• Jon Paul Maloy's avatar
    tipc: avoid stale link after aborted failover · 7d24dcdb
    Jon Paul Maloy authored
    During link failover it may happen that the remaining link goes
    down while it is still in the process of taking over traffic
    from a previously failed link. When this happens, we currently
    abort the failover procedure and reset the first failed link to
    non-failover mode, so that it will be ready to re-establish
    contact with its peer when it comes available.
    
    However, if the first link goes down because its bearer was manually
    disabled, it is not enough to reset it; it must also be deleted;
    which is supposed to happen when the failover procedure is finished.
    Otherwise it will remain a zombie link: attached to the owner node
    structure, in mode LINK_STOPPED, and permanently blocking any re-
    establishing of the link to the peer via the interface in question.
    
    We fix this by amending the failover abort procedure. Apart from
    resetting the link to non-failover state, we test if the link is
    also in LINK_STOPPED mode. If so, we delete it, using the conditional
    tipc_link_delete() function introduced in the previous commit.
    Reviewed-by: default avatarErik Hugne <erik.hugne@ericsson.com>
    Reviewed-by: default avatarYing Xue <ying.xue@windriver.com>
    Signed-off-by: default avatarJon Maloy <jon.maloy@ericsson.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    7d24dcdb
node.c 18.8 KB