeue(con->othercon);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
2012-07-26 17:44:30 +00:00
|
|
|
|
|
|
|
spin_lock(&dlm_node_addrs_spin);
|
|
|
|
na = find_node_addr(nodeid);
|
|
|
|
if (na) {
|
|
|
|
list_del(&na->list);
|
|
|
|
while (na->addr_count--)
|
|
|
|
kfree(na->addr[na->addr_count]);
|
|
|
|
kfree(na);
|
|
|
|
}
|
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
|
2006-11-02 16:19:21 +00:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Receive workqueue function */
|
2007-01-15 14:33:34 +00:00
|
|
|
static void process_recv_sockets(struct work_struct *work)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2007-01-15 14:33:34 +00:00
|
|
|
struct connection *con = container_of(work, struct connection, rwork);
|
|
|
|
int err;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-01-15 14:33:34 +00:00
|
|
|
clear_bit(CF_READ_PENDING, &con->flags);
|
|
|
|
do {
|
|
|
|
err = con->rx_action(con);
|
|
|
|
} while (!err);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
/* Send workqueue function */
|
2007-01-15 14:33:34 +00:00
|
|
|
static void process_send_sockets(struct work_struct *work)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2007-01-15 14:33:34 +00:00
|
|
|
struct connection *con = container_of(work, struct connection, swork);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2017-09-12 09:01:16 +00:00
|
|
|
clear_bit(CF_WRITE_PENDING, &con->flags);
|
2017-09-12 08:55:04 +00:00
|
|
|
if (con->sock == NULL) /* not mutex protected so check it inside too */
|
2007-04-17 14:39:57 +00:00
|
|
|
con->connect_action(con);
|
2017-09-12 08:55:14 +00:00
|
|
|
if (!list_empty(&con->writequeue))
|
2009-08-11 21:18:23 +00:00
|
|
|
send_to_sock(con);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2007-01-15 14:33:34 +00:00
|
|
|
static void work_stop(void)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2019-04-02 12:37:10 +00:00
|
|
|
if (recv_workqueue)
|
|
|
|
destroy_workqueue(recv_workqueue);
|
|
|
|
if (send_workqueue)
|
|
|
|
destroy_workqueue(send_workqueue);
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2007-01-15 14:33:34 +00:00
|
|
|
static int work_start(void)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2011-03-10 19:22:34 +00:00
|
|
|
recv_workqueue = alloc_workqueue("dlm_recv",
|
|
|
|
WQ_UNBOUND | WQ_MEM_RECLAIM, 1);
|
2010-12-13 19:42:24 +00:00
|
|
|
if (!recv_workqueue) {
|
|
|
|
log_print("can't start dlm_recv");
|
|
|
|
return -ENOMEM;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2011-03-10 19:22:34 +00:00
|
|
|
send_workqueue = alloc_workqueue("dlm_send",
|
|
|
|
WQ_UNBOUND | WQ_MEM_RECLAIM, 1);
|
2010-12-13 19:42:24 +00:00
|
|
|
if (!send_workqueue) {
|
|
|
|
log_print("can't start dlm_send");
|
2007-01-15 14:33:34 +00:00
|
|
|
destroy_workqueue(recv_workqueue);
|
2010-12-13 19:42:24 +00:00
|
|
|
return -ENOMEM;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2017-09-12 08:55:40 +00:00
|
|
|
static void _stop_conn(struct connection *con, bool and_other)
|
2006-11-02 16:19:21 +00:00
|
|
|
{
|
2017-09-12 08:55:40 +00:00
|
|
|
mutex_lock(&con->sock_mutex);
|
2017-09-12 09:01:24 +00:00
|
|
|
set_bit(CF_CLOSE, &con->flags);
|
2017-09-12 08:55:40 +00:00
|
|
|
set_bit(CF_READ_PENDING, &con->flags);
|
2017-09-12 09:01:16 +00:00
|
|
|
set_bit(CF_WRITE_PENDING, &con->flags);
|
2017-09-12 09:01:55 +00:00
