]> bbs.cooldavid.org Git - net-next-2.6.git/blame - fs/dlm/rcom.c
git://bbs.cooldavid.org / net-next-2.6.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
dlm: dlm/user.c input validation fixes
[net-next-2.6.git] / fs / dlm / rcom.c
CommitLineData
e7fd4179
DT		 1/******************************************************************************
2*******************************************************************************
3**
4** Copyright (C) Sistina Software, Inc. 1997-2003 All rights reserved.
dbcfc347 5** Copyright (C) 2005-2008 Red Hat, Inc. All rights reserved.
e7fd4179
DT		 6**
7** This copyrighted material is made available to anyone wishing to use,
8** modify, copy, or redistribute it subject to the terms and conditions
9** of the GNU General Public License v.2.
10**
11*******************************************************************************
12******************************************************************************/
13
14#include "dlm_internal.h"
15#include "lockspace.h"
16#include "member.h"
17#include "lowcomms.h"
18#include "midcomms.h"
19#include "rcom.h"
20#include "recover.h"
21#include "dir.h"
22#include "config.h"
23#include "memory.h"
24#include "lock.h"
25#include "util.h"
26
27
28static int rcom_response(struct dlm_ls *ls)
29{
30 return test_bit(LSFL_RCOM_READY, &ls->ls_flags);
31}
32
33static int create_rcom(struct dlm_ls *ls, int to_nodeid, int type, int len,
34 struct dlm_rcom **rc_ret, struct dlm_mhandle **mh_ret)
35{
36 struct dlm_rcom *rc;
37 struct dlm_mhandle *mh;
38 char *mb;
39 int mb_len = sizeof(struct dlm_rcom) + len;
40
44f487a5 41 mh = dlm_lowcomms_get_buffer(to_nodeid, mb_len, ls->ls_allocation, &mb);
e7fd4179
DT		 42 if (!mh) {
43 log_print("create_rcom to %d type %d len %d ENOBUFS",
44 to_nodeid, type, len);
45 return -ENOBUFS;
46 }
47 memset(mb, 0, mb_len);
48
49 rc = (struct dlm_rcom *) mb;
50
51 rc->rc_header.h_version = (DLM_HEADER_MAJOR | DLM_HEADER_MINOR);
52 rc->rc_header.h_lockspace = ls->ls_global_id;
53 rc->rc_header.h_nodeid = dlm_our_nodeid();
54 rc->rc_header.h_length = mb_len;
55 rc->rc_header.h_cmd = DLM_RCOM;
56
57 rc->rc_type = type;
58
38aa8b0c
DT		 59 spin_lock(&ls->ls_recover_lock);
60 rc->rc_seq = ls->ls_recover_seq;
61 spin_unlock(&ls->ls_recover_lock);
62
e7fd4179
DT		 63 *mh_ret = mh;
64 *rc_ret = rc;
65 return 0;
66}
67
68static void send_rcom(struct dlm_ls *ls, struct dlm_mhandle *mh,
69 struct dlm_rcom *rc)
70{
71 dlm_rcom_out(rc);
72 dlm_lowcomms_commit_buffer(mh);
73}
74
75/* When replying to a status request, a node also sends back its
76 configuration values. The requesting node then checks that the remote
77 node is configured the same way as itself. */
78
