<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/fs/nfs/blocklayout, branch linux-3.9.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>pnfs-block: removing DM device maybe cause oops when call dev_remove</title>
<updated>2013-03-21T14:11:06+00:00</updated>
<author>
<name>fanchaoting</name>
<email>fanchaoting@cn.fujitsu.com</email>
</author>
<published>2013-03-21T01:15:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=4376c94618c26225e69e17b7c91169c45a90b292'/>
<id>4376c94618c26225e69e17b7c91169c45a90b292</id>
<content type='text'>
when pnfs block using device mapper,if umounting later,it maybe
cause oops. we apply "1 + sizeof(bl_umount_request)" memory for
msg-&gt;data, the memory maybe overflow when we do "memcpy(&amp;dataptr
[sizeof(bl_msg)], &amp;bl_umount_request, sizeof(bl_umount_request))",
because the size of bl_msg is more than 1 byte.

Signed-off-by: fanchaoting&lt;fanchaoting@cn.fujitsu.com&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
when pnfs block using device mapper,if umounting later,it maybe
cause oops. we apply "1 + sizeof(bl_umount_request)" memory for
msg-&gt;data, the memory maybe overflow when we do "memcpy(&amp;dataptr
[sizeof(bl_msg)], &amp;bl_umount_request, sizeof(bl_umount_request))",
because the size of bl_msg is more than 1 byte.

Signed-off-by: fanchaoting&lt;fanchaoting@cn.fujitsu.com&gt;
Cc: stable@vger.kernel.org
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>umount oops when remove blocklayoutdriver first</title>
<updated>2013-02-17T20:40:15+00:00</updated>
<author>
<name>fanchaoting</name>
<email>fanchaoting@cn.fujitsu.com</email>
</author>
<published>2013-02-04T13:15:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=5a12cca697aca5dfba42a7d4c3356acc0445a2b0'/>
<id>5a12cca697aca5dfba42a7d4c3356acc0445a2b0</id>
<content type='text'>
now pnfs client uses block layout, maybe we can remove
blocklayoutdriver first. if we umount later,
it can cause oops in unset_pnfs_layoutdriver.
because nfss-&gt;pnfs_curr_ld-&gt;clear_layoutdriver is invalid.

reproduce it:
 modprobe  blocklayoutdriver
 mount -t nfs4 -o minorversion=1 pnfsip:/ /mnt/
 rmmod blocklayoutdriver
 umount /mnt

then you can see following

CPU 0
Pid: 17023, comm: umount.nfs4 Tainted: GF          O 3.7.0-rc6-pnfs #1 VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform
RIP: 0010:[&lt;ffffffffa04cfe6d&gt;]  [&lt;ffffffffa04cfe6d&gt;] unset_pnfs_layoutdriver+0x1d/0x70 [nfsv4]
RSP: 0018:ffff8800022d9e48  EFLAGS: 00010286
RAX: ffffffffa04a1b00 RBX: ffff88000b013800 RCX: 0000000000000001
RDX: ffffffff81ae8ee0 RSI: ffff880001ee94b8 RDI: ffff88000b013800
RBP: ffff8800022d9e58 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff880001ee9400
R13: ffff8800105978c0 R14: 00007fff25846c08 R15: 0000000001bba550
FS:  00007f45ae7f0700(0000) GS:ffff880012c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: ffffffffa04a1b38 CR3: 0000000002c0c000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process umount.nfs4 (pid: 17023, threadinfo ffff8800022d8000, task ffff880006e48aa0)
Stack:
ffff8800105978c0 ffff88000b013800 ffff8800022d9e78 ffffffffa04cd0ce
ffff8800022d9e78 ffff88000b013800 ffff8800022d9ea8 ffffffffa04755a7
ffff8800022d9ea8 ffff880002f96400 ffff88000b013800 ffff880002f96400
Call Trace:
[&lt;ffffffffa04cd0ce&gt;] nfs4_destroy_server+0x1e/0x30 [nfsv4]
[&lt;ffffffffa04755a7&gt;] nfs_free_server+0xb7/0x150 [nfs]
[&lt;ffffffffa047d4d5&gt;] nfs_kill_super+0x35/0x40 [nfs]
[&lt;ffffffff81178d35&gt;] deactivate_locked_super+0x45/0x70
[&lt;ffffffff8117986a&gt;] deactivate_super+0x4a/0x70
[&lt;ffffffff81193ee2&gt;] mntput_no_expire+0xd2/0x130
[&lt;ffffffff81194d62&gt;] sys_umount+0x72/0xe0
[&lt;ffffffff8154af59&gt;] system_call_fastpath+0x16/0x1b
Code: 06 e1 b8 ea ff ff ff eb 9e 0f 1f 44 00 00 55 48 89 e5 53 48 83 ec 08 66 66 66 66 90 48 8b 87 80 03 00 00 48 89 fb 48 85 c0 74 29 &lt;48&gt; 8b 40 38 48 85 c0 74 02 ff d0 48 8b 03 3e ff 48 04 0f 94 c2
RIP  [&lt;ffffffffa04cfe6d&gt;] unset_pnfs_layoutdriver+0x1d/0x70 [nfsv4]
RSP &lt;ffff8800022d9e48&gt;
CR2: ffffffffa04a1b38
---[ end trace 29f75aaedda058bf ]---

