1
0
mirror of git://sourceware.org/git/lvm2.git synced 2025-01-03 05:18:29 +03:00
Commit Graph

487 Commits

Author SHA1 Message Date
Zdenek Kabelac
bebfa29b48 Fix NULL pointer check for *buf
As ternary operator has lower priority then add operation, this check
was not doing what seemed to be expected.

So enclose the test in braces and check for NULL in *buf.
2010-12-17 12:37:49 +00:00
Peter Rajnoha
91106a4a2d Create /var/run/lvm directory during clvmd initialisation if missing.
We need to be sure that /var/run and /var/lock is always there.
(E.g. these two directories could be using tmpfs which then loose
all the content after reboot.)
2010-12-13 10:49:02 +00:00
Peter Rajnoha
7dfce0e467 Add new dm_prepare_selinux_context fn to libdevmapper and use it throughout.
Detect existence of new SELinux selabel interface during configure.
Use new dm_prepare_selinux_context instead of dm_set_selinux_context.

We should set the SELinux context before the actual file system object creation.
The new dm_prepare_selinux_context function sets this using the selabel_lookup
fn in conjuction with the setfscreatecon fn. If selinux/label.h interface
(that should be a part of the selinux library) is not found during configure,
we fallback to the original matchpathcon function instead.
2010-12-13 10:43:56 +00:00
Alasdair Kergon
2b82bd79f5 Rename vg_release to free_vg. 2010-12-08 20:50:48 +00:00
Alasdair Kergon
9d03132282 pre-release 2010-12-06 17:57:14 +00:00
Alasdair Kergon
ea7c621b0a Fix debug logging of derived flag LCK_CACHE in clvmd. 2010-12-06 17:37:09 +00:00
Zdenek Kabelac
250238d04c Log error from unlink failure 2010-12-01 12:41:49 +00:00
Zdenek Kabelac
062181292a Add logging for pipe write() and close() error
Check values from write() and close() system calls.

FIXME: Missing wrapper around 'write()'.
2010-12-01 10:46:20 +00:00
Zdenek Kabelac
a8d4cd68eb Replace snprintf with dm_snprintf
Use dm_snprintf with known error case return code (-1).
2010-11-30 22:16:25 +00:00
Zdenek Kabelac
41cf252f0b Check reallocated buffer for NULL before use
As *buf is reallocated in case CLVMD_CMD_TEST: test for NULL is needed
before printing status.
(realloc() == NULL and status != 0)
2010-11-30 22:11:26 +00:00
Zdenek Kabelac
b20e74d5d6 Remove dead assignment in wait_for_child
'pid' is not used anywhere - remove it.
2010-11-29 12:44:52 +00:00
Zdenek Kabelac
693ec4b404 Use one fprintf call for usage print
Replace multiple fprintf calls with multiline one.
2010-11-29 12:15:41 +00:00
Zdenek Kabelac
2e8d681cf2 Remove dead assignment in 'main'
'ret' is never read anywhere - remove it.
2010-11-29 11:23:14 +00:00
Zdenek Kabelac
1b88184104 Remove printing of LCK_CACHE
LCK_CACHE is defined as 0x100 so it cannot be passed through
unsigned char parameter - remove it from the sprintf code.

If the LCK_CLUSTER should be printed here - lot of code need
to be reworked - so adding FIXME comment.
2010-11-29 11:05:15 +00:00
Zdenek Kabelac
2044eacc7e Add missing fclose
Fixing resource leak in _umount().

CHECKME: mountpoints with spaces need to be checked
2010-11-23 21:19:45 +00:00
Alasdair Kergon
728074ac83 Suppress 'No PV label' message when removing several PVs without mdas. 2010-11-23 01:55:53 +00:00
Alasdair Kergon
962e678174 pre-release 2010-11-08 19:37:40 +00:00
Petr Rockai
fe9ac4d3f4 Add code to the dmeventd snapshot plugin to automatically unmount snapshots
that have been invalidated.
2010-10-29 16:43:51 +00:00
Petr Rockai
63b8dfbde7 Alasdair correctly pointed out that if the two closes are concurrent (I haven't
checked, so they *might*), there is still a race possibility with the last
fix. This patch fixes that.
2010-10-27 11:40:14 +00:00
Petr Rockai
9b2800e861 Fix a double close in clvmd.
The management threads (main_loop, the socket thread) could close a single fd
twice in a row sometimes. At least one other thread can be running at the same
time as the threads doing the double close. That one running thread also
happens to do some IO (namely, open /proc/devices, read from it, close it). If
there was enough "demand" for the local socket, this could happen:

- a connection to clvmd is about to finish, let's say the fd is 13 (it often
  happens to be in my test script, don't ask why)
- the local_sock thread calls close(13)
- the lvm thread calls open("/proc/devices"...) and gets 13
- the main_loop thread calls close(13) [OOPS!]
- new connection arrives, and is accept'd by a (new) local_sock thread
- the accept gives an fd of 13 (since it's the lowest free fd at this point)
- the lvm thread gets around to read from it's /proc/devices handle... 13,
  again
- the lvm thread hangs forever trying to read from the socket instead of
  /proc/devices

Signed-off-by: Petr Rockai <prockai@redhat.com>
Reviewed-by: Milan Broz <mbroz@redhat.com>
2010-10-27 09:13:37 +00:00
Zdenek Kabelac
44110cd33e Add missing return for NULL passed buffer
Function pull_stateo() checks for NULL 'buf' - but return for this error
path was missing.  cmirror code never calls this function with NULL 'buf',
so this fix has no effect on current code base, but makes clang happier.
2010-10-26 10:14:41 +00:00
Zdenek Kabelac
2ecd717dc4 Hotfix usage of __builtin_unreachable()
It's quite new feature which is not supported by older compilers.
So until some better macros are introduced into LVM code - hotfix current
compilation problems and compile this code only for __clang__ defining compilers.
2010-10-26 09:57:03 +00:00
Zdenek Kabelac
6426e5d3e6 Instrument compiler about code unreachability
Clang needs some instrumentation help for static code analysis.
It helps gcc and human reader as well.
2010-10-26 09:01:47 +00:00
Zdenek Kabelac
3a32d104bd Update C declaration () -> (void) 2010-10-26 08:54:37 +00:00
Zdenek Kabelac
321ae653b6 Fix missing initilisation to 0
Add missing init value for variable 'found' which is later tested and may
have contained some garbage value.
2010-10-25 12:59:24 +00:00
Zdenek Kabelac
d80f8cf41b Fix clang warning for ntohl(*((uint32_t *)buf))
We cast (char*) to (uint32_t*) that changes alignment requierements.
For our case the code has been correct as alloca() returns properly
aligned buffer, however this patch make it cleaner and more readable
and avoids warning generation.
2010-10-25 11:57:06 +00:00
Petr Rockai
d95a85ca36 Implement dmeventd -R, allowing dmeventd to be restarted without losing
monitoring state.
2010-10-20 15:12:12 +00:00
Petr Rockai
8f1ead4640 Revert some debug statements that slipped in with last checkin. 2010-10-20 14:51:18 +00:00
Petr Rockai
d28c8ccfbd Fix a deadlock in clvmd.
The signalling code (pthread_cond_signal/pthread_cond_wait) in the
pre_and_post_thread was using the wait mutex (see man pthread_cond_wait)
incorrectly, and this could cause clvmd to deadlock when timing was
right. Detailed explanation of the problem follows.

There is a single mutex around (L for Lock, U for Unlock), a signal (S) and a
wait (W). C for pthread_create. Time flows from left to right, each arrow is a
thread.

So first the "naive" scenario, with no mutex (PPT = pre_and_post_thread, MCT =
main clvmd thread; well actually the thread that does read_from_local_sock). I
will also use X, for a moment when MCT actually waits for something to happen
that PPT was supposed to do.


MCT -----C ------S--X-----S----X----------------------S------XXXXXXXXX
         |                everything OK up to this --> <-- point...
PPT       -----WWW-----WWWW------------------------------WWWWWWWWWWWWW

Ok, so pthread API actually does not let you use W/S like that. It goes out of
its way to tell you that you need a mutex to protect the W so that the above
cannot happen. *But* if you are creative and just lock around the W's and S's,
this happens:

MCT ----C-----LSU----X-----LSU----X------------LSU------XXXXXXX
        |
PPT      ---LWWWU-------LWWWWU-----------------------LWWWWWWWWW

Ooops. Nothing changed (the above is what actually was done by clvmd before
this satch). So let's do it differently, holding L locked *all* the time in
PPT, unless we are actually in W (this is something that the pthread API does
itself, see the man page).

MCT ----C-----LSU------X---LSU---X-----LLLLLLLSU----X----
        |                             (and they live happily ever after)
PPT     L---WWWWW---------WWWW----------------W----------

So W actually ensures that L is unlocked *atomically* together with entering
the wait. That means that unless PPT is actually waiting, it cannot be
signalled by MCT. So if MCT happens to signal it too soon (it wasn't waiting
yet), it (MCT) will be blocked on the mutex (L), until PPT is actually ready to
do something.
2010-10-20 14:46:45 +00:00
Petr Rockai
a341cab721 Implement automatic snapshot extension with dmeventd, and add two new options
to lvm.conf in the activation section: 'snapshot_autoextend_threshold' and
'snapshot_autoextend_percent', that define how to handle automatic snapshot
extension. The former defines when the snapshot should be extended: when its
space usage exceeds this many percent. The latter defines how much extra space
should be allocated for the snapshot, in percent of its current size.
2010-10-15 16:28:14 +00:00
Alasdair Kergon
ac0252ca07 Add dm_zalloc and use it and dm_pool_zalloc throughout. 2010-09-30 21:06:50 +00:00
Zdenek Kabelac
1ebbfd9958 Fix leaked pool report
Swap pool destruction order in dmeventd_lvm2_exit() to fix leak report.
2010-09-30 11:40:14 +00:00
Zdenek Kabelac
c7df0240f9 Add missing cleanup rule for generated .exported_symbols_generated 2010-09-30 10:08:58 +00:00
Jonathan Earl Brassow
34cbedceaf This patch fixes an issue where cluster mirror write I/O
can be opprobriously slow if created with '--nosync'.

One of the ways cluster mirrors coordinate I/O and recovery
amoung the different machines is by the use of the log
function 'is_remote_recovering()' which lets nodes know if
a region they wish to perform a write on is currently being
recovered on another node.  If the region is being recovered,
the I/O is delayed.

The 'is_remote_recovering' routine has been optimized to
avoid the deluge of requests that would be issued to the
userspace log server by maintaining a marker of how far
the recovery has gotten.  It can then immediately return
'not recovering' if the region being inquired about is
less than this mark.  Additionally, if the region of
concern is greater than the mark, the function will
limit the number of transmissions to userspace by assuming
the region /is/ being recovered when skipping the
transmission.  This limits the amount of processing
and updates the mark in 1/4 sec time steps.

This patch fixes a problem where 'the mark' is not being
updated because of faulty logic in the userspace log
daemon.  When '--nosync' is used to create a cluster
mirror, the userspace log daemon never has a chance
to update the mark in the normal way.  The fix is to set
the mark to "complete" if the mirror was created with
the --nosync flag.
2010-08-30 18:37:42 +00:00
Milan Broz
586b56b18c Fix wrong use of LCK_WRITE
In all top vg read functions only LCK_VG_READ/WRITE can be used.
All other vg lock definitions are low-level backend machinery.

Moreover, LCK_WRITE cannot be tested through bitmask.
This patch fixes these mistakes.

For _recover_vg() we do not need lock_flags, it can be only
two of above and we always upgrading to LCK_VG_WRITE lock there.
(N.B. that code is racy)

There is no functional change in code (despite wrong masking
it produces correct bits:-)
2010-08-19 23:26:31 +00:00
Jonathan Earl Brassow
53670b18f5 Fix for bug 596453: multiple mirror image failures cause lvm repair...
The lvm repair issues I believe are the superficial symptoms of this
bug - there are worse issues that are not as clearly seen.  From my
inline comments:
* If the mirror was successfully recovered, we want to always
* force every machine to write to all devices - otherwise,
* corruption will occur.  Here's how:
*    Node1 suffers a failure and marks a region out-of-sync
*    Node2 attempts a write, gets by is_remote_recovering,
*          and queries the sync status of the region - finding
*          it out-of-sync.
*    Node2 thinks the write should be a nosync write, but it
*          hasn't suffered the drive failure that Node1 has yet.
*          It then issues a generic_make_request directly to
*          the primary image only - which is exactly the device
*          that has suffered the failure.
*    Node2 suffers a lost write - which completely bypasses the
*          mirror layer because it had gone through generic_m_r.
*    The file system will likely explode at this point due to
*    I/O errors.  If it wasn't the primary that failed, it is
*    easily possible in this case to issue writes to just one
*    of the remaining images - also leaving the mirror inconsistent.
*
* We let in_sync() return 1 in a cluster regardless of what is
* in the bitmap once recovery has successfully completed on a
* mirror.  This ensures the mirroring code will continue to
* attempt to write to all mirror images.  The worst that can
* happen for reads is that additional read attempts may be
* taken.
2010-08-17 23:56:23 +00:00
Alasdair Kergon
22149572e8 Use 'SINGLENODE' instead of 'dead' in clvmd singlenode messages.
Ignore snapshots when performing mirror recovery beneath an origin.
Pass LCK_ORIGIN_ONLY flag around cluster.
Add suspend_lv_origin and resume_lv_origin using LCK_ORIGIN_ONLY.
2010-08-17 19:25:05 +00:00
Alasdair Kergon
2d6fcbf67d Allow internal suspend and resume of origin without its snapshots. 2010-08-17 16:25:32 +00:00
Alasdair Kergon
d1e8046f56 Various small cleanups and fixes related to monitoring. 2010-08-16 22:54:35 +00:00
Alasdair Kergon
470c18847d Remove superfluous NULL pointer tests before dm_free from dmeventd. 2010-08-16 18:19:46 +00:00
Jonathan Earl Brassow
498747d792 A misunderstanding of the return value of 'dm_bit' has been causing a data
corruption bug in cmirror.  'dm_bit' is only ever used as a boolean operation
within LVM, but it can return a range of values.  If the bit is set, a power of
2 is returned.  If the bit is unset, 0 is returned.

