From: Peng Tao <bergwolf@gmail.com>
To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: linux-kernel@vger.kernel.org,
Andreas Dilger <andreas.dilger@intel.com>,
Peng Tao <bergwolf@gmail.com>
Subject: [PATCH 23/26] staging/lustre/seq: make seq_proc_write_common() safer
Date: Fri, 15 Nov 2013 00:43:10 +0800 [thread overview]
Message-ID: <1384447393-13838-24-git-send-email-bergwolf@gmail.com> (raw)
In-Reply-To: <1384447393-13838-1-git-send-email-bergwolf@gmail.com>
From: Andreas Dilger <andreas.dilger@intel.com>
Don't allow seq_proc_write_common() to specify arbitrary ranges,
since this can permanently corrupt the sequence controller and/or
sequnece server. That would allow duplicate FID allocation, or
possibly prevent any new files to be created or servers to be added
to the filesystem.
Instead, limit the sequence range that can be written via /proc to
a subset of the sequence range currently allocated to that node.
Add the "clear" keyword to allow dropping the entire local sequence
and force a new one to be fetched from the sequence server.
Lustre-change: http://review.whamcloud.com/7123
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-3642
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Reviewed-by: Alex Zhuravlev <alexey.zhuravlev@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Reviewed-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
---
drivers/staging/lustre/lustre/fid/lproc_fid.c | 14 ++++++++++----
.../lustre/lustre/include/lustre/lustre_idl.h | 2 +-
2 files changed, 11 insertions(+), 5 deletions(-)
diff --git a/drivers/staging/lustre/lustre/fid/lproc_fid.c b/drivers/staging/lustre/lustre/fid/lproc_fid.c
index 294070d..befa12f 100644
--- a/drivers/staging/lustre/lustre/fid/lproc_fid.c
+++ b/drivers/staging/lustre/lustre/fid/lproc_fid.c
@@ -56,22 +56,28 @@
#ifdef LPROCFS
/*
- * Note: this function is only used for testing, it is no safe for production
- * use.
+ * Reduce the SEQ range allocated to a node to a strict subset of the range
+ * currently-allocated SEQ range. If the specified range is "clear", then
+ * drop all allocated sequences and request a new one from the master.
+ *
+ * Note: this function should only be used for testing, it is not necessarily
+ * safe for production use.
*/
static int
lprocfs_fid_write_common(const char *buffer, unsigned long count,
struct lu_seq_range *range)
{
- struct lu_seq_range tmp;
+ struct lu_seq_range tmp = { 0, };
int rc;
LASSERT(range != NULL);
+ /* of the form "[0x0000000240000400 - 0x000000028000400]" */
rc = sscanf(buffer, "[%llx - %llx]\n",
(long long unsigned *)&tmp.lsr_start,
(long long unsigned *)&tmp.lsr_end);
- if (rc != 2 || !range_is_sane(&tmp) || range_is_zero(&tmp))
+ if (!range_is_sane(&tmp) || range_is_zero(&tmp) ||
+ tmp.lsr_start < range->lsr_start || tmp.lsr_end > range->lsr_end)
return -EINVAL;
*range = tmp;
return 0;
diff --git a/drivers/staging/lustre/lustre/include/lustre/lustre_idl.h b/drivers/staging/lustre/lustre/include/lustre/lustre_idl.h
index 15ae8e8..f7dcfe8 100644
--- a/drivers/staging/lustre/lustre/include/lustre/lustre_idl.h
+++ b/drivers/staging/lustre/lustre/include/lustre/lustre_idl.h
