On Sat, Nov 20, 2021 at 03:54:51PM +0800, Daxing Guo wrote:
> From: Guo DaXing <guodaxing@xxxxxxxxxx>
>
> The kernel_listen function in smc_listen will fail when all the available
> ports are occupied. At this point smc->clcsock->sk->sk_data_ready has
> been changed to smc_clcsock_data_ready. When we call smc_listen again,
> now both smc->clcsock->sk->sk_data_ready and smc->clcsk_data_ready point
> to the smc_clcsock_data_ready function.
>
> The smc_clcsock_data_ready() function calls lsmc->clcsk_data_ready which
> now points to itself resulting in an infinite loop.
>
> This patch restores smc->clcsock->sk->sk_data_ready with the old value.
Hi Guo,
This indeed seems to be an issue. When listen fails, the original
clcsock's sk_data_ready overwrites by smc_clcsock_data_ready and can't
be recovered. I will also test it in my environment, thanks.
Cheers,
Tony Lu
>
> Signed-off-by: Guo DaXing <guodaxing@xxxxxxxxxx>
> ---
> net/smc/af_smc.c | 4 +++-
> 1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/net/smc/af_smc.c b/net/smc/af_smc.c
> index 59284da9116d..078f5edf6d4d 100644
> --- a/net/smc/af_smc.c
> +++ b/net/smc/af_smc.c
> @@ -2120,8 +2120,10 @@ static int smc_listen(struct socket *sock, int backlog)
> smc->clcsock->sk->sk_user_data =
> (void *)((uintptr_t)smc | SK_USER_DATA_NOCOPY);
> rc = kernel_listen(smc->clcsock, backlog);
> - if (rc)
> + if (rc) {
> + smc->clcsock->sk->sk_data_ready = smc->clcsk_data_ready;
> goto out;
> + }
> sk->sk_max_ack_backlog = backlog;
> sk->sk_ack_backlog = 0;
> sk->sk_state = SMC_LISTEN;
> --
> 2.20.1