'log_test_bit' (a function in the cluster mirror log daemon code) has switched
to using the dm bit operations in rhel6.  There are two places in the daemon
code where 'log_test_bit' is not used merely as a boolean, but rather the
return value is used as the return value for the log functions 'is_clean' and
'in_sync' - having assumed that 'dm_bit' was returning 0 or 1 only.

One place the 'in_sync' function is utilized is in 'dm_rh_get_state' - a
function that informs the mirroring code how to treat I/O and which devices to
read/write from.  'dm_rh_get_state' was checking if the return value of
'in_sync' was 1 to determine if the region was DM_RH_CLEAN.  Since 'dm_bit'
(and by extension 'log_test_bit' and 'in_sync') was returning powers of 2,
DM_RH_CLEAN was rarely being reported as it should have been.  Thinking the
region was out-of-sync, the mirroring code would write only to the primary
device.  When the primary device was failed, all of those writes were lost -
leaving the entire mirror corrupted.
2010-08-04 18:18:18 +00:00
Zdenek Kabelac
9f926fd060 Use void parameter for function definition. 2010-08-03 13:06:35 +00:00
Alasdair Kergon
65ce9feb72 Never use clvmd singlenode unless explicitly requested with -Isinglenode. 2010-07-28 14:01:40 +00:00
Alasdair Kergon
8bae0a1ecf Change clvmd to communicate with lvm via a socket in /var/run/lvm. (mbroz)
https://bugzilla.redhat.com/show_bug.cgi?id=614248 [CVE-2010-2526]
2010-07-28 13:55:42 +00:00
Fabio M. Di Nitto
8c4e8a185a Add dm_create_lockfile to libdm to handle pidfiles for all daemons.
Switch dmeventd to use dm_create_lockfile and drop duplicate code.
Allow clvmd pidfile to be configurable.
Switch cmirrord and clvmd to use dm_create_lockfile.
2010-07-13 13:51:01 +00:00
Alasdair Kergon
08f1ddea6c Use __attribute__ consistently throughout. 2010-07-09 15:34:40 +00:00
Milan Broz
b5243aac02 Fix another segfault in clvmd -R if no response from daemon received.
Missed the same problem in another function...
2010-07-01 21:46:09 +00:00
Milan Broz
185ac73d18 Remove superfluous suspended device counter from clvmd.
Moreover, in current mirror handling, when it calls activate
on removed but suspended detached log this counter drops below zero
and confuses debug log.
2010-07-01 21:23:47 +00:00
Petr Rockai
6472c7e11f Maintain memlock balance in clvmd.
When a mirror is being downconverted in a cluster, a series of suspends and
resumes is executed.

With the change to using UUIDs in dev_manager instead of names, the behaviour
has changed with regards to including an _mlog in the deptree of a logical
volume. In the old (pre-UUID-enabled) code, the _mlog would appear in a deptree
of any volume purely based on a name match: a linear volume foo would include
foo_mlog in its dependencies if that happened to exist. This behaviour was
fixed and the mlog is now only included for mirrors.

By a coincidence, this mlog bug had been hiding a different bug in clvmd. When
a mirror is being dismantled (and converted to a linear volume), it is first
suspended as a whole, then later resumed in parts. Nevertheless, the overall
memlock balance is maintained in this operation. The problem kicks in, because
even though the mirror log was suspended as part of the mirror, when the
dismantled mirror is resumed again, it is no longer a mirror and therefore the
mirror log stays suspended. This would not be a problem in itself, since
_delete_lv (from metadata/mirror.c) is called on it subsequently, which does an
activate/deactivate cycle and removes the LV. The activate/deactivate cycle
correctly prompts clvmd to resume the device: however, in doing this, it will
issue an unpaired resume operation (the suspend that caused the mirror log to
be suspended is paired with resuming the dismantled mirror later). We have
concluded that the path in clvmd should never affect memlock_count, since there
should never be an unmatched explicit suspend preceding this resume.
2010-06-30 21:40:27 +00:00
Jonathan Earl Brassow
548cc88947 Add error checking for calls to sprintf - it can fail for more
reasons than just 'out-of-space'.
2010-06-21 16:07:06 +00:00