Signed-off-by: fanchaoting&lt;fanchaoting@cn.fujitsu.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
Cc: stable@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
now pnfs client uses block layout, maybe we can remove
blocklayoutdriver first. if we umount later,
it can cause oops in unset_pnfs_layoutdriver.
because nfss-&gt;pnfs_curr_ld-&gt;clear_layoutdriver is invalid.

reproduce it:
 modprobe  blocklayoutdriver
 mount -t nfs4 -o minorversion=1 pnfsip:/ /mnt/
 rmmod blocklayoutdriver
 umount /mnt

then you can see following

CPU 0
Pid: 17023, comm: umount.nfs4 Tainted: GF          O 3.7.0-rc6-pnfs #1 VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform
RIP: 0010:[&lt;ffffffffa04cfe6d&gt;]  [&lt;ffffffffa04cfe6d&gt;] unset_pnfs_layoutdriver+0x1d/0x70 [nfsv4]
RSP: 0018:ffff8800022d9e48  EFLAGS: 00010286
RAX: ffffffffa04a1b00 RBX: ffff88000b013800 RCX: 0000000000000001
RDX: ffffffff81ae8ee0 RSI: ffff880001ee94b8 RDI: ffff88000b013800
RBP: ffff8800022d9e58 R08: 0000000000000001 R09: 0000000000000000
R10: 0000000000000000 R11: 0000000000000000 R12: ffff880001ee9400
R13: ffff8800105978c0 R14: 00007fff25846c08 R15: 0000000001bba550
FS:  00007f45ae7f0700(0000) GS:ffff880012c00000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: ffffffffa04a1b38 CR3: 0000000002c0c000 CR4: 00000000000006f0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process umount.nfs4 (pid: 17023, threadinfo ffff8800022d8000, task ffff880006e48aa0)
Stack:
ffff8800105978c0 ffff88000b013800 ffff8800022d9e78 ffffffffa04cd0ce
ffff8800022d9e78 ffff88000b013800 ffff8800022d9ea8 ffffffffa04755a7
ffff8800022d9ea8 ffff880002f96400 ffff88000b013800 ffff880002f96400
Call Trace:
[&lt;ffffffffa04cd0ce&gt;] nfs4_destroy_server+0x1e/0x30 [nfsv4]
[&lt;ffffffffa04755a7&gt;] nfs_free_server+0xb7/0x150 [nfs]
[&lt;ffffffffa047d4d5&gt;] nfs_kill_super+0x35/0x40 [nfs]
[&lt;ffffffff81178d35&gt;] deactivate_locked_super+0x45/0x70
[&lt;ffffffff8117986a&gt;] deactivate_super+0x4a/0x70
[&lt;ffffffff81193ee2&gt;] mntput_no_expire+0xd2/0x130
[&lt;ffffffff81194d62&gt;] sys_umount+0x72/0xe0
[&lt;ffffffff8154af59&gt;] system_call_fastpath+0x16/0x1b
Code: 06 e1 b8 ea ff ff ff eb 9e 0f 1f 44 00 00 55 48 89 e5 53 48 83 ec 08 66 66 66 66 90 48 8b 87 80 03 00 00 48 89 fb 48 85 c0 74 29 &lt;48&gt; 8b 40 38 48 85 c0 74 02 ff d0 48 8b 03 3e ff 48 04 0f 94 c2
RIP  [&lt;ffffffffa04cfe6d&gt;] unset_pnfs_layoutdriver+0x1d/0x70 [nfsv4]
RSP &lt;ffff8800022d9e48&gt;
CR2: ffffffffa04a1b38
---[ end trace 29f75aaedda058bf ]---