79static void make_config(struct dlm_ls *ls, struct rcom_config *rf)
80{
93ff2971
AV		 81 rf->rf_lvblen = cpu_to_le32(ls->ls_lvblen);
82 rf->rf_lsflags = cpu_to_le32(ls->ls_exflags);
e7fd4179
DT		 83}
84
9e971b71 85static int check_config(struct dlm_ls *ls, struct dlm_rcom *rc, int nodeid)
e7fd4179 86{
9e971b71 87 struct rcom_config *rf = (struct rcom_config *) rc->rc_buf;
02ed16b6 88 size_t conf_size = sizeof(struct dlm_rcom) + sizeof(struct rcom_config);
9e971b71
DT		 89
90 if ((rc->rc_header.h_version & 0xFFFF0000) != DLM_HEADER_MAJOR) {
91 log_error(ls, "version mismatch: %x nodeid %d: %x",
92 DLM_HEADER_MAJOR | DLM_HEADER_MINOR, nodeid,
93 rc->rc_header.h_version);
8b0e7b2c 94 return -EPROTO;
9e971b71
DT		 95 }
96
02ed16b6
AV		 97 if (rc->rc_header.h_length < conf_size) {
98 log_error(ls, "config too short: %d nodeid %d",
99 rc->rc_header.h_length, nodeid);
100 return -EPROTO;
101 }
102
93ff2971
AV		 103 if (le32_to_cpu(rf->rf_lvblen) != ls->ls_lvblen ||
104 le32_to_cpu(rf->rf_lsflags) != ls->ls_exflags) {
e7fd4179 105 log_error(ls, "config mismatch: %d,%x nodeid %d: %d,%x",
93ff2971
AV		 106 ls->ls_lvblen, ls->ls_exflags, nodeid,
107 le32_to_cpu(rf->rf_lvblen),
108 le32_to_cpu(rf->rf_lsflags));
8b0e7b2c 109 return -EPROTO;
e7fd4179
DT		 110 }
111 return 0;
112}
113
98f176fb
DT		 114static void allow_sync_reply(struct dlm_ls *ls, uint64_t *new_seq)
115{
116 spin_lock(&ls->ls_rcom_spin);
117 *new_seq = ++ls->ls_rcom_seq;
118 set_bit(LSFL_RCOM_WAIT, &ls->ls_flags);
119 spin_unlock(&ls->ls_rcom_spin);
120}
121
122static void disallow_sync_reply(struct dlm_ls *ls)
123{
124 spin_lock(&ls->ls_rcom_spin);
125 clear_bit(LSFL_RCOM_WAIT, &ls->ls_flags);
126 clear_bit(LSFL_RCOM_READY, &ls->ls_flags);
127 spin_unlock(&ls->ls_rcom_spin);
128}
129
e7fd4179
DT		 130int dlm_rcom_status(struct dlm_ls *ls, int nodeid)
131{
132 struct dlm_rcom *rc;
133 struct dlm_mhandle *mh;
134 int error = 0;
135
faa0f267 136 ls->ls_recover_nodeid = nodeid;
e7fd4179
DT		 137
138 if (nodeid == dlm_our_nodeid()) {
4007685c 139 rc = ls->ls_recover_buf;
e7fd4179
DT		 140 rc->rc_result = dlm_recover_status(ls);
141 goto out;
142 }
143
144 error = create_rcom(ls, nodeid, DLM_RCOM_STATUS, 0, &rc, &mh);
145 if (error)
146 goto out;
98f176fb
DT		 147
148 allow_sync_reply(ls, &rc->rc_id);
68c817a1 149 memset(ls->ls_recover_buf, 0, dlm_config.ci_buffer_size);
e7fd4179
DT		 150
151 send_rcom(ls, mh, rc);
152
153 error = dlm_wait_function(ls, &rcom_response);
98f176fb 154 disallow_sync_reply(ls);
e7fd4179
DT		 155 if (error)
156 goto out;
157
4007685c 158 rc = ls->ls_recover_buf;
e7fd4179
DT		 159
160 if (rc->rc_result == -ESRCH) {
161 /* we pretend the remote lockspace exists with 0 status */
162 log_debug(ls, "remote node %d not ready", nodeid);
