mirror of
https://git.proxmox.com/git/mirror_ubuntu-kernels.git
synced 2026-01-06 19:02:48 +00:00
d15f9d694b
Only ->alloc_msg() should check data_len of the incoming message against the preallocated ceph_msg, doing it in the messenger is not right. The contract is that either ->alloc_msg() returns a ceph_msg which will fit all of the portions of the incoming message, or it returns NULL and possibly sets skip, signaling whether NULL is due to an -ENOMEM. ->alloc_msg() should be the only place where we make the skip/no-skip decision. I stumbled upon this while looking at con/osd ref counting. Right now, if we get a non-extent message with a larger data portion than we are prepared for, ->alloc_msg() returns a ceph_msg, and then, when we skip it in the messenger, we don't put the con/osd ref acquired in ceph_con_in_msg_alloc() (which is normally put in process_message()), so this also fixes a memory leak. An existing BUG_ON in ceph_msg_data_cursor_init() ensures we don't corrupt random memory should a buggy ->alloc_msg() return an unfit ceph_msg. While at it, I changed the "unknown tid" dout() to a pr_warn() to make sure all skips are seen and unified format strings. Signed-off-by: Ilya Dryomov <idryomov@gmail.com> Reviewed-by: Alex Elder <elder@linaro.org> |
||
|---|---|---|
| .. | ||
| crush | ||
| armor.c | ||
| auth_none.c | ||
| auth_none.h | ||
| auth_x_protocol.h | ||
| auth_x.c | ||
| auth_x.h | ||
| auth.c | ||
| buffer.c | ||
| ceph_common.c | ||
| ceph_fs.c | ||
| ceph_hash.c | ||
| ceph_strings.c | ||
| crypto.c | ||
| crypto.h | ||
| debugfs.c | ||
| Kconfig | ||
| Makefile | ||
| messenger.c | ||
| mon_client.c | ||
| msgpool.c | ||
| osd_client.c | ||
| osdmap.c | ||
| pagelist.c | ||
| pagevec.c | ||
| snapshot.c | ||