iscsid: fix iscsid segfault during qla4xxx login

If the kernel sends multiple ISCSI_KEVENT_CONN_LOGIN_STATE events for the same login event iscsid will segault. When we get a conn error we will set the r_stage to reopen, then when session_conn_process_login handles the first login event we set the r_stage to R_STAGE_NO_CHANGE. But then it looks like if we get a second login event r_stage is no_change and session_conn_process_login will run again and call mgmt_ipc_write_rsp on a bad qtask.
author: Mike Christie <michaelc@cs.wisc.edu> 2012-09-05 16:18:16 -0500
committer: Mike Christie <michaelc@cs.wisc.edu> 2012-09-05 16:18:16 -0500
commit: 71cd021b74a7094b5186a42bfe59a35e2fa66018 (patch)
tree: bf080613beb37da6f3e0bf93ba7428d5ad37cdd3 /usr/initiator.c
parent: dd73b7d12b6bc5f4f4d08c2ac7dcfc5f00f6fd29 (diff)
download: open-iscsi-71cd021b74a7094b5186a42bfe59a35e2fa66018.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/usr/initiator.c b/usr/initiator.c
index 79ca32c..d475358 100644
--- a/usr/initiator.c
+++ b/usr/initiator.c
@@ -993,7 +993,7 @@ static void session_scan_host(struct iscsi_session *session, int hostno,
 		exit(0);
 	} else if (pid > 0) {
 		reap_inc();
-		if (qtask) {
+		if (qtask && qtask->mgmt_ipc_fd >= 0) {
 			close(qtask->mgmt_ipc_fd);
 			free(qtask);
 		}
@@ -1618,6 +1618,9 @@ static void session_conn_process_login(void *data)
 	if (state == ISCSI_CONN_STATE_FREE)
 		goto failed_login;
 
+	if (conn->state == ISCSI_CONN_STATE_LOGGED_IN)
+		return;
+
 	conn->state = ISCSI_CONN_STATE_LOGGED_IN;
 	/*
 	 * ok we were in_login and now we got the notification that we are
author	Mike Christie <michaelc@cs.wisc.edu>	2012-09-05 16:18:16 -0500
committer	Mike Christie <michaelc@cs.wisc.edu>	2012-09-05 16:18:16 -0500
commit	71cd021b74a7094b5186a42bfe59a35e2fa66018 (patch)
tree	bf080613beb37da6f3e0bf93ba7428d5ad37cdd3 /usr/initiator.c
parent	dd73b7d12b6bc5f4f4d08c2ac7dcfc5f00f6fd29 (diff)
download	open-iscsi-71cd021b74a7094b5186a42bfe59a35e2fa66018.tar.gz