According https://www.kernel.org/doc/Documentation/mutex-design.txt:
- the mutex subsystem is slightly faster and has better scalability
for contended workloads. In terms of 'ops per CPU cycle', the
semaphore kernel performed 551 ops/sec per 1% of CPU time used,
while the mutex kernel performed 3825 ops/sec per 1% of CPU time
used - it was 6.9 times more efficient.
- there are no fastpath tradeoffs, the mutex fastpath is just as
tight as the semaphore fastpath. On x86, the locking fastpath is
2 instructions.
- 'struct mutex' semantics are well-defined and are enforced if
CONFIG_DEBUG_MUTEXES is turned on. Semaphores on the other hand
have virtually no debugging code or instrumentation.
One more benefit of mutex is optimistic spinning. It try to spin for
acquisition when there are no pending waiters and the lock owner is
currently running on a (different) CPU. The rationale is that if the
lock owner is running, it is likely to release the lock soon.
This significantly reduce amount of context switches when locked
region is small and we have high contention.
Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-on: http://review.whamcloud.com/9095
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4257
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
It's just optimization. The mutex subsystem is slightly faster
and has better scalability for contended workloads.
Remove the lustre_lock and it's accessor functions l_lock(),
l_unlock(), l_lock_init(), and l_has_lock() since they have
not been used by the code since Lustre 1.6.
Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-on: http://review.whamcloud.com/9294
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4588
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Reviewed-by: Alex Zhuravlev <alexey.zhuravlev@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lnet_shutdown_lndnis() may enter endless loop if there is a busy NI,
this is injected by LNet SMP improvements. It's fixed in this patch.
Signed-off-by: Liang Zhen <liang.zhen@intel.com>
Reviewed-on: http://review.whamcloud.com/9706
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4780
Reviewed-by: Isaac Huang <he.huang@intel.com>
Reviewed-by: Bobi Jam <bobijam@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
sscanf format specification '%u' expects type 'unsigned int *'
for 'u', but parameter 3 has a different type 'int*'.
Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-on: http://review.whamcloud.com/9400
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4629
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pointer 'mod' checked for NULL at line 160 may be dereferenced at line 208.
Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-on: http://review.whamcloud.com/9387
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4629
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pointer '*exp' returned from call to function 'class_conn2export'
at line 523 may be NULL and may be dereferenced at line 543.
Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-on: http://review.whamcloud.com/9323
ntel-bug-id: https://jira.hpdd.intel.com/browse/LU-4629
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Locate the loh_flags and loh_ref fields together in lu_object_header
to avoid holes and shrink the structure by 8 bytes.
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-on: http://review.whamcloud.com/9185
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-3059
Reviewed-by: Alex Zhuravlev <alexey.zhuravlev@intel.com>
Reviewed-by: Liang Zhen <liang.zhen@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
We used to access layout version under the protection of ldlm
lock, this introduces extra overhead for dlm lock matching.
In this patch, lli_layout_lock is introduced to access the layout
version. Also, when a layout lock is losing, we should tear down
mmap of the correspoding inode to avoid stale data accessing in the
future.
This is part of technical verification of replication.
Signed-off-by: Jinshan Xiong <jinshan.xiong@intel.com>
Reviewed-on: http://review.whamcloud.com/8689
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-3254
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-by: Bobi Jam <bobijam@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The statahead debug messages include the pid of the current
process in their body. This is both redudant (because all
lustre log messages contain the pid), and sometimes downright
misleading. For instance the messages would say something like
"stopping statahead thread 3446". One would probably think
that 3446 is the pid of the process that is being stopped,
but in fact it was the pid of the caller issuing the stop signal.
We remove all superfluous pids from the messages.
Next we have the ll_statahead_thread() and the ll_agl_thread() record
their respective pids in their respective ptlrpc_thread structures.
This allows to print the pid of the thread that we are trying to
stop (which is actually useful info) from other threads, such as those
calling ll_stop_statahead().
