tipc: delay ESTABLISH state event when link is established

Link establishing, just like link teardown, is a non-atomic action, in the sense that discovering that conditions are right to establish a link, and the actual adding of the link to one of the node's send slots is done in two different lock contexts. The link FSM is designed to help bridging the gap between the two contexts in a safe manner. We have now discovered a weakness in the implementaton of this FSM. Because we directly let the link go from state LINK_ESTABLISHING to state LINK_ESTABLISHED already in the first lock context, we are unable to distinguish between a fully established link, i.e., a link that has been added to its slot, and a link that has not yet reached the second lock context. It may hence happen that a manual intervention, e.g., when disabling an interface, causes the function tipc_node_link_down() to try removing the link from the node slots, decrementing its active link counter etc, although the link was never added there in the first place. We solve this by delaying the actual state change until we reach the second lock context, inside the function tipc_node_link_up(). This makes it possible for potentail callers of __tipc_node_link_down() to know if they should proceed or not, and the problem is solved. Unforunately, the situation described above also has a second problem. Since there by necessity is a tipc_node_link_up() call pending once the node lock has been released, we must defuse that call by setting the link back from LINK_ESTABLISHING to LINK_RESET state. This forces us to make a slight modification to the link FSM, which will now look as follows. +------------------------------------+ |RESET_EVT | | | | +--------------+ | +-----------------| SYNCHING |-----------------+ | |FAILURE_EVT +--------------+ PEER_RESET_EVT| | | A | | | | | | | | | | | | | | |SYNCH_ |SYNCH_ | | | |BEGIN_EVT |END_EVT | | | | | | | V | V V | +-------------+ +--------------+ +------------+ | | RESETTING |<---------| ESTABLISHED |--------->| PEER_RESET | | +-------------+ FAILURE_ +--------------+ PEER_ +------------+ | | EVT | A RESET_EVT | | | | | | | | +----------------+ | | | RESET_EVT| |RESET_EVT | | | | | | | | | | |ESTABLISH_EVT | | | | +-------------+ | | | | | | RESET_EVT | | | | | | | | | | | V V V | | | | +-------------+ +--------------+ RESET_EVT| +--->| RESET |--------->| ESTABLISHING |<----------------+ +-------------+ PEER_ +--------------+ | A RESET_EVT | | | | | | | |FAILOVER_ |FAILOVER_ |FAILOVER_ |BEGIN_EVT |END_EVT |BEGIN_EVT | | | V | | +-------------+ | | FAILINGOVER |<----------------+ +-------------+ Signed-off-by: Jon Maloy <jon.maloy@ericsson.com> Acked-by: Ying Xue <ying.xue@windriver.com> Signed-off-by: David S. Miller <davem@davemloft.net>
author: Jon Paul Maloy <jon.maloy@ericsson.com> 2015-10-15 14:52:44 -0400
committer: David S. Miller <davem@davemloft.net> 2015-10-16 02:55:21 -0400
commit: 73f646cec35477b5099d7e952297cb9e1855be45 (patch)
tree: 91356371025167120e9919cc25d806523da367f6 /net/tipc/node.c
parent: 8306f99a517b91ebf8fa94d017c2c84ca62e107c (diff)
1 files changed, 22 insertions, 9 deletions
diff --git a/net/tipc/node.c b/net/tipc/node.c
index 703875fd6cde..656b5791f1a5 100644
--- a/net/tipc/node.c
+++ b/net/tipc/node.c
@@ -317,7 +317,11 @@ static void __tipc_node_link_up(struct tipc_node *n, int bearer_id,
        struct tipc_link *ol = node_active_link(n, 0);
        struct tipc_link *nl = n->links[bearer_id].link;
-        if (!nl || !tipc_link_is_up(nl))
+        if (!nl)
+                return;
+        tipc_link_fsm_evt(nl, LINK_ESTABLISH_EVT);
+        if (!tipc_link_is_up(nl))
                return;
        n->working_links++;
@@ -437,17 +441,26 @@ static void __tipc_node_link_down(struct tipc_node *n, int *bearer_id,
 static void tipc_node_link_down(struct tipc_node *n, int bearer_id, bool delete)
 {
        struct tipc_link_entry *le = &n->links[bearer_id];
+        struct tipc_link *l = le->link;
        struct tipc_media_addr *maddr;
        struct sk_buff_head xmitq;
+        if (!l)
+                return;
        __skb_queue_head_init(&xmitq);
        tipc_node_lock(n);
-        __tipc_node_link_down(n, &bearer_id, &xmitq, &maddr);
+        if (!tipc_link_is_establishing(l)) {
-        if (delete && le->link) {
+                __tipc_node_link_down(n, &bearer_id, &xmitq, &maddr);
-                kfree(le->link);
+                if (delete) {
-                le->link = NULL;
+                        kfree(l);
-                n->link_cnt--;
+                        le->link = NULL;
+                        n->link_cnt--;
+                }
+        } else {
+                /* Defuse pending tipc_node_link_up() */
+                tipc_link_fsm_evt(l, LINK_RESET_EVT);
        }
        tipc_node_unlock(n);
@@ -579,7 +592,7 @@ void tipc_node_check_dest(struct net *net, u32 onode,
        memcpy(&le->maddr, maddr, sizeof(*maddr));
 exit:
        tipc_node_unlock(n);
-        if (reset)
+        if (reset && !tipc_link_is_reset(l))
                tipc_node_link_down(n, b->identity, false);
        tipc_node_put(n);
 }
@@ -686,10 +699,10 @@ static void tipc_node_fsm_evt(struct tipc_node *n, int evt)
                        break;
                case SELF_ESTABL_CONTACT_EVT:
                case PEER_LOST_CONTACT_EVT:
-                        break;
                case NODE_SYNCH_END_EVT:
-                case NODE_SYNCH_BEGIN_EVT:
                case NODE_FAILOVER_BEGIN_EVT:
+                        break;
+                case NODE_SYNCH_BEGIN_EVT:
                case NODE_FAILOVER_END_EVT:
                default:
                        goto illegal_evt;
author	Jon Paul Maloy <jon.maloy@ericsson.com>	2015-10-15 14:52:44 -0400
committer	David S. Miller <davem@davemloft.net>	2015-10-16 02:55:21 -0400
commit	73f646cec35477b5099d7e952297cb9e1855be45 (patch)
tree	91356371025167120e9919cc25d806523da367f6 /net/tipc/node.c
parent	8306f99a517b91ebf8fa94d017c2c84ca62e107c (diff)