@@ -264,7 +264,7 @@ static inline __u64 range_space(const struct lu_seq_range *range)
static inline void range_init(struct lu_seq_range *range)
{
- range->lsr_start = range->lsr_end = range->lsr_index = 0;
+ memset(range, 0, sizeof(*range));
}
/**
--
1.7.9.5
next prev parent reply other threads:[~2013-11-14 16:46 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-14 16:42 [PATCH 00/26] staging/lustre: patch bomb 3 Peng Tao
2013-11-14 16:42 ` [PATCH 01/26] staging/lustre/hsm: handle file ownership and timestamps Peng Tao
2013-11-14 16:42 ` [PATCH 02/26] staging/lustre/build: fix race issues thanks to oap_lock Peng Tao
2013-11-14 16:42 ` [PATCH 03/26] staging/lustre/clio: incorrect assertions in 'enable-invariants' Peng Tao
2013-11-14 16:42 ` [PATCH 04/26] staging/lustre/ldlm: Fix a race during FLock handling Peng Tao
2013-11-14 16:42 ` [PATCH 05/26] staging/lustre/dcache: Unsafe error handling arnd ll_splice_alias Peng Tao
2013-11-14 16:42 ` [PATCH 06/26] staging/lustre/build: fix 'NULL pointer dereference' errors Peng Tao
2013-11-14 16:42 ` [PATCH 07/26] staging/lustre/ldlm: refine LU-2665 patch for POSIX compliance Peng Tao
2013-11-14 16:42 ` [PATCH 08/26] staging/lustre/llite: speedup in unlink/rmdir Peng Tao
2013-11-14 16:42 ` [PATCH 09/26] staging/lustre/llite: error setting max_cache_mb at mount time Peng Tao
2013-11-14 16:42 ` [PATCH 10/26] staging/lustre/ldlm: MDT mount fails on MDS w/o MGS on it Peng Tao
2013-11-14 16:42 ` [PATCH 11/26] staging/lustre/ptlrpc: Return a meaningful status from ptlrpcd_init() Peng Tao
2013-11-14 16:42 ` [PATCH 12/26] staging/lustre/ldlm: Fix flock detection for different mounts Peng Tao
2013-11-14 16:43 ` [PATCH 13/26] staging/lustre/nrs: Fix a race condition in the ORR policy Peng Tao
2013-11-14 16:43 ` [PATCH 14/26] staging/lustre/ptlrpc: skip rpcs that fail ptl_send_rpc Peng Tao
2013-11-14 16:43 ` [PATCH 15/26] staging/lustre/llite: Truncate to restore file Peng Tao
2013-11-14 16:43 ` [PATCH 16/26] staging/lustre/lov: avoid subobj's coh_parent race Peng Tao
2013-11-14 16:43 ` [PATCH 17/26] staging/lustre/changelogs: Correct KUC code max changelog msg size Peng Tao
2013-11-14 16:43 ` [PATCH 18/26] staging/lustre/scrub: support dryrun mode OI scrub Peng Tao
2013-11-14 16:43 ` [PATCH 19/26] staging/lustre/mdt: return EXDEV for cross-MDT rename Peng Tao
2013-11-14 16:43 ` [PATCH 20/26] staging/lustre/hsm: reprocess LDLM resource in mdt_hsm_release() Peng Tao
2013-11-14 16:43 ` [PATCH 21/26] staging/lustre/clio: Do not shrink sublock at cancel Peng Tao
2013-11-14 16:43 ` [PATCH 22/26] staging/lustre/osc: osc_extent_wait() shouldn't be interruptible Peng Tao
2013-11-14 16:43 ` Peng Tao [this message]
2013-11-14 16:43 ` [PATCH 24/26] staging/lustre/lprocfs: implement log2 using bitops Peng Tao
2013-11-14 16:43 ` [PATCH 25/26] staging/lustre/autoconf: remove quota_on/quota_off checks Peng Tao
2013-11-14 16:43 ` [PATCH 26/26] staging/lustre/autoconf: remove LC_BI_HW_SEGMENTS test Peng Tao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1384447393-13838-24-git-send-email-bergwolf@gmail.com \
--to=bergwolf@gmail.com \
--cc=andreas.dilger@intel.com \
--cc=gregkh@linuxfoundation.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox