1
0
mirror of git://sourceware.org/git/lvm2.git synced 2025-01-03 05:18:29 +03:00
Commit Graph

488 Commits

Author SHA1 Message Date
Zdenek Kabelac
b714c7ebc6 clvmd: validate open device state
If clvmd does not hold any lock, it should also not keep any opened
device.

The reason for this patch is, that refresh_toolcontext calls
dev_cache_exit() which destroys whole device cache (even those with
opened file) - previous patch added recovery path to avoid memory
corruption, but opened files are still bugs that need to be fixed.

So this patch certainly kills many internal mirror & raid tests,
since they leak opened file descriptors (when tests are executed
with 'abort_on_error').
2014-03-25 11:22:57 +01:00
Zdenek Kabelac
b522312678 clvmd: hardening leak on exit
Operate with lvm_thread_exit while holding lvm_thread_mutex.
Don't leave unfinished work in the lvm thread queue
and always finish all queued tasks before exit,
so no cmd struct is left in the list.

(in-release fix)
2014-03-25 11:22:57 +01:00
Zdenek Kabelac
01efb20bdb cleanup: clvmd add more info debug message 2014-03-21 22:29:27 +01:00
Zdenek Kabelac
0d449fe183 cleanup: clvmd uses struct initializers
Code easier to read
2014-03-21 22:29:27 +01:00
Zdenek Kabelac
9196274c1e cleanup: clvmd zombie removal loop
Simplier code to start scan from the next node,
and remove matching pipe client.
2014-03-21 22:29:27 +01:00
Zdenek Kabelac
5740c00f3b cleanup: clvmd reindent read_from_local_sock
Shift indent of else branch to right since
error path returns in the front.
(Simplier to read)
2014-03-21 22:29:26 +01:00
Zdenek Kabelac
dd17286c90 cleanup: clvmd indent change
Plain indent changes.
2014-03-21 22:29:26 +01:00
Zdenek Kabelac
0b79979bb9 cleanup: clvmd dump_messages 2014-03-21 22:29:26 +01:00
Zdenek Kabelac
f8cd435cd8 cleanup: clvmd update log_error
Drop \n from log_error() and add '.'
2014-03-21 22:29:26 +01:00
Zdenek Kabelac
4c97ea2ce5 cleanup: clvmd drop goto 2014-03-21 22:29:25 +01:00
Zdenek Kabelac
7d49c33ffc cleanup: clvmd skip reset of null pointer 2014-03-21 22:29:25 +01:00
Zdenek Kabelac
bf19c6be2c cleanup: clvmd move destroy_lvhash into main
Keep destruction code path consistent and simple and
destroy lvhash in the place it's been created.
Also issue debug message from a single place.
2014-03-21 22:29:25 +01:00
Zdenek Kabelac
46ae028cd3 singlenode: reset pointer when hash is destroyed
Just keep pointer consistent.
2014-03-21 22:29:25 +01:00
Zdenek Kabelac
7041c8bf51 clvmd: drop dead code
Since pipe_client has been already reset to NULL,
remove this dead code.
2014-03-21 22:29:24 +01:00
Zdenek Kabelac
73978f8d7d clvmd: drop unused local_sock parameter 2014-03-21 22:29:24 +01:00
Zdenek Kabelac
37396e2fe5 clvmd: update add_reply_to_list
Take mutex lock after the allocation just before
the structure is merged into reply list.
2014-03-21 22:29:24 +01:00
Zdenek Kabelac
2847994624 clvmd: use dm_malloc
Use libdm malloc wrapper functions.
2014-03-21 22:29:24 +01:00
Zdenek Kabelac
c45cd6eb8d clvmd: move call of cluster_closedown
We have to close cluster in some predicatable way,
otherwise we may access released memory from different
threads.

So move closedown till the point we know all thread
are closed. New messages from cluster are discarded.
2014-03-21 22:29:23 +01:00
Zdenek Kabelac
fc39ad677b clvmd: move destroy_lvm into lvm thread
Since lvm was initialized in lvm thread call destroy there as well.
2014-03-21 22:29:23 +01:00
Zdenek Kabelac
8431d47b3b clvmd: add special lvm thread exit
When multiple threads act on the same 'quit' variable
the order of exit becomes unpredictable.

