Re: [PATCH] cifs: Do not leak EDEADLK to dgetents64 for STATUS_USER_SESSION_DELETED

Shyam Prasad N <nspmangalore@xxxxxxxxx> · Thu, 26 Aug 2021 22:45:30 +0530

On Thu, Aug 26, 2021 at 2:39 AM Steve French <smfrench@xxxxxxxxx> wrote:
>
> lightly updated to add short sleep before retry
>
>
> On Wed, Aug 25, 2021 at 6:17 AM Ronnie Sahlberg <lsahlber@xxxxxxxxxx> wrote:
> >
> > RHBZ: 1994393
> >
> > If we hit a STATUS_USER_SESSION_DELETED for the Create part in the
> > Create/QueryDirectory compound that starts a directory scan
> > we will leak EDEADLK back to userspace and surprise glibc and the application.
> >
> > Pick this up initiate_cifs_search() and retry a small number of tries before we
> > return an error to userspace.
> >
> > Cc: stable@xxxxxxxxxxxxxxx
> > Reported-by: Xiaoli Feng <xifeng@xxxxxxxxxx>
> > Signed-off-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
> > ---
> >  fs/cifs/readdir.c | 19 ++++++++++++++++++-
> >  1 file changed, 18 insertions(+), 1 deletion(-)
> >
> > diff --git a/fs/cifs/readdir.c b/fs/cifs/readdir.c
> > index bfee176b901d..4518e3ca64df 100644
> > --- a/fs/cifs/readdir.c
> > +++ b/fs/cifs/readdir.c
> > @@ -369,7 +369,7 @@ int get_symlink_reparse_path(char *full_path, struct cifs_sb_info *cifs_sb,
> >   */
> >
> >  static int
> > -initiate_cifs_search(const unsigned int xid, struct file *file,
> > +_initiate_cifs_search(const unsigned int xid, struct file *file,
> >                      const char *full_path)
> >  {
> >         __u16 search_flags;
> > @@ -451,6 +451,23 @@ initiate_cifs_search(const unsigned int xid, struct file *file,
> >         return rc;
> >  }
> >
> > +static int
> > +initiate_cifs_search(const unsigned int xid, struct file *file,
> > +                    const char *full_path)
> > +{
> > +       int rc, retry_count = 0;
> > +
> > +       do {
> > +               rc = _initiate_cifs_search(xid, file, full_path);
> > +               /*
> > +                * We don't have enough credits to start reading the
> > +                * directory so just try again.
> > +                */
> > +       } while (rc == -EDEADLK && retry_count++ < 5);
> > +
> > +       return rc;
> > +}
> > +
> >  /* return length of unicode string in bytes */
> >  static int cifs_unicode_bytelen(const char *str)
> >  {
> > --
> > 2.30.2
> >
>
>
> --
> Thanks,
>
> Steve

Hi Ronnie,

EDEADLK is returned in wait_for_compound_request, when num of credits
is 0, but there are no in flight requests to get more credits from.
Why did we reach here in the first place? If we already found
STATUS_USER_SESSION_DELETED, why are we waiting for another request?

-- 
Regards,
Shyam