|
|
|
if (con->sock && con->sock->sk) {
|
|
|
|
write_lock_bh(&con->sock->sk->sk_callback_lock);
|
2009-01-28 18:57:40 +00:00
|
|
|
con->sock->sk->sk_user_data = NULL;
|
2017-09-12 09:01:55 +00:00
|
|
|
write_unlock_bh(&con->sock->sk->sk_callback_lock);
|
|
|
|
}
|
2017-09-12 08:55:40 +00:00
|
|
|
if (con->othercon && and_other)
|
|
|
|
_stop_conn(con->othercon, false);
|
|
|
|
mutex_unlock(&con->sock_mutex);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void stop_conn(struct connection *con)
|
|
|
|
{
|
|
|
|
_stop_conn(con, true);
|
2009-01-28 18:57:40 +00:00
|
|
|
}
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2020-07-27 13:13:38 +00:00
|
|
|
static void shutdown_conn(struct connection *con)
|
|
|
|
{
|
|
|
|
if (con->shutdown_action)
|
|
|
|
con->shutdown_action(con);
|
|
|
|
}
|
|
|
|
|
2020-09-24 14:31:26 +00:00
|
|
|
static void connection_release(struct rcu_head *rcu)
|
|
|
|
{
|
|
|
|
struct connection *con = container_of(rcu, struct connection, rcu);
|
|
|
|
|
|
|
|
kfree(con->rx_buf);
|
|
|
|
kfree(con);
|
|
|
|
}
|
|
|
|
|
2009-01-28 18:57:40 +00:00
|
|
|
static void free_conn(struct connection *con)
|
|
|
|
{
|
2015-08-11 22:22:21 +00:00
|
|
|
close_connection(con, true, true, true);
|
2020-08-27 19:02:49 +00:00
|
|
|
spin_lock(&connections_lock);
|
|
|
|
hlist_del_rcu(&con->list);
|
|
|
|
spin_unlock(&connections_lock);
|
2020-08-27 19:02:53 +00:00
|
|
|
if (con->othercon) {
|
|
|
|
clean_one_writequeue(con->othercon);
|
2020-11-03 01:04:16 +00:00
|
|
|
call_srcu(&connections_srcu, &con->othercon->rcu,
|
|
|
|
connection_release);
|
2020-08-27 19:02:53 +00:00
|
|
|
}
|
2020-08-27 19:02:52 +00:00
|
|
|
clean_one_writequeue(con);
|
2020-11-03 01:04:16 +00:00
|
|
|
call_srcu(&connections_srcu, &con->rcu, connection_release);
|
2009-01-28 18:57:40 +00:00
|
|
|
}
|
|
|
|
|
2017-09-12 08:55:40 +00:00
|
|
|
static void work_flush(void)
|
|
|
|
{
|
2020-08-27 19:02:49 +00:00
|
|
|
int ok, idx;
|
2017-09-12 08:55:40 +00:00
|
|
|
int i;
|
|
|
|
struct connection *con;
|
|
|
|
|
|
|
|
do {
|
|
|
|
ok = 1;
|
|
|
|
foreach_conn(stop_conn);
|
2019-04-02 12:37:10 +00:00
|
|
|
if (recv_workqueue)
|
|
|
|
flush_workqueue(recv_workqueue);
|
|
|
|
if (send_workqueue)
|
|
|
|
flush_workqueue(send_workqueue);
|
2020-08-27 19:02:49 +00:00
|
|
|
idx = srcu_read_lock(&connections_srcu);
|
2017-09-12 08:55:40 +00:00
|
|
|
for (i = 0; i < CONN_HASH_SIZE && ok; i++) {
|
2020-08-27 19:02:49 +00:00
|
|
|
hlist_for_each_entry_rcu(con, &connection_hash[i],
|
|
|
|
list) {
|
2017-09-12 08:55:40 +00:00
|
|
|
ok &= test_bit(CF_READ_PENDING, &con->flags);
|
2017-09-12 09:01:16 +00:00
|
|
|
ok &= test_bit(CF_WRITE_PENDING, &con->flags);
|
|
|
|
if (con->othercon) {
|
2017-09-12 08:55:40 +00:00
|
|
|
ok &= test_bit(CF_READ_PENDING,
|
|
|
|
&con->othercon->flags);
|
2017-09-12 09:01:16 +00:00
|
|
|
ok &= test_bit(CF_WRITE_PENDING,
|
|
|
|
&con->othercon->flags);
|
|
|
|
}
|
2017-09-12 08:55:40 +00:00
|
|
|
}
|
|
|
|
}
|
2020-08-27 19:02:49 +00:00
|
|
|
srcu_read_unlock(&connections_srcu, idx);
|
2017-09-12 08:55:40 +00:00
|
|
|
} while (!ok);
|
|
|
|
}
|
|
|
|
|
2009-01-28 18:57:40 +00:00
|
|
|
void dlm_lowcomms_stop(void)
|
|
|
|
{
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
/* Set all the flags to prevent any
|
2006-11-02 16:19:21 +00:00
|
|
|
socket activity.