Signed-off-by: Christopher J. Morrone <morrone2@llnl.gov>
Reviewed-on: http://review.whamcloud.com/9360
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4624
Reviewed-by: Fan Yong <fan.yong@intel.com>
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The statahead and statahead agl threads blindly set their
thread state to SVC_RUNNING without checking the state first. If, for
instance, another thread sets the state to SVC_STOPPING that
stop signal will now have been lost. Deadlock ensues.
We also partly improve the sai reference counting, because a race exists
where the ll_stop_statahead thread can drop the default reference, and
the statahead thread can exit and drop its reference as well. With no
references on the sai, the final put will poison and free the buffer. The
original do_statahead_enter() function may then continue to access
the buffer after it is freed because it did not take a reference of its
own. We add a local reference to address that.
Signed-off-by: Christopher J. Morrone <morrone2@llnl.gov>
Reviewed-on: http://review.whamcloud.com/9358
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4624
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
When allocating a reply buffer for the striping information don't
assume the unlikely worst case. Instead, assume the common case
and size the buffer based on the observed default ea/cookie size.
The default size is initialized to a single stripe and allowed to
grow up to an entire page if needed. This means that for smallish
filesystems (less than ~21 OSTs) where the worst case striping
information can fit in a single page there is effectively no
change. Only for larger filesystem will the default be less than
the maximum. This has a number of advantages.
* By limiting the default reply buffer size we avoid always
vmalloc()'ing the buffer because it exceeds four pages in size
and instead kmalloc() it. This prevents the client from
thrashing on the global vmalloc() spin lock.
* A reply buffer of exactly the right size (no larger) is allocated
in the overflow case. These larger reply buffers are still
unlikely to exceed the 16k limit where a vmalloc() will occur.
* Saves memory in the common case. Wide striped files exceeded
the default are expected to be the exception.
The reason this patch works is because the ptlrpc layer is smart
enough to reallocate the reply buffer when an overflow occurs.
Therefore the client doesn't have to drop the incoming reply and
send a new request with a larger reply buffer.
It's also worth mentioning that the reply buffer always contains
a significant amount of extra padding because they are rounded up
to the nearest power of two. This means that even files striped
wider than the default have a good chance of fitting in the
allocated reply buffer.
Also remove client eadatasize check in mdt xattr packing because
as said above client can handle -EOVERFLOW.
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-on: http://review.whamcloud.com/6339
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-3338
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Bob Glossman <bob.glossman@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Otherwise, it will cause deadlock because it essentially holds
some sub locks and then to request others in an arbitrary order.
Signed-off-by: Jinshan Xiong <jinshan.xiong@intel.com>
Reviewed-on: http://review.whamcloud.com/9152
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-by: Bobi Jam <bobijam@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
File write before io loop will take lli_trun_sem read semaphore to
protect osc_extent, while after generic_file_aio_write() done, it
could possible need to kill suid or sgid, which will call
ll_setattr_raw() to change the inode's attribute, and it does not
involve size.
So the ll_truc_sem write semaphore should be constrained
around ll_setattr_ost() to not come across the lli_trunc_sem read
semaphore get from the normal file write path.
Signed-off-by: Bobi Jam <bobijam.xu@intel.com>
Reviewed-on: http://review.whamcloud.com/9267
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4627
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The last parameter @datasync of fsync() has following indication:
* if datasync=0, we'd always flush data and metadata
* if datasync=1, we'd always flush data while does not flush modifed
metadata unless that metadata is needed in order to allow a
subsequent data retrieval to be correctly handled. For example, a
change to the file size would require a metadata flush.
Lustre client can not tell the difference easily, and would issue
MDS_SYNC and OST_SYNC in all cases.
Signed-off-by: Bobi Jam <bobijam.xu@intel.com>
Reviewed-on: http://review.whamcloud.com/8684
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4388
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Setxattr does not check the permission when setting ACL xattrs. This
will cause security problem because any user can walk around
permission checking by changing ACL rules.
Signed-off-by: Li Xi <lixi@ddn.com>
Reviewed-on: http://review.whamcloud.com/9473
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4704
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Bob Glossman <bob.glossman@intel.com>
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The total size of an HSM archive request may exceed the
desired (LNET) message. When this happens, it can hang
the client and not allow the archive request to succeed.
