RDMA/cm: Add missing locking around id.state in cm_dup_req_handler

All accesses to id.state must be done under the spinlock.

Fixes: a977049dacde ("[PATCH] IB: Add the kernel CM implementation")
Link: https://lore.kernel.org/r/20200310092545.251365-10-leon@kernel.org
Signed-off-by: Leon Romanovsky <leonro@mellanox.com>
Signed-off-by: Jason Gunthorpe <jgg@mellanox.com>

diff --git a/drivers/infiniband/core/cm.c b/drivers/infiniband/core/cm.c
index 3f12504..3ce7355 100644 (file)
--- a/drivers/infiniband/core/cm.c
+++ b/drivers/infiniband/core/cm.c
@@ -1872,8 +1872,12 @@ static void cm_dup_req_handler(struct cm_work *work,
                        counter[CM_REQ_COUNTER]);
 
        /* Quick state check to discard duplicate REQs. */
-       if (cm_id_priv->id.state == IB_CM_REQ_RCVD)
+       spin_lock_irq(&cm_id_priv->lock);
+       if (cm_id_priv->id.state == IB_CM_REQ_RCVD) {
+               spin_unlock_irq(&cm_id_priv->lock);
                return;
+       }
+       spin_unlock_irq(&cm_id_priv->lock);
 
        ret = cm_alloc_response_msg(work->port, work->mad_recv_wc, &msg);
        if (ret)