|
|
|
|
*/
|
2012-03-30 16:46:08 +00:00
|
|
|
dlm_allow_conn = 0;
|
2020-08-27 19:02:48 +00:00
|
|
|
|
|
|
|
if (recv_workqueue)
|
|
|
|
flush_workqueue(recv_workqueue);
|
|
|
|
if (send_workqueue)
|
|
|
|
flush_workqueue(send_workqueue);
|
|
|
|
|
2020-07-27 13:13:38 +00:00
|
|
|
foreach_conn(shutdown_conn);
|
2017-09-12 08:55:40 +00:00
|
|
|
work_flush();
|
2016-10-08 13:14:37 +00:00
|
|
|
foreach_conn(free_conn);
|
2007-01-15 14:33:34 +00:00
|
|
|
work_stop();
|
2020-08-27 19:02:50 +00:00
|
|
|
deinit_local();
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
int dlm_lowcomms_start(void)
|
|
|
|
{
|
2007-04-17 14:39:57 +00:00
|
|
|
int error = -EINVAL;
|
|
|
|
struct connection *con;
|
2009-01-28 18:57:40 +00:00
|
|
|
int i;
|
|
|
|
|
|
|
|
for (i = 0; i < CONN_HASH_SIZE; i++)
|
|
|
|
INIT_HLIST_HEAD(&connection_hash[i]);
|
2006-11-02 16:19:21 +00:00
|
|
|
|
2007-04-17 14:39:57 +00:00
|
|
|
init_local();
|
|
|
|
if (!dlm_local_count) {
|
2007-04-26 18:46:49 +00:00
|
|
|
error = -ENOTCONN;
|
2006-11-02 16:19:21 +00:00
|
|
|
log_print("no local IP address has been set");
|
2012-03-30 16:46:08 +00:00
|
|
|
goto fail;
|
2006-11-02 16:19:21 +00:00
|
|
|
}
|
|
|
|
|
2012-03-30 16:46:08 +00:00
|
|
|
error = work_start();
|
|
|
|
if (error)
|
2020-08-27 19:02:49 +00:00
|
|
|
goto fail;
|
2012-03-30 16:46:08 +00:00
|
|
|
|
|
|
|
dlm_allow_conn = 1;
|
2006-11-02 16:19:21 +00:00
|
|
|
|
|
|
|
/* Start listening */
|
2007-04-17 14:39:57 +00:00
|
|
|
if (dlm_config.ci_protocol == 0)
|
|
|
|
error = tcp_listen_for_all();
|
|
|
|
else
|
|
|
|
error = sctp_listen_for_all();
|
2006-11-02 16:19:21 +00:00
|
|
|
if (error)
|
|
|
|
goto fail_unlisten;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
[DLM] Clean up lowcomms
This fixes up most of the things pointed out by akpm and Pavel Machek
with comments below indicating why some things have been left:
Andrew Morton wrote:
>
>> +static struct nodeinfo *nodeid2nodeinfo(int nodeid, gfp_t alloc)
>> +{
>> + struct nodeinfo *ni;
>> + int r;
>> + int n;
>> +
>> + down_read(&nodeinfo_lock);
>
> Given that this function can sleep, I wonder if `alloc' is useful.
>
> I see lots of callers passing in a literal "0" for `alloc'. That's in fact
> a secret (GFP_ATOMIC & ~__GFP_HIGH). I doubt if that's what you really
> meant. Particularly as the code could at least have used __GFP_WAIT (aka
> GFP_NOIO) which is much, much more reliable than "0". In fact "0" is the
> least reliable mode possible.
>
> IOW, this is all bollixed up.
When 0 is passed into nodeid2nodeinfo the function does not try to allocate a
new structure at all. it's an indication that the caller only wants the nodeinfo
struct for that nodeid if there actually is one in existance.
I've tidied the function itself so it's more obvious, (and tidier!)
>> +/* Data received from remote end */
>> +static int receive_from_sock(void)
>> +{
>> + int ret = 0;
>> + struct msghdr msg;
>> + struct kvec iov[2];
>> + unsigned len;
>> + int r;
>> + struct sctp_sndrcvinfo *sinfo;
>> + struct cmsghdr *cmsg;
>> + struct nodeinfo *ni;
>> +
>> + /* These two are marginally too big for stack allocation, but this
>> + * function is (currently) only called by dlm_recvd so static should be
>> + * OK.
>> + */
>> + static struct sockaddr_storage msgname;
>> + static char incmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> whoa. This is globally singly-threaded code??
Yes. it is only ever run in the context of dlm_recvd.
>>
>> +static void initiate_association(int nodeid)
>> +{
>> + struct sockaddr_storage rem_addr;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Another static buffer to worry about. Globally singly-threaded code?
Yes. Only ever called by dlm_sendd.
>> +
>> +/* Send a message */
>> +static int send_to_sock(struct nodeinfo *ni)
>> +{
>> + int ret = 0;
>> + struct writequeue_entry *e;
>> + int len, offset;
>> + struct msghdr outmsg;
>> + static char outcmsg[CMSG_SPACE(sizeof(struct sctp_sndrcvinfo))];
>
> Singly-threaded?
Yep.
>>
>> +static void dealloc_nodeinfo(void)
>> +{
>> + int i;
>> +
>> + for (i=1; i<=max_nodeid; i++) {
>> + struct nodeinfo *ni = nodeid2nodeinfo(i, 0);
>> + if (ni) {
>> + idr_remove(&nodeinfo_idr, i);
>
> Didn't that need locking?
Not. it's only ever called at DLM shutdown after all the other threads
have been stopped.
>>
>> +static int write_list_empty(void)
>> +{
>> + int status;
>> +
>> + spin_lock_bh(&write_nodes_lock);
>> + status = list_empty(&write_nodes);
>> + spin_unlock_bh(&write_nodes_lock);
>> +
>> + return status;
>> +}
>
> This function's return value is meaningless. As soon as the lock gets
> dropped, the return value can get out of sync with reality.
>
> Looking at the caller, this _might_ happen to be OK, but it's a nasty and
> dangerous thing. Really the locking should be moved into the caller.
It's just an optimisation to allow the caller to schedule if there is no work
to do. if something arrives immediately afterwards then it will get picked up
when the process re-awakes (and it will be woken by that arrival).
The 'accepting' atomic has gone completely. as Andrew pointed out it didn't
really achieve much anyway. I suspect it was a plaster over some other
startup or shutdown bug to be honest.
Signed-off-by: Patrick Caulfield <pcaulfie@redhat.com>
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Cc: Andrew Morton <akpm@osdl.org>
Cc: Pavel Machek <pavel@ucw.cz>
2006-12-06 15:10:37 +00:00
|
|
|
fail_unlisten:
|
2012-03-30 16:46:08 +00:00
|
|
|
dlm_allow_conn = 0;
|
2007-04-17 14:39:57 +00:00
|
|
|
con = nodeid2con(0,0);
|
2020-08-27 19:02:54 +00:00
|
|
|
if (con)
|
|
|
|
free_conn(con);
|
2012-03-30 16:46:08 +00:00
|
|
|
fail:
|
2006-11-02 16:19:21 +00:00
|
|
|
return error;
|
|
|
|
}
|
2012-07-26 17:44:30 +00:00
|
|
|
|
|
|
|
void dlm_lowcomms_exit(void)
|
|
|
|
{
|
|
|
|
struct dlm_node_addr *na, *safe;
|
|
|
|
|
|
|
|
spin_lock(&dlm_node_addrs_spin);
|
|
|
|
list_for_each_entry_safe(na, safe, &dlm_node_addrs, list) {
|
|
|
|
list_del(&na->list);
|
|
|
|
while (na->addr_count--)
|
|
|
|
kfree(na->addr[na->addr_count]);
|
|
|
|
kfree(na);
|
|
|
|
}
|
|
|
|
spin_unlock(&dlm_node_addrs_spin);
|
|
|
|
}
|