So let the main_loop() finish first and then clean up
all queued lvm jobs.

Do not add any new work, when lvm_thread_exit is set.
2014-03-21 22:29:23 +01:00
Zdenek Kabelac
05a532e171 clvmd: always set cleanup_needed
When thread is created, set the cleanup_needed flag
immediately so it could be used properly any time later
when cleanup_zombie() is needed.
2014-03-21 22:29:23 +01:00
Zdenek Kabelac
5bea2b5c82 clvmd: fix clean memory on exit
Properly clean 'client' structure only for LOCAL_SOCK type.
(Fixes bug from commit 460c19df62)
(in release fix)

Also cleanup-up associated pthreads by using cleanup_zombie() function.
Since this function may change the list, restart scanning always from
the list header.

Note: couple following patches are necessary to make this working properly.
2014-03-21 22:29:22 +01:00
Zdenek Kabelac
6c892be4a5 clvmd: fix the len setting in last commit
When theoretically sending 0 length buffer, ensure 0 is returned.
2014-03-10 12:35:44 +01:00
Zdenek Kabelac
341055ddb3 cleanup: clvmd use struct initializers
Simplify code, and use compiler capability to
initilize struct members on its own.
2014-03-10 12:24:10 +01:00
Zdenek Kabelac
c44ede31a3 cleanup: clvmd use else if
When string already matches, skip rest of tests.
2014-03-10 12:24:09 +01:00
Zdenek Kabelac
2cfe0840d2 cleanup: clvmd assign NULL to pointers
Use NULL when assigning to void*.
2014-03-10 12:24:09 +01:00
Zdenek Kabelac
c824369fbd cleanup: clvmd indent changes
Improve readbility of clvmd code.
Remove some unneeded braces.
2014-03-10 12:24:09 +01:00
Zdenek Kabelac
109564d6a5 cleanup: clvmd simplify loops
Rewrite write loops to be more readable.
2014-03-10 12:24:09 +01:00
Zdenek Kabelac
3d23404081 cleanup: clvmd rewrite send_message
Improve readability of code and make it clear what it tries
to achieve.
2014-03-10 12:24:09 +01:00
Zdenek Kabelac
cbca815dc4 cleanup: clvmd reindent lock_vg code
Code had wrong indent level, improve readability.
2014-03-10 12:24:09 +01:00
Zdenek Kabelac
460c19df62 clvmd: fix memleak on exit
This patch will releases allocated private resources from
startup. Needs previous dm_zalloc patch to ensure unset
private pointer is NULL.

TODO: check on real cluster.
2014-03-10 12:21:32 +01:00
Zdenek Kabelac
38ce06e448 clvmd: use dm_zalloc for socket allocation
Instead of doing individual settings for struct members,
ensure whole struct is in defined state.
2014-03-10 12:20:49 +01:00
Zdenek Kabelac
760714829b cleanup: skip double assign
Assing NULL to type only in defaut: switch.
Debug print '--'  for  unlocked and unused resource (-1)
2013-12-17 14:08:54 +01:00
Zdenek Kabelac
30a81e5989 cleanup: self compilable headers 2013-12-12 13:28:19 +01:00
Peter Rajnoha
481edce41f compile/link: use RELRO/PIE compiler/linker options for executables 2013-12-05 14:03:10 +01:00
Peter Rajnoha
a65ab773b4 daemons: use PIE and RELRO compiler/linker options
The PIE and RELRO compiler/linker options can be used to produce a code
some techniques applied that makes the code more immune to some attacks:

  - PIE (Position Independent Executable). It can make use of the ASLR
    (Address Space Layout Randomization) provided by kernel to avoid
    static locations for .text regions of executables (this is the 'pie'
    compiler and linker option)

  - RELRO (Relocation Read-Only). This prevents overwrite attacks of
    the GOT (Global Offset Table) and PLT (Procedure Lookup Table)
    used for relocations by making it read-only after all relocations
    are resolved (these are the 'relro' and 'now' linker options) -
    hence all symbols are resolved at the very start so there's no
    need for those tables to be writeable later.

These compiler/linker options are now used by default for daemons
if the compiler/linker supports it.
2013-12-04 13:30:08 +01:00
Zdenek Kabelac
50e1fad86a cleanup: use matching signed types 2013-11-28 12:47:51 +01:00
Peter Rajnoha
b6b5299d1e corosync: fix some gcc warnings
warning: function declaration isn't a prototype [-Wstrict-prototypes]
warning: old-style function definition [-Wold-style-definition]
2013-11-06 14:55:18 +01:00
David Teigland
4c0db84948 clvmd: fix verify message rejection of REMOTE flag
This fixes a bug in commit 19baf842 where verify_message
was rejecting the CLVMD_FLAG_REMOTE flag.  It was missed
since the patch was ported from an lvm version where that
flag does not exist.
2013-10-24 11:18:22 -05:00
Peter Rajnoha
039bdad732 activation: flag temporary LVs internally
Add LV_TEMPORARY flag for LVs with limited existence during command
execution. Such LVs are temporary in way that they need to be activated,
some action done and then removed immediately. Such LVs are just like
any normal LV - the only difference is that they are removed during
LVM command execution. This is also the case for LVs representing
future pool metadata spare LVs which we need to initialize by using
the usual LV before they are declared as pool metadata spare.

We can optimize some other parts like udev to do a better job if
it knows that the LV is temporary and any processing on it is just
useless.

This flag is orthogonal to LV_NOSCAN flag introduced recently
as LV_NOSCAN flag is primarily used to mark an LV for the scanning
to be avoided before the zeroing of the device happens. The LV_TEMPORARY
flag makes a difference between a full-fledged LV visible in the system
and the LV just used as a temporary overlay for some action that needs to
be done on underlying PVs.

For example: lvcreate --thinpool POOL --zero n -L 1G vg

- first, the usual LV is created to do a clean up for pool metadata
  spare. The LV is activated, zeroed, deactivated.

- between "activated" and "zeroed" stage, the LV_NOSCAN flag is used
  to avoid any scanning in udev

- betwen "zeroed" and "deactivated" stage, we need to avoid the WATCH
  udev rule, but since the LV is just a usual LV, we can't make a
  difference. The LV_TEMPORARY internal LV flag helps here. If we
  create the LV with this flag, the DM_UDEV_DISABLE_DISK_RULES
  and DM_UDEV_DISABLE_OTHER_RULES flag are set (just like as it is
  with "invisible" and non-top-level LVs) - udev is directed to
  skip WATCH rule use.

- if the LV_TEMPORARY flag was not used, there would normally be
  a WATCH event generated once the LV is closed after "zeroed"
  stage. This will make problems with immediated deactivation that
  follows.
2013-10-23 14:09:37 +02:00
Peter Rajnoha
ce7489ed22 activation: add support for flagging an LV to skip udev scanning during activation
A common scenario is during new LV creation when we need to wipe the
newly created LV and avoid any udev scanning before this stage otherwise
it could cause the device (the LV) to be claimed by some other subsystem
for which there were stale metadata within LV data.

This patch adds possibility to mark the LV we're just about to wipe with
a flag that gets passed to udev via DM_COOKIE as a subsystem specific
flag - DM_SUBSYSTEM_UDEV_FLAG0 (in this case the subsystem is "LVM")
so LVM udev rules will take care of handling that.
2013-10-08 13:43:14 +02:00
Christine Caulfield
431eda63cc clvmd: Fix node up/down handing in corosync module
The corosync cluster interface for clvmd did not correctly
deal with node up/down events so that when a node was removed
from the cluster clvmd would prevent remote operations
from happening, as it thought the node was up but not
running clvmd.

This patch fixes that code by simplifying the case to node
being  up or down - which was the original intention
and is supported by pacemaker and CPG in the higher layers.

Signed-off-by: Christine Caulfield <ccaulfie@redhat.com>
2013-09-23 13:23:00 +01:00
Petr Rockai
25bed99681 clvmd: Avoid a 3-way deadlock in dead-client cleanup. 2013-09-18 21:17:48 +02:00
Zdenek Kabelac
4dc1668467 tests: singlenode cleanup for prev commit
Add few more comments and cleanup some warnings.
2013-09-12 11:29:18 +02:00
Zdenek Kabelac
2a6abcb80a tests: singlenode updates
Add more 'realistic' simulation of dlm locking.
Previous version was not capable to maintain multiple locks.
Current version doesn't handle multiqueues for locks,
so the ordering is different.
2013-09-12 10:40:39 +02:00
Zdenek Kabelac
7b5f2e7f34 clvmd: add missing debug newline
Just missing new line.
2013-09-12 10:38:49 +02:00
Peter Rajnoha
0563bd0037 fix: some issues reported by coverity
- null_fd resource leak on error path in _reopen_fd_null fn
  - dead code in verify_message in clvmd code
  - dead code in _init_filter_components in toolcontext code
  - null dereference in dm_prepare_selinux_context on error path if
    setfscreatecon fails while resetting SELinux context
2013-08-15 12:23:49 +02:00
Zdenek Kabelac
7b1315411f clmvd: fix decriptor leak on restart
Do not leave descriptor used for dup2() openned.
2013-08-06 16:20:36 +02:00
David Teigland
19baf84290 clvmd: verify messages before processing
Check that fields in clvm_header are valid when
local or remote messages are received.  If not,
log an error, dump the message data and ignore
the message.
2013-08-02 09:55:54 -05:00
Peter Rajnoha
8769033e07 toolcontext: add a few comments for struct cmd_context and rename config_valid -> config_initialized
Just to make it more clear and also not to confuse
config_valid with check against config definition
(and its 'valid' flag within the config defintion tree).
2013-07-02 15:22:11 +02:00
Peter Rajnoha
50bf2c0db1 config: add profile arg to find_config_tree_int 2013-07-02 15:19:09 +02:00
Peter Rajnoha
06dd66af54 config: add profile arg to find_config_tree_str 2013-07-02 15:19:09 +02:00
Petr Rockai
7d644443e0 activation: Pass both ondisk and incore LV to suspend. 2013-06-10 17:26:38 +02:00
Petr Rockai
f65dd341a5 locking: Make it possible to pass down an LV to activation code.
Previously, we have relied on UUIDs alone, and on lvmcache to make getting a
"new copy" of VG metadata fast. If the code which triggers the activation has
the correct VG metadata at hand (the version which is currently on disk), it can
now hand it to the activation code directly.
2013-06-10 17:26:38 +02:00
Alasdair G Kergon
2fbe1e6e00 rephrasing: miscellaneous changes
Miscellaneous changes to messages, man pages, comments and WHATS_NEW.
2013-05-15 01:50:42 +01:00
Zdenek Kabelac
d51b7e5404 clvmd: avoid pretesting of dev availability
Patch fixes hidden problem with lvm metadata caching.

When the pretest was made, only the commited data have been cached back
since the call lv_info_by_lvid() triggers mda read operation.
However call of lv_suspend_if_active() also reads precommited metadata.
The problem is visible in this sequence of calls:

vg_write(), suspend_lv(), vg_commit(), resume_lv()

which may end with leaving outdated mda in lvm cache, since vg_write()
drops cached metadata and vg_commit() only transforms precommited
to commited metadata, but in the case of pretesting we have
no precommited mda available so the cache will continue to use
old metadata. This happens, when suspend LV is inactive.
2013-04-25 17:33:22 +02:00
Zdenek Kabelac
994c32272e test: singlenode minor cleanups
Move unnecessary code out of locks.
2013-04-21 23:15:07 +02:00
Zdenek Kabelac
9cdcde494f cleanup: drop unwanted ';' 2013-04-21 23:15:07 +02:00
Zdenek Kabelac
d38af2857f cleanup: cast to len's type
Cleanup different signess gcc warning.
2013-04-21 23:14:05 +02:00
Zdenek Kabelac
5070ffbca7 clvmd: avoid logging in signal handler
debuglog in the main thread.
2013-04-21 22:56:59 +02:00
Zdenek Kabelac
61d0ae7019 clvmd: use pclose
For popened FILE use pclose.
2013-04-21 22:56:59 +02:00
Zdenek Kabelac
0125518d6d clvmd: preserve foreground mode across restart
Keep clvmd in foreground when restarted.
Useful for testing.
2013-04-21 22:56:48 +02:00
Zdenek Kabelac
c9d8d22224 clmvd: fix responce status
Failing status code is expected to be 0.
Also do not return '*response' as pointer which has been already free().
2013-04-21 22:54:42 +02:00
Peter Rajnoha
386886f71c config: refer to config nodes using assigned IDs
For example, the old call and reference:

  find_config_tree_str(cmd, "devices/dir", DEFAULT_DEV_DIR)

...now becomes:

  find_config_tree_str(cmd, devices_dir_CFG)

So we're referring to the named configuration ID instead
of passing the configuration path and the default value
is taken from central config definition in config_settings.h
automatically.
2013-03-06 10:14:33 +01:00
Zdenek Kabelac
8bcc1da2f3 locales: use higher prio LC_ALL variable
For reseting locale environment into significantly less memory
consuming version 'C' - use LC_ALL instead of LANG since it has
higher priority in locale settings.

Otherwise we may observe whole locale-archive which might be
over 100MB on i.e. Fedora systems locked in memory with
some daemons.
2013-01-22 11:25:02 +01:00
Zdenek Kabelac
a266154e1f cleanup: singlenode minor change
Use strcpy instead of sprintf for plain string.
And use dm_strncpy for safer strncpy.

TODO: Fix API return values for cluster functions.
2012-12-15 14:57:40 +01:00
Zdenek Kabelac
1d774e5667 cleanup: drop test for optarg NULL
Since -d takes an argument, we do not need to check for
optarg being NULL here.
2012-12-15 14:57:40 +01:00
Zdenek Kabelac
13fe333b54 clvmd: fix parsing of -d argument
clvmd -d option parsing was not working properly.

clvmd -d 2   (with space) has been ignored because of
'::' used in getopt string, and as failsafe it's been used '1'.

Later this debug_arg has been ignored and debug_opt was used
instead which happend to have value '1'.

Submitted-by: Robert Milasan <rmilasan at suse.com>
Reported-by: Robert Milasan  <rmilasan at suse.com>
2012-10-19 15:35:56 +02:00
Zdenek Kabelac
c6f680ee49 clvmd,lvmetad: check for fcntl result
Report any problem of fcntl.
2012-08-23 14:38:48 +02:00
Zdenek Kabelac
286cd2006b cleanup: drop unneeded included header files
This headers were not resolving anything used for compiled .c files.
Remove unused util.c file.
2012-08-23 14:37:20 +02:00
Zdenek Kabelac
59ca324c35 clvmd: release excl_uuid hash
Release allocated hash before exit.
2012-08-23 14:34:56 +02:00
Zdenek Kabelac
6f3cd63551 cleanup: replace memset with struct initilization
Simplifies the code, properly detects too long socket paths,
drops unused parameter.
2012-06-22 13:23:03 +02:00
Zdenek Kabelac
8262a3f6ca Update singlenode locking
Support lock conversion
Work also with LCK_READ
TODO: do more validation.
2012-04-24 12:16:40 +00:00
Milan Broz
61a1effcf1 Avoid closing clvmd socket twice. 2012-03-27 16:59:28 +00:00
Zdenek Kabelac
5da4d94adc Return mem fail if hash insert fails 2012-03-23 09:48:17 +00:00
Zdenek Kabelac
4ea8533f30 Make sure namelen fits into buffer allocated on stack 2012-03-23 09:43:44 +00:00
Milan Broz
ff58a4b099 Remove some whitespaces.
(Test commit.)
2012-03-10 10:39:28 +00:00
Milan Broz
7991a9636e Remove some whitespaces.
(test commit)
2012-03-10 09:32:46 +00:00
Zdenek Kabelac
79e4194e59 Add traceback for failpath 2012-03-01 22:55:21 +00:00
Zdenek Kabelac
dc1be80b26 Debug log for hold_lock failure 2012-03-01 21:18:38 +00:00
Zdenek Kabelac
f3c177312f Correct enum type
Using debug_t and some forgetten alloc_policy_t, force_t from past commit.
2012-03-01 21:14:43 +00:00
Zdenek Kabelac
c452307543 Few more close and dev_close trace
Adding (void) where we cannot really report an error.
2012-03-01 21:12:37 +00:00
Zdenek Kabelac
f9467799c1 Check for allocation error
return ENOMEM when malloc fails.
2012-03-01 09:54:23 +00:00
Zdenek Kabelac
bd046f0201 Ensure clvmd message is always \0 terminated
Drop whole buffer clearing (most messages at <100 bytes).
Just make sure we have always \0 terminated string for strlen() operations.
(before for PIPE_BUF sized messages this was not set).
2012-02-28 11:06:56 +00:00
Zdenek Kabelac
e5d399f667 Missed to properly merge patch for definition of MAX_MISSING_LEN
(fix previous commit)
2012-02-28 10:42:20 +00:00
Zdenek Kabelac
4d44893d60 Add log_sys_error for close 2012-02-28 10:14:06 +00:00
Zdenek Kabelac
696052b78e Limit max size of clvmd message
This could be seen as some sort of simple validation - it's not easy to
recognize a valid message for now - but we definitely do not want to
allocate a lot of megabytes in  clvmd memory locked daemon when broken
message gets in.