Before we know the total size of the hsm_action_items, we
need to limit the size of the reguest. Doing this limits
the number of items that can be sent in one archive request.
We'e reduced the size allowed for the user archive request
to MDS_MAXREQSIZE/3.
Signed-off-by: James Nunez <james.a.nunez@intel.com>
Reviewed-on: http://review.whamcloud.com/9393
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4639
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If fsname is 8-byte aligned, hai_zero fails to count the ending NULL
terminator causing hai to directly attached after fsname and future
hai_zero will return a different position for first hai.
Signed-off-by: Peng Tao <bergwolf@gmail.com>
Reviewed-on: http://review.whamcloud.com/9431
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4689
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Remove the unused function llog_obd_add(). Remove the unused count and
parameters from llog_cancel(). Move dump_lsm() from obdclass to
the only module that uses it (lov). Remove obd_lov.h.
Signed-off-by: John L. Hammond <john.hammond@intel.com>
Reviewed-on: http://review.whamcloud.com/8545
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-2675
Reviewed-by: Bobi Jam <bobijam@gmail.com>
Reviewed-by: Mike Pershin <mike.pershin@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Remove the unused functions lov_llog_init(), lov_llog_finish(),
their supporting functions, and the file lov_log.c.
Signed-off-by: John L. Hammond <john.hammond@intel.com>
Reviewed-on: http://review.whamcloud.com/8539
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-2675
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Mike Pershin <mike.pershin@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Quiet some common console error messages for permission errors
that can be hit in common cases.
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-on: http://review.whamcloud.com/8988
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4522
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Reviewed-by: Faccini Bruno <bruno.faccini@intel.com>
Reviewed-by: Bob Glossman <bob.glossman@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
In Lustre 2.4, the flags passed to the memory allocation functions are
translated from CFS enumeration values types to the kernel GFP
values by calling cfs_alloc_flags_to_gfp(). This function adds
__GFP_WAIT to all flags except CFS_ALLOC_ATOMIC. In 2.5, when
the cfs wrappers were dropped, cfs_alloc_flags_to_gfp() was
removed and the CFS_ALLOC_xxxx was simply replaced with __GFP_xxxx.
This means that most memory allocation calls are missing the
__GFP_WAIT flag. The result is that Lustre experiences more ENOMEM
errors, many of which the higher levels of Lustre do not handle
robustly.
Notes GFP_NOFS = __GFP_WAIT | __GFP_IO. So the patch replaces
__GFP_IO with GFP_NOFS.
Patch does not add __GFP_WAIT to GFP_IOFS. GFP_IOFS was not used in
Lustre 2.4 so it has never been used with __GFP_WAIT.
Signed-off-by: Ann Koehler <amk@cray.com>
Signed-off-by: Emoly Liu <emoly.liu@intel.com>
Reviewed-on: http://review.whamcloud.com/9223
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4357
Reviewed-by: Liang Zhen <liang.zhen@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Array 'message_buf' of size 500 may use index value(s) -1
Object 'enc_key.data' was freed at line 164 after being freed
by calling 'free' at line 150. Also there are 3 similar errors
on line(s) 164.
Suspicious dereference of pointer 'vmsg' before NULL check at
line 187. Also there are 2 similar errors on line(s) 196, 205.
Suspicious dereference of pointer 'rmsg' before NULL check at
line 191. Also there are 2 similar errors on line(s) 200, 209.
Signed-off-by: Dmitry Eremin <dmitry.eremin@intel.com>
Reviewed-on: http://review.whamcloud.com/9274
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4629
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If a connection has been stopped with ptlrpc_pinger_del_import() and
marked obd_no_recov, don't reconnect in ptlrpc_disconnect_import() if
the import is already disconnected. Otherwise, without the pinger it
will just wait there indefinitely for the reconnection that will never
happen.
Put the obd_no_recov check inside ptlrpc_import_in_recovery() so that
any threads waiting on the connection to recover would also be broken
out of their sleep if obd_no_recov is set.