163 rc->rc_result = 0;
164 } else
9e971b71 165 error = check_config(ls, rc, nodeid);
e7fd4179
DT		 166 /* the caller looks at rc_result for the remote recovery status */
167 out:
168 return error;
169}
170
171static void receive_rcom_status(struct dlm_ls *ls, struct dlm_rcom *rc_in)
172{
173 struct dlm_rcom *rc;
174 struct dlm_mhandle *mh;
175 int error, nodeid = rc_in->rc_header.h_nodeid;
176
177 error = create_rcom(ls, nodeid, DLM_RCOM_STATUS_REPLY,
178 sizeof(struct rcom_config), &rc, &mh);
179 if (error)
180 return;
4a99c3d9 181 rc->rc_id = rc_in->rc_id;
38aa8b0c 182 rc->rc_seq_reply = rc_in->rc_seq;
e7fd4179
DT		 183 rc->rc_result = dlm_recover_status(ls);
184 make_config(ls, (struct rcom_config *) rc->rc_buf);
185
186 send_rcom(ls, mh, rc);
187}
188
4a99c3d9 189static void receive_sync_reply(struct dlm_ls *ls, struct dlm_rcom *rc_in)
e7fd4179 190{
98f176fb
DT		 191 spin_lock(&ls->ls_rcom_spin);
192 if (!test_bit(LSFL_RCOM_WAIT, &ls->ls_flags) ||
193 rc_in->rc_id != ls->ls_rcom_seq) {
194 log_debug(ls, "reject reply %d from %d seq %llx expect %llx",
195 rc_in->rc_type, rc_in->rc_header.h_nodeid,
57adf7ee
RK		 196 (unsigned long long)rc_in->rc_id,
197 (unsigned long long)ls->ls_rcom_seq);
98f176fb 198 goto out;
4a99c3d9 199 }
e7fd4179
DT		 200 memcpy(ls->ls_recover_buf, rc_in, rc_in->rc_header.h_length);
201 set_bit(LSFL_RCOM_READY, &ls->ls_flags);
98f176fb 202 clear_bit(LSFL_RCOM_WAIT, &ls->ls_flags);
e7fd4179 203 wake_up(&ls->ls_wait_general);
98f176fb
DT		 204 out:
205 spin_unlock(&ls->ls_rcom_spin);
e7fd4179
DT		 206}
207
208int dlm_rcom_names(struct dlm_ls *ls, int nodeid, char *last_name, int last_len)
209{
210 struct dlm_rcom *rc;
211 struct dlm_mhandle *mh;
4007685c
AV		 212 int error = 0;
213 int max_size = dlm_config.ci_buffer_size - sizeof(struct dlm_rcom);
e7fd4179 214
faa0f267 215 ls->ls_recover_nodeid = nodeid;
e7fd4179
DT		 216
217 if (nodeid == dlm_our_nodeid()) {
218 dlm_copy_master_names(ls, last_name, last_len,
4007685c
AV		 219 ls->ls_recover_buf->rc_buf,
220 max_size, nodeid);
e7fd4179
DT		 221 goto out;
222 }
223
224 error = create_rcom(ls, nodeid, DLM_RCOM_NAMES, last_len, &rc, &mh);
225 if (error)
226 goto out;
227 memcpy(rc->rc_buf, last_name, last_len);
98f176fb
DT		 228
229 allow_sync_reply(ls, &rc->rc_id);
68c817a1 230 memset(ls->ls_recover_buf, 0, dlm_config.ci_buffer_size);
e7fd4179
DT		 231
232 send_rcom(ls, mh, rc);
233
234 error = dlm_wait_function(ls, &rcom_response);
98f176fb 235 disallow_sync_reply(ls);
e7fd4179
DT		 236 out:
237 return error;
238}
239
240static void receive_rcom_names(struct dlm_ls *ls, struct dlm_rcom *rc_in)
241{
242 struct dlm_rcom *rc;
243 struct dlm_mhandle *mh;
38aa8b0c 244 int error, inlen, outlen, nodeid;
e7fd4179
DT		 245
246 nodeid = rc_in->rc_header.h_nodeid;
247 inlen = rc_in->rc_header.h_length - sizeof(struct dlm_rcom);
68c817a1 248 outlen = dlm_config.ci_buffer_size - sizeof(struct dlm_rcom);
e7fd4179
DT		 249
250 error = create_rcom(ls, nodeid, DLM_RCOM_NAMES_REPLY, outlen, &rc, &mh);
251 if (error)
252 return;
4a99c3d9 253 rc->rc_id = rc_in->rc_id;
38aa8b0c 254 rc->rc_seq_reply = rc_in->rc_seq;
e7fd4179
DT		 255
256 dlm_copy_master_names(ls, rc_in->rc_buf, inlen, rc->rc_buf, outlen,
257 nodeid);
258 send_rcom(ls, mh, rc);
259}
260
e7fd4179
DT		 261int dlm_send_rcom_lookup(struct dlm_rsb *r, int dir_nodeid)
262{
263 struct dlm_rcom *rc;
264 struct dlm_mhandle *mh;
265 struct dlm_ls *ls = r->res_ls;
266 int error;
267
268 error = create_rcom(ls, dir_nodeid, DLM_RCOM_LOOKUP, r->res_length,
269 &rc, &mh);
270 if (error)
271 goto out;
272 memcpy(rc->rc_buf, r->res_name, r->res_length);
273 rc->rc_id = (unsigned long) r;
274
275 send_rcom(ls, mh, rc);
276 out:
277 return error;
278}
279
280static void receive_rcom_lookup(struct dlm_ls *ls, struct dlm_rcom *rc_in)
281{
282 struct dlm_rcom *rc;
283 struct dlm_mhandle *mh;
284 int error, ret_nodeid, nodeid = rc_in->rc_header.h_nodeid;
285 int len = rc_in->rc_header.h_length - sizeof(struct dlm_rcom);
286
287 error = create_rcom(ls, nodeid, DLM_RCOM_LOOKUP_REPLY, 0, &rc, &mh);
288 if (error)
289 return;
290
291 error = dlm_dir_lookup(ls, nodeid, rc_in->rc_buf, len, &ret_nodeid);
292 if (error)
293 ret_nodeid = error;
294 rc->rc_result = ret_nodeid;
295 rc->rc_id = rc_in->rc_id;
38aa8b0c 296 rc->rc_seq_reply = rc_in->rc_seq;
e7fd4179
DT		 297
298 send_rcom(ls, mh, rc);
299}
300
301static void receive_rcom_lookup_reply(struct dlm_ls *ls, struct dlm_rcom *rc_in)
302{
303 dlm_recover_master_reply(ls, rc_in);
304}
305
306static void pack_rcom_lock(struct dlm_rsb *r, struct dlm_lkb *lkb,
307 struct rcom_lock *rl)
308{
309 memset(rl, 0, sizeof(*rl));
310
163a1859
AV		 311 rl->rl_ownpid = cpu_to_le32(lkb->lkb_ownpid);
312 rl->rl_lkid = cpu_to_le32(lkb->lkb_id);
313 rl->rl_exflags = cpu_to_le32(lkb->lkb_exflags);
314 rl->rl_flags = cpu_to_le32(lkb->lkb_flags);
315 rl->rl_lvbseq = cpu_to_le32(lkb->lkb_lvbseq);
e7fd4179
DT		 316 rl->rl_rqmode = lkb->lkb_rqmode;
317 rl->rl_grmode = lkb->lkb_grmode;
318 rl->rl_status = lkb->lkb_status;
163a1859 319 rl->rl_wait_type = cpu_to_le16(lkb->lkb_wait_type);
e7fd4179
DT		 320
321 if (lkb->lkb_bastaddr)
322 rl->rl_asts |= AST_BAST;
323 if (lkb->lkb_astaddr)
324 rl->rl_asts |= AST_COMP;
325
163a1859 326 rl->rl_namelen = cpu_to_le16(r->res_length);
e7fd4179
DT		 327 memcpy(rl->rl_name, r->res_name, r->res_length);
328
329 /* FIXME: might we have an lvb without DLM_LKF_VALBLK set ?
330 If so, receive_rcom_lock_args() won't take this copy. */
331
332 if (lkb->lkb_lvbptr)
333 memcpy(rl->rl_lvb, lkb->lkb_lvbptr, r->res_ls->ls_lvblen);
334}
335
336int dlm_send_rcom_lock(struct dlm_rsb *r, struct dlm_lkb *lkb)
337{
338 struct dlm_ls *ls = r->res_ls;
339 struct dlm_rcom *rc;
340 struct dlm_mhandle *mh;
341 struct rcom_lock *rl;
342 int error, len = sizeof(struct rcom_lock);
343
344 if (lkb->lkb_lvbptr)
345 len += ls->ls_lvblen;
346
347 error = create_rcom(ls, r->res_nodeid, DLM_RCOM_LOCK, len, &rc, &mh);
348 if (error)
349 goto out;
350
351 rl = (struct rcom_lock *) rc->rc_buf;
352 pack_rcom_lock(r, lkb, rl);
353 rc->rc_id = (unsigned long) r;
354
355 send_rcom(ls, mh, rc);
356 out:
357 return error;
358}
359
ae773d0b 360/* needs at least dlm_rcom + rcom_lock */
e7fd4179
DT		 361static void receive_rcom_lock(struct dlm_ls *ls, struct dlm_rcom *rc_in)
362{
363 struct dlm_rcom *rc;
364 struct dlm_mhandle *mh;
365 int error, nodeid = rc_in->rc_header.h_nodeid;
366
367 dlm_recover_master_copy(ls, rc_in);
368
369 error = create_rcom(ls, nodeid, DLM_RCOM_LOCK_REPLY,
370 sizeof(struct rcom_lock), &rc, &mh);
371 if (error)
372 return;
373
374 /* We send back the same rcom_lock struct we received, but
375 dlm_recover_master_copy() has filled in rl_remid and rl_result */
376
377 memcpy(rc->rc_buf, rc_in->rc_buf, sizeof(struct rcom_lock));
378 rc->rc_id = rc_in->rc_id;
38aa8b0c 379 rc->rc_seq_reply = rc_in->rc_seq;
e7fd4179
DT		 380
381 send_rcom(ls, mh, rc);
382}
383
c36258b5
DT		 384/* If the lockspace doesn't exist then still send a status message
385 back; it's possible that it just doesn't have its global_id yet. */
386
387int dlm_send_ls_not_ready(int nodeid, struct dlm_rcom *rc_in)
e7fd4179
DT		 388{
389 struct dlm_rcom *rc;
1babdb45 390 struct rcom_config *rf;
e7fd4179
DT		 391 struct dlm_mhandle *mh;
392 char *mb;
1babdb45 393 int mb_len = sizeof(struct dlm_rcom) + sizeof(struct rcom_config);
e7fd4179 394
41684f95 395 mh = dlm_lowcomms_get_buffer(nodeid, mb_len, GFP_NOFS, &mb);
e7fd4179
DT		 396 if (!mh)
397 return -ENOBUFS;
398 memset(mb, 0, mb_len);
399
400 rc = (struct dlm_rcom *) mb;
401
402 rc->rc_header.h_version = (DLM_HEADER_MAJOR | DLM_HEADER_MINOR);
403 rc->rc_header.h_lockspace = rc_in->rc_header.h_lockspace;
404 rc->rc_header.h_nodeid = dlm_our_nodeid();
405 rc->rc_header.h_length = mb_len;
406 rc->rc_header.h_cmd = DLM_RCOM;
407
408 rc->rc_type = DLM_RCOM_STATUS_REPLY;
f5888750 409 rc->rc_id = rc_in->rc_id;
38aa8b0c 410 rc->rc_seq_reply = rc_in->rc_seq;
e7fd4179
DT		 411 rc->rc_result = -ESRCH;
412
1babdb45 413 rf = (struct rcom_config *) rc->rc_buf;
