Curious code in autostart

linux-raid.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* Curious code in autostart_array
@ 2006-06-23  4:05 Pete Zaitcev
  2006-06-23  4:11 ` H. Peter Anvin
  2006-06-23  4:46 ` Neil Brown
  0 siblings, 2 replies; 4+ messages in thread
From: Pete Zaitcev @ 2006-06-23  4:05 UTC (permalink / raw)
  To: linux-raid; +Cc: mingo, dledford, zaitcev

Hi, guys:

My copy of 2.6.17-rc5 has the following code in autostart_array():
		mdp_disk_t *desc = sb->disks + i;
		dev_t dev = MKDEV(desc->major, desc->minor);

		if (!dev)
			continue;
		if (dev == startdev)
			continue;
		if (MAJOR(dev) != desc->major || MINOR(dev) != desc->minor)
			continue;

Under what conditions do you think the last if() statement can fire?
What is its purpose? This looks like an attempt to detect bit clipping.
But what exactly?

Cheers,
-- Pete

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Curious code in autostart_array
  2006-06-23  4:05 Curious code in autostart_array Pete Zaitcev
@ 2006-06-23  4:11 ` H. Peter Anvin
  2006-06-23  4:46 ` Neil Brown
  1 sibling, 0 replies; 4+ messages in thread
From: H. Peter Anvin @ 2006-06-23  4:11 UTC (permalink / raw)
  To: Pete Zaitcev; +Cc: linux-raid, mingo, dledford

Pete Zaitcev wrote:
> Hi, guys:
> 
> My copy of 2.6.17-rc5 has the following code in autostart_array():
> 		mdp_disk_t *desc = sb->disks + i;
> 		dev_t dev = MKDEV(desc->major, desc->minor);
> 
> 		if (!dev)
> 			continue;
> 		if (dev == startdev)
> 			continue;
> 		if (MAJOR(dev) != desc->major || MINOR(dev) != desc->minor)
> 			continue;
> 
> Under what conditions do you think the last if() statement can fire?
> What is its purpose? This looks like an attempt to detect bit clipping.
> But what exactly?
> 

It can fire if either desc->major or desc->minor overflow the respective 
fields in dev_t.  Unfortunately, it's not guaranteed to do so.

	-hpa

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Curious code in autostart_array
  2006-06-23  4:05 Curious code in autostart_array Pete Zaitcev
  2006-06-23  4:11 ` H. Peter Anvin
@ 2006-06-23  4:46 ` Neil Brown
  2006-06-23  5:25   ` Pete Zaitcev
  1 sibling, 1 reply; 4+ messages in thread
From: Neil Brown @ 2006-06-23  4:46 UTC (permalink / raw)
  To: Pete Zaitcev; +Cc: linux-raid, mingo, dledford

On Thursday June 22, zaitcev@redhat.com wrote:
> Hi, guys:
> 
> My copy of 2.6.17-rc5 has the following code in autostart_array():
> 		mdp_disk_t *desc = sb->disks + i;
> 		dev_t dev = MKDEV(desc->major, desc->minor);
> 
> 		if (!dev)
> 			continue;
> 		if (dev == startdev)
> 			continue;
> 		if (MAJOR(dev) != desc->major || MINOR(dev) != desc->minor)
> 			continue;
> 
> Under what conditions do you think the last if() statement can fire?
> What is its purpose? This looks like an attempt to detect bit clipping.
> But what exactly?

First, be aware that this code (which is only available from the
START_ARRAY ioctl) is scheduled to be removed from the kernel next
month.

Second, the code substantially predates my involvement in md, but I
suspect it is simple caution.  desc->major and desc->minor have been
read of the disk, so their values cannot be trusted.
They are both 32 bit and so could easily not be valid major/minor
numbers.  The test slightly reduces the number of silly thing that can
go wrong if the data is bad (though the fact that the superblock is
checksumed makes that fairly unlikely).
(or to put it another way: I don't know either :-)

NeilBrown

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: Curious code in autostart_array
  2006-06-23  4:46 ` Neil Brown
@ 2006-06-23  5:25   ` Pete Zaitcev
  0 siblings, 0 replies; 4+ messages in thread
From: Pete Zaitcev @ 2006-06-23  5:25 UTC (permalink / raw)
  To: Neil Brown; +Cc: linux-raid, mingo, dledford

On Fri, 23 Jun 2006 14:46:13 +1000, Neil Brown <neilb@suse.de> wrote:

> > 		dev_t dev = MKDEV(desc->major, desc->minor);
> > 		if (MAJOR(dev) != desc->major || MINOR(dev) != desc->minor)
> > 			continue;

> desc->major and desc->minor have been
> read of the disk, so their values cannot be trusted.

Oh, right. Sorry.

-- Pete

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2006-06-23  5:25 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-06-23  4:05 Curious code in autostart_array Pete Zaitcev
2006-06-23  4:11 ` H. Peter Anvin
2006-06-23  4:46 ` Neil Brown
2006-06-23  5:25   ` Pete Zaitcev

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).