Signed-off-by: fanchaoting&lt;fanchaoting@cn.fujitsu.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
Cc: stable@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>NFSv4.1: Move slot table and session struct definitions to nfs4session.h</title>
<updated>2012-12-05T23:30:46+00:00</updated>
<author>
<name>Trond Myklebust</name>
<email>Trond.Myklebust@netapp.com</email>
</author>
<published>2012-11-26T19:20:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=76e697ba7e8d187f50e385d21a2b2f1709a62c14'/>
<id>76e697ba7e8d187f50e385d21a2b2f1709a62c14</id>
<content type='text'>
Clean up. Gather NFSv4.1 slot definitions in fs/nfs/nfs4session.h.

Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Clean up. Gather NFSv4.1 slot definitions in fs/nfs/nfs4session.h.

Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pnfsblock: cleanup nfs4_blkdev_get</title>
<updated>2012-10-08T23:32:40+00:00</updated>
<author>
<name>Peng Tao</name>
<email>bergwolf@gmail.com</email>
</author>
<published>2012-09-25T06:55:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=af283885b70248268617955a5ea5476647bd556b'/>
<id>af283885b70248268617955a5ea5476647bd556b</id>
<content type='text'>
It is not needed at all and it is messing with return values...

Reported-by: Wei Yongjun &lt;yongjun_wei@trendmicro.com.cn&gt;
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
It is not needed at all and it is messing with return values...

Reported-by: Wei Yongjun &lt;yongjun_wei@trendmicro.com.cn&gt;
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>NFS41: send real write size in layoutget</title>
<updated>2012-10-08T23:32:22+00:00</updated>
<author>
<name>Peng Tao</name>
<email>bergwolf@gmail.com</email>
</author>
<published>2012-09-25T06:55:57+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=6296556f0b31eaff29f2a3aee2c17b7eae895b98'/>
<id>6296556f0b31eaff29f2a3aee2c17b7eae895b98</id>
<content type='text'>
For buffer write, block layout client scan inode mapping to find
next hole and use offset-to-hole as layoutget length. Object
layout client uses offset-to-isize as layoutget length.

For direct write, both block layout and object layout use dreq-&gt;bytes_left.

Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
For buffer write, block layout client scan inode mapping to find
next hole and use offset-to-hole as layoutget length. Object
layout client uses offset-to-isize as layoutget length.

For direct write, both block layout and object layout use dreq-&gt;bytes_left.

Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>NFSv4.1: bl_pg_init_write should be static</title>
<updated>2012-10-02T15:34:29+00:00</updated>
<author>
<name>Trond Myklebust</name>
<email>Trond.Myklebust@netapp.com</email>
</author>
<published>2012-10-02T15:29:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=6f018efac14eb267d3ba0aa4294594b556147dba'/>
<id>6f018efac14eb267d3ba0aa4294594b556147dba</id>
<content type='text'>
Reported-by: Fengguang Wu &lt;fengguang.wu@intel.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Reported-by: Fengguang Wu &lt;fengguang.wu@intel.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pnfsblock: use list_move_tail instead of list_del/list_add_tail</title>
<updated>2012-10-01T22:39:05+00:00</updated>
<author>
<name>Wei Yongjun</name>
<email>yongjun_wei@trendmicro.com.cn</email>
</author>
<published>2012-09-05T06:38:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=4e266229dbb0782d91b75633322edd632794b86d'/>
<id>4e266229dbb0782d91b75633322edd632794b86d</id>
<content type='text'>
Using list_move_tail() instead of list_del() + list_add_tail().