93ff2971 414 rf->rf_lvblen = cpu_to_le32(~0U);
1babdb45 415
e7fd4179
DT		 416 dlm_rcom_out(rc);
417 dlm_lowcomms_commit_buffer(mh);
418
419 return 0;
420}
421
38aa8b0c
DT		 422static int is_old_reply(struct dlm_ls *ls, struct dlm_rcom *rc)
423{
424 uint64_t seq;
425 int rv = 0;
426
427 switch (rc->rc_type) {
428 case DLM_RCOM_STATUS_REPLY:
429 case DLM_RCOM_NAMES_REPLY:
430 case DLM_RCOM_LOOKUP_REPLY:
431 case DLM_RCOM_LOCK_REPLY:
432 spin_lock(&ls->ls_recover_lock);
433 seq = ls->ls_recover_seq;
434 spin_unlock(&ls->ls_recover_lock);
435 if (rc->rc_seq_reply != seq) {
8ec68867 436 log_debug(ls, "ignoring old reply %x from %d "
38aa8b0c
DT		 437 "seq_reply %llx expect %llx",
438 rc->rc_type, rc->rc_header.h_nodeid,
439 (unsigned long long)rc->rc_seq_reply,
440 (unsigned long long)seq);
441 rv = 1;
442 }
443 }
444 return rv;
445}
446
c36258b5 447/* Called by dlm_recv; corresponds to dlm_receive_message() but special
e7fd4179
DT		 448 recovery-only comms are sent through here. */
449
c36258b5 450void dlm_receive_rcom(struct dlm_ls *ls, struct dlm_rcom *rc, int nodeid)
e7fd4179 451{
ae773d0b
AV		 452 int lock_size = sizeof(struct dlm_rcom) + sizeof(struct rcom_lock);
453
e7fd4179 454 if (dlm_recovery_stopped(ls) && (rc->rc_type != DLM_RCOM_STATUS)) {
8ec68867 455 log_debug(ls, "ignoring recovery message %x from %d",
e7fd4179
DT		 456 rc->rc_type, nodeid);
457 goto out;
458 }
459
38aa8b0c
DT		 460 if (is_old_reply(ls, rc))
461 goto out;
462
e7fd4179
DT		 463 switch (rc->rc_type) {
464 case DLM_RCOM_STATUS:
465 receive_rcom_status(ls, rc);
466 break;
467
468 case DLM_RCOM_NAMES:
469 receive_rcom_names(ls, rc);
470 break;
471
472 case DLM_RCOM_LOOKUP:
473 receive_rcom_lookup(ls, rc);
474 break;
475
476 case DLM_RCOM_LOCK:
ae773d0b
AV		 477 if (rc->rc_header.h_length < lock_size)
478 goto Eshort;
e7fd4179
DT		 479 receive_rcom_lock(ls, rc);
480 break;
481
482 case DLM_RCOM_STATUS_REPLY:
dbcfc347 483 receive_sync_reply(ls, rc);
e7fd4179
DT		 484 break;
485
486 case DLM_RCOM_NAMES_REPLY:
dbcfc347 487 receive_sync_reply(ls, rc);
e7fd4179
DT		 488 break;
489
490 case DLM_RCOM_LOOKUP_REPLY:
491 receive_rcom_lookup_reply(ls, rc);
492 break;
493
494 case DLM_RCOM_LOCK_REPLY:
ae773d0b
AV		 495 if (rc->rc_header.h_length < lock_size)
496 goto Eshort;
dbcfc347 497 dlm_recover_process_copy(ls, rc);
e7fd4179
DT		 498 break;
499
500 default:
dbcfc347 501 log_error(ls, "receive_rcom bad type %d", rc->rc_type);
e7fd4179 502 }
ae773d0b 503out:
c36258b5 504 return;
ae773d0b
AV		 505Eshort:
506 log_error(ls, "recovery message %x from %d is too short",
507 rc->rc_type, nodeid);
e7fd4179
DT		 508}
509
Clone of davem's net-next-2.6 tree