Signed-off-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-on: http://review.whamcloud.com/8996
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4413
Reviewed-by: Nathaniel Clark <nathaniel.l.clark@intel.com>
Reviewed-by: wangdi <di.wang@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
The LDLM_FL_BLOCK_NOWAIT flag should be cleared when re-enqueue
the agl lock as normal glimpse, otherwise, it won't get size back
if there is conflicting locks on other client.
Signed-off-by: Niu Yawei <yawei.niu@intel.com>
Reviewed-on: http://review.whamcloud.com/9249
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4597
Reviewed-by: Bobi Jam <bobijam@gmail.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Reviewed-by: Ned Bass <bass6@llnl.gov>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This patch moves lock's skip flag clearing from lru-delete to
lru-add code to prevent clearing lock's flag without resource lock
protection.
Signed-off-by: Li Xi <lixi@ddn.com>
Signed-off-by: Bobi Jam <bobijam.xu@intel.com>
Reviewed-on: http://review.whamcloud.com/8772
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4269
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
LNET messages that are dropped are not accounted for correctly in
/proc/sys/lnet/stats. What I assume to be a simple typo is causing
drop_length to be double-counted and drop_count to never be
incremented.
Signed-off-by: Matt Ezell <ezellma@ornl.gov>
Reviewed-on: http://review.whamcloud.com/9096
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4577
Reviewed-by: James Nunez <james.a.nunez@intel.com>
Reviewed-by: James Simmons <uja.ornl@gmail.com>
Reviewed-by: Isaac Huang <he.huang@intel.com>
Reviewed-by: Liang Zhen <liang.zhen@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
In ptlrpc_activate_import(), obd_import->imp_deactive should
be checked if it is deactivated, otherwise it will trigger an
LBUG in ptlrpc_invalidate_import():
ptlrpc_invalidate_import() ASSERTION(imp->imp_invalid) failed
Signed-off-by: Hongchao Zhang <hongchao.zhang@intel.com>
Reviewed-on: http://review.whamcloud.com/8747
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4386
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Function ptlrpc_update_export_timer generates lots of D_HA level log
messages whenever the export timer gets updated. Those log messages
are found little use for issue investigations, and it will take space
in the Lustre log buffer. We are removing it now.
Xyratex-bug-id: MRP-733
Signed-off-by: Cheng Shao <cheng_shao@xyratex.com>
Reviewed-on: http://review.whamcloud.com/9147
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4590
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
lustre_get_emerg_rs() set the size of the reply buffer to zero
by mistake, which will cause LBUG in null_alloc_rs() when memory
pressure is high. This patch fix this problem and adds a size
check to avoid the problem of insufficient buffer size.
Signed-off-by: Li Xi <lixi@ddn.com>
Signed-off-by: Patrick Farrell <paf@cray.com>
Reviewed-on: http://review.whamcloud.com/8200
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-3680
Reviewed-by: John L. Hammond <john.hammond@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fixed the following sparse complaints:
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:549:22:
warning: symbol 'ldlm_srv_pool_ops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:555:22:
warning: symbol 'ldlm_cli_pool_ops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:681:1:
warning: symbol 'lprocfs_pool_state_fops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:697:1:
warning: symbol 'lprocfs_grant_plan_fops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:700:1:
warning: symbol 'lprocfs_wr_recalc_period' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:708:1:
warning: symbol 'lprocfs_recalc_period_fops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:710:1:
warning: symbol 'ldlm_pool_u64_fops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:711:1:
warning: symbol 'ldlm_pool_atomic_fops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:712:1:
warning: symbol 'ldlm_pool_rw_atomic_fops' was not declared. Should it be static?
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:714:1:
warning: symbol 'lprocfs_grant_speed_fops' was not declared. Should it be static?