spatch with a semantic match is used to found this problem.
(http://coccinelle.lip6.fr/)

Signed-off-by: Wei Yongjun &lt;yongjun_wei@trendmicro.com.cn&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Using list_move_tail() instead of list_del() + list_add_tail().

spatch with a semantic match is used to found this problem.
(http://coccinelle.lip6.fr/)

Signed-off-by: Wei Yongjun &lt;yongjun_wei@trendmicro.com.cn&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pnfsblock: fix non-aligned DIO write</title>
<updated>2012-10-01T22:38:35+00:00</updated>
<author>
<name>Peng Tao</name>
<email>bergwolf@gmail.com</email>
</author>
<published>2012-08-23T16:27:53+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=96c9eae638765c2bf2ca4f5a6325484f9bb69aa7'/>
<id>96c9eae638765c2bf2ca4f5a6325484f9bb69aa7</id>
<content type='text'>
For DIO writes, if it is not blocksize aligned, we need to do
internal serialization. It may slow down writers anyway. So we
just bail them out and resend to MDS.

Cc: stable &lt;stable@vger.kernel.org&gt; [since v3.4]
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
For DIO writes, if it is not blocksize aligned, we need to do
internal serialization. It may slow down writers anyway. So we
just bail them out and resend to MDS.

Cc: stable &lt;stable@vger.kernel.org&gt; [since v3.4]
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pnfsblock: fix non-aligned DIO read</title>
<updated>2012-10-01T22:38:29+00:00</updated>
<author>
<name>Peng Tao</name>
<email>bergwolf@gmail.com</email>
</author>
<published>2012-08-23T16:27:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=f742dc4a32587bff50b13dde9d8894b96851951a'/>
<id>f742dc4a32587bff50b13dde9d8894b96851951a</id>
<content type='text'>
For DIO read, if it is not sector aligned, we should reject it
and resend via MDS. Otherwise there might be data corruption.
Also teach bl_read_pagelist to handle partial page reads for DIO.

Cc: stable &lt;stable@vger.kernel.org&gt; [since v3.4]
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
For DIO read, if it is not sector aligned, we should reject it
and resend via MDS. Otherwise there might be data corruption.
Also teach bl_read_pagelist to handle partial page reads for DIO.

Cc: stable &lt;stable@vger.kernel.org&gt; [since v3.4]
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>pnfsblock: fix partial page buffer wirte</title>
<updated>2012-10-01T22:38:24+00:00</updated>
<author>
<name>Peng Tao</name>
<email>bergwolf@gmail.com</email>
</author>
<published>2012-08-23T16:27:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=fe6e1e8d9fad86873eb74a26e80a8f91f9e870b5'/>
<id>fe6e1e8d9fad86873eb74a26e80a8f91f9e870b5</id>
<content type='text'>
If applications use flock to protect its write range, generic NFS
will not do read-modify-write cycle at page cache level. Therefore
LD should know how to handle non-sector aligned writes. Otherwise
there will be data corruption.

Cc: stable &lt;stable@vger.kernel.org&gt;
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
If applications use flock to protect its write range, generic NFS
will not do read-modify-write cycle at page cache level. Therefore
LD should know how to handle non-sector aligned writes. Otherwise
there will be data corruption.

Cc: stable &lt;stable@vger.kernel.org&gt;
Signed-off-by: Peng Tao &lt;tao.peng@emc.com&gt;
Signed-off-by: Trond Myklebust &lt;Trond.Myklebust@netapp.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