Size of 8000 is just selected for now - possibly there could be much
lower value put in.
2012-02-28 09:58:19 +00:00
Zdenek Kabelac
782a37e411 Do not send uninitilised bytes
Use struct initalizers to fill struct members and at the same time have
all unspecified members set to 0.
2012-02-28 09:53:55 +00:00
Zdenek Kabelac
8918bf2430 Add some log_sys_errors to close() call 2012-02-27 11:28:47 +00:00
Zdenek Kabelac
75f8f3ce8b Nicer cleanup of excl_uuid hash
Since it on exit path, it's not a big difference,
but makes less noise in analyzer and valgrind.
2012-02-27 11:26:25 +00:00
Zdenek Kabelac
25555737bd A bit more safe version of sprintf
Use just buffer size limit (it's used for debug only)
2012-02-27 10:17:06 +00:00
Zdenek Kabelac
8df2c89cd4 Explicitely ignore result from sync_unlock()
Make it obvious to analyzer - we can't do anything better here anyway.
2012-02-27 10:02:17 +00:00
Zdenek Kabelac
7e25b8f932 Drop uname call, it's not used from gulm era. 2012-02-27 09:58:18 +00:00
Zdenek Kabelac
71f3bbd53f Limit sscanf params with size
Make sure parsed string fits given char buffer.
2012-02-23 22:50:50 +00:00
Zdenek Kabelac
ba337a5f3e Remaing code suffling
Move declaration to the front of function to follow coding rules.
2012-02-23 22:23:12 +00:00
Zdenek Kabelac
cdcf7aaf07 A bit more readable code
Just a minor readability conversion.
2012-02-08 13:03:40 +00:00
Alasdair Kergon
b6d7a48480 Automatically detect whether corosync clvmd needs to use confdb or cmap. (fabio) 2012-01-31 21:21:53 +00:00
Zdenek Kabelac
eb2dd721ab Oops missed braces in previous commit
This has disabled clvmd for being executed.
(FIXME improve testing part to catch this fault)
2012-01-26 17:55:55 +00:00
Zdenek Kabelac
4125cf5067 Fix leak of hash table
Minor leak on command initialization.
2012-01-25 22:36:33 +00:00
Zdenek Kabelac
254944d890 Set to a defined value vars used after error path
Static analyzer noticed this vars are used even when error is reported
back thus their state is undefined - set to 0 for this case.
2012-01-25 22:20:11 +00:00