Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-11626

mdc: obd might go away while referenced by code in mdc_changelog

    XMLWordPrintable

Details

    • 3
    • 9223372036854775807

    Description

      In lustre/mdc/mdc_changelog.c:

      /**
       * Find the OBD device associated to a changelog character device.
       * @param[in]  cdev  character device instance descriptor
       * @return corresponding OBD device or NULL if none was found.
       */
      static struct obd_device *chlg_obd_get(dev_t cdev)
      {
      	int minor = MINOR(cdev);
      	struct obd_device *obd = NULL;
      	struct chlg_registered_dev *curr;
      
      	mutex_lock(&chlg_registered_dev_lock);
      	list_for_each_entry(curr, &chlg_registered_devices, ced_link) {
      		if (curr->ced_misc.minor == minor) {
      			/* take the first available OBD device attached */
      			obd = list_first_entry(&curr->ced_obds,
      					       struct obd_device,
      					       u.cli.cl_chg_dev_linkage);
      			break;
      		}
      	}
      	mutex_unlock(&chlg_registered_dev_lock);
      	return obd;
      }
      

      The "take the first available OBD device attached" approach is broken as that OBD might go away while the changelog is being read.

      Here is an example of how things can go wrong:

      • mount lustre at /mnt/lustre;
      • mount the same lustre filesystem at /mnt/lustre2;
      • open /dev/changelog-lustre-MDT0000 in writing mode;
      • unmount /mnt/lustre;
      • write 'clear:cl0:0' to the opened chardevice.

      That triggers an LBUG.

      Attachments

        1. reproducer.bash
          0.8 kB
          Quentin Bouget

        Issue Links

          Activity

            People

              hongchao.zhang Hongchao Zhang
              cealustre CEA
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: