cifs: reconnect worker should take reference on server struct unconditionally

[ Upstream commit 04909192ada3285070f8ced0af7f07735478b364 ]

Reconnect worker currently assumes that the server struct
is alive and only takes reference on the server if it needs
to call smb2_reconnect.

With the new ability to disable channels based on whether the
server has multichannel disabled, this becomes a problem when
we need to disable established channels. While disabling the
channels and deallocating the server, there could be reconnect
work that could not be cancelled (because it started).

This change forces the reconnect worker to unconditionally
take a reference on the server when it runs.

Also, this change now allows smb2_reconnect to know if it was
called by the reconnect worker. Based on this, the cifs_put_tcp_session
can decide whether it can cancel the reconnect work synchronously or not.

Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
Stable-dep-of: 78e727e58e54 ("cifs: update iface_last_update on each query-and-update")
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/fs/smb/client/connect.c b/fs/smb/client/connect.c
index 2a30245..432248e 100644 (file)
--- a/fs/smb/client/connect.c
+++ b/fs/smb/client/connect.c
@@ -1612,10 +1612,6 @@ cifs_put_tcp_session(struct TCP_Server_Info *server, int from_reconnect)
        list_del_init(&server->tcp_ses_list);
        spin_unlock(&cifs_tcp_ses_lock);
 
-       /* For secondary channels, we pick up ref-count on the primary server */
-       if (SERVER_IS_CHAN(server))
-               cifs_put_tcp_session(server->primary_server, from_reconnect);
-
        cancel_delayed_work_sync(&server->echo);
 
        if (from_reconnect)
@@ -1629,6 +1625,10 @@ cifs_put_tcp_session(struct TCP_Server_Info *server, int from_reconnect)
        else
                cancel_delayed_work_sync(&server->reconnect);
 
+       /* For secondary channels, we pick up ref-count on the primary server */
+       if (SERVER_IS_CHAN(server))
+               cifs_put_tcp_session(server->primary_server, from_reconnect);
+
        spin_lock(&server->srv_lock);
        server->tcpStatus = CifsExiting;
        spin_unlock(&server->srv_lock);

diff --git a/fs/smb/client/smb2pdu.c b/fs/smb/client/smb2pdu.c
index da752f4..a3995c6 100644 (file)
--- a/fs/smb/client/smb2pdu.c
+++ b/fs/smb/client/smb2pdu.c
@@ -158,7 +158,7 @@ out:
 
 static int
 smb2_reconnect(__le16 smb2_command, struct cifs_tcon *tcon,
-              struct TCP_Server_Info *server)
+              struct TCP_Server_Info *server, bool from_reconnect)
 {
        int rc = 0;
        struct nls_table *nls_codepage = NULL;
@@ -331,7 +331,7 @@ again:
                                 * as cifs_put_tcp_session takes a higher lock
                                 * i.e. cifs_tcp_ses_lock
                                 */
-                               cifs_put_tcp_session(server, 1);
+                               cifs_put_tcp_session(server, from_reconnect);
 
                                server->terminate = true;
                                cifs_signal_cifsd_for_reconnect(server, false);
@@ -504,7 +504,7 @@ static int smb2_plain_req_init(__le16 smb2_command, struct cifs_tcon *tcon,
 {
        int rc;
 
-       rc = smb2_reconnect(smb2_command, tcon, server);
+       rc = smb2_reconnect(smb2_command, tcon, server, false);
        if (rc)
                return rc;
 
@@ -3924,6 +3924,15 @@ void smb2_reconnect_server(struct work_struct *work)
        int rc;
        bool resched = false;
 
+       /* first check if ref count has reached 0, if not inc ref count */
+       spin_lock(&cifs_tcp_ses_lock);
+       if (!server->srv_count) {
+               spin_unlock(&cifs_tcp_ses_lock);
+               return;
+       }
+       server->srv_count++;
+       spin_unlock(&cifs_tcp_ses_lock);
+
        /* If server is a channel, select the primary channel */
        pserver = SERVER_IS_CHAN(server) ? server->primary_server : server;
 
@@ -3981,17 +3990,10 @@ void smb2_reconnect_server(struct work_struct *work)
                }
                spin_unlock(&ses->chan_lock);
        }
-       /*
-        * Get the reference to server struct to be sure that the last call of
-        * cifs_put_tcon() in the loop below won't release the server pointer.
-        */
-       if (tcon_exist || ses_exist)
-               server->srv_count++;
-
        spin_unlock(&cifs_tcp_ses_lock);
 
        list_for_each_entry_safe(tcon, tcon2, &tmp_list, rlist) {
-               rc = smb2_reconnect(SMB2_INTERNAL_CMD, tcon, server);
+               rc = smb2_reconnect(SMB2_INTERNAL_CMD, tcon, server, true);
                if (!rc)
                        cifs_reopen_persistent_handles(tcon);
                else
@@ -4024,7 +4026,7 @@ void smb2_reconnect_server(struct work_struct *work)
        /* now reconnect sessions for necessary channels */
        list_for_each_entry_safe(ses, ses2, &tmp_ses_list, rlist) {
                tcon->ses = ses;
-               rc = smb2_reconnect(SMB2_INTERNAL_CMD, tcon, server);
+               rc = smb2_reconnect(SMB2_INTERNAL_CMD, tcon, server, true);
                if (rc)
                        resched = true;
                list_del_init(&ses->rlist);
@@ -4039,8 +4041,7 @@ done:
        mutex_unlock(&pserver->reconnect_mutex);
 
        /* now we can safely release srv struct */
-       if (tcon_exist || ses_exist)
-               cifs_put_tcp_session(server, 1);
+       cifs_put_tcp_session(server, true);
 }
 
 int