• Nicholas Bellinger's avatar
    target: Obtain se_node_acl->acl_kref during get_initiator_node_acl · 6f0362b0
    Nicholas Bellinger authored
    BugLink: http://bugs.launchpad.net/bugs/1673538
    
    commit 21aaa23b upstream.
    
    This patch addresses a long standing race where obtaining
    se_node_acl->acl_kref in __transport_register_session()
    happens a bit too late, and leaves open the potential
    for core_tpg_del_initiator_node_acl() to hit a NULL
    pointer dereference.
    
    Instead, take ->acl_kref in core_tpg_get_initiator_node_acl()
    while se_portal_group->acl_node_mutex is held, and move the
    final target_put_nacl() from transport_deregister_session()
    into transport_free_session() so that fabric driver login
    failure handling using the modern method to still work
    as expected.
    
    Also, update core_tpg_get_initiator_node_acl() to take
    an extra reference for dynamically generated acls for
    demo-mode, before returning to fabric caller.  Also
    update iscsi-target sendtargets special case handling
    to use target_tpg_has_node_acl() when checking if
    demo_mode_discovery == true during discovery lookup.
    
    Note the existing wait_for_completion(&acl->acl_free_comp)
    in core_tpg_del_initiator_node_acl() does not change.
    
    Cc: Sagi Grimberg <sagig@mellanox.com>
    Cc: Christoph Hellwig <hch@lst.de>
    Cc: Hannes Reinecke <hare@suse.de>
    Cc: Andy Grover <agrover@redhat.com>
    Cc: Mike Christie <michaelc@cs.wisc.edu>
    Signed-off-by: default avatarNicholas Bellinger <nab@linux-iscsi.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    Signed-off-by: default avatarTim Gardner <tim.gardner@canonical.com>
    Signed-off-by: default avatarThadeu Lima de Souza Cascardo <cascardo@canonical.com>
    6f0362b0
target_core_tpg.c 20.5 KB