[#LU-3483] Null pointer dereference in ll_revalidate_nd (llite/dcache.c) in an NFS mounted Lustre file system

[LU-3483] Null pointer dereference in ll_revalidate_nd (llite/dcache.c) in an NFS mounted Lustre file system Created: 19/Jun/13 Updated: 10/Jul/13 Resolved: 10/Jul/13
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	None
Fix Version/s:	Lustre 2.5.0

Type:

Bug

Priority:

Blocker

Reporter:

Patrick Farrell (Inactive)

Assignee:

Keith Mannthey (Inactive)

Resolution:

Fixed

Votes:

Labels:

patch

Environment:

Lustre client >= 2.2, kernel version >= 2.6.38

Severity:

Rank (Obsolete):

8745

Description

We encountered this issue when trying to use an NFS mounted Lustre file system on SLES11SP2. This issue only occurs with a client kernel version >= 2.6.38, so it does not affect SLES11SP1 or Cent OS 6.4.

In calls to ll_revalidate_nd, the nameidata pointer nd is sometimes null. The core code of the function tests for this case and handles it by calling ll_node_revalidate_it.

However, immediately before that code, there is a test to see if the LOOKUP_RCU flag is set in nd->flags. This test does NOT check to see if the nd pointer is null. Per the comment, LOOKUP_RCU was added in kernel 2.6.38, and and this code is #ifdefed accordingly.

The fix is to test if nd is null in the LOOKUP_RCU check.

Here's the revelant code:
—
int ll_revalidate_nd(struct dentry *dentry, struct nameidata *nd)
{
int rc;
ENTRY;

#ifndef HAVE_DCACHE_LOCK
/* kernel >= 2.6.38 supports rcu-walk, but lustre doesn't. */
if (nd->flags & LOOKUP_RCU)
return -ECHILD;
#endif

if (nd && !(nd->flags & (LOOKUP_CONTINUE|LOOKUP_PARENT))) {
—

So the fix is just:
if (nd && nd->flags & LOOKUP_RCU)

This issue is found in 2.2,2.3,2.4, and master, but as noted, only occurs with kernel versions greater than 2.6.38. It is NOT in 2.1, which doesn't appear to have any awareness of LOOKUP_RCU.

I will be committing the Gerrit patch shortly.

Comments

Comment by Patrick Farrell (Inactive) [ 19/Jun/13 ]

I'm not currently able to commit the patch to Gerrit:
git push ssh://paf@review.whamcloud.com:29418/fs/lustre-release HEAD:refs/for/master
Permission denied (publickey).
fatal: The remote end hung up unexpectedly

Comment by Lai Siyao [ 20/Jun/13 ]

Can you upload your patch here? I can help commit it.

Comment by Peter Jones [ 20/Jun/13 ]

I believe that Patrick's issues with gerrit were resolved on the hpdd-discuss mailing list and so he should be ok to upload his patch into gerrit now

Comment by Patrick Farrell (Inactive) [ 20/Jun/13 ]

Peter's right, and here's the patch:
http://review.whamcloud.com/#/c/6715/

Comment by Jodi Levi (Inactive) [ 10/Jul/13 ]

Patch has landed to Master so closing this ticket. If more work is needed under this ticket please let me know and I will reopen

Generated at Sat Feb 10 01:34:18 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.

[LU-3483] Null pointer dereference in ll_revalidate_nd (llite/dcache.c) in an NFS mounted Lustre file system Created: 19/Jun/13 Updated: 10/Jul/13 Resolved: 10/Jul/13