Signed-off-by: Fabio Falzoi <fabio.falzoi84@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fixed the following sparse complaints:
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:755:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:757:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:758:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:759:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:760:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:762:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:764:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:765:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:766:9:
warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/ptlrpc/../../lustre/ldlm/ldlm_pool.c:768:9:
warning: Using plain integer as NULL pointer
Signed-off-by: Fabio Falzoi <fabio.falzoi84@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
We copy "hdr->ioc_len" from the user twice but we only verify that it's
within the limit on the first copy. Otherwise we could read unmapped
memory and Oops.
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Reviewed-by: Peng Tao <bergwolf@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fixed several sparse "warning: incorrect type" by replacing int
declarations with gfp_t
Signed-off-by: Vitaly Osipov <vitaly.osipov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
This fixes a sparse warning:
warning: symbol 'cfs_wi_data' was not declared. Should it be static?
Signed-off-by: Mike Sampson <mike@sambodata.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Added space after ',' and moved '{' to same line as struct as instructed by checkpatch.pl script.
Signed-off-by: Joshua Baldock <joshua.baldock@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Moved '{' from new line to same line as struct as advised by checkpatch.pl script.
Signed-off-by: Joshua Baldock <joshua.baldock@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Added space after ',' as reported as error by checkpatch.pl script.
Signed-off-by: Joshua Baldock <joshua.baldock@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
__FUNCTION__ is gcc specific; use __func__ instead.
Signed-off-by: Christoph Jaeger <email@christophjaeger.info>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fixes these sparse warnings:
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:202:51: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:203:51: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:204:51: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:205:51: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:206:51: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:207:11: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:213:47: warning: Using plain integer as NULL pointer
drivers/staging/lustre/lustre/lmv/lproc_lmv.c:214:11: warning: Using plain integer as NULL pointer
Signed-off-by: John de la Garza <john@jjdev.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Pull yet more networking updates from David Miller:
1) Various fixes to the new Redpine Signals wireless driver, from
Fariya Fatima.
2) L2TP PPP connect code takes PMTU from the wrong socket, fix from
Dmitry Petukhov.
3) UFO and TSO packets differ in whether they include the protocol
header in gso_size, account for that in skb_gso_transport_seglen().
From Florian Westphal.
4) If VLAN untagging fails, we double free the SKB in the bridging
output path. From Toshiaki Makita.
5) Several call sites of sk->sk_data_ready() were referencing an SKB
just added to the socket receive queue in order to calculate the
second argument via skb->len. This is dangerous because the moment
the skb is added to the receive queue it can be consumed in another
context and freed up.
It turns out also that none of the sk->sk_data_ready()
implementations even care about this second argument.
So just kill it off and thus fix all these use-after-free bugs as a
side effect.
6) Fix inverted test in tcp_v6_send_response(), from Lorenzo Colitti.
7) pktgen needs to do locking properly for LLTX devices, from Daniel
Borkmann.
8) xen-netfront driver initializes TX array entries in RX loop :-) From
Vincenzo Maffione.
9) After refactoring, some tunnel drivers allow a tunnel to be
configured on top itself. Fix from Nicolas Dichtel.
* git://git.kernel.org/pub/scm/linux/kernel/git/davem/net: (46 commits)
vti: don't allow to add the same tunnel twice
gre: don't allow to add the same tunnel twice
drivers: net: xen-netfront: fix array initialization bug
pktgen: be friendly to LLTX devices
r8152: check RTL8152_UNPLUG
net: sun4i-emac: add promiscuous support
net/apne: replace IS_ERR and PTR_ERR with PTR_ERR_OR_ZERO
net: ipv6: Fix oif in TCP SYN+ACK route lookup.
drivers: net: cpsw: enable interrupts after napi enable and clearing previous interrupts
drivers: net: cpsw: discard all packets received when interface is down
net: Fix use after free by removing length arg from sk_data_ready callbacks.
Drivers: net: hyperv: Address UDP checksum issues
Drivers: net: hyperv: Negotiate suitable ndis version for offload support
Drivers: net: hyperv: Allocate memory for all possible per-pecket information
bridge: Fix double free and memory leak around br_allowed_ingress
bonding: Remove debug_fs files when module init fails
i40evf: program RSS LUT correctly
i40evf: remove open-coded skb_cow_head
ixgb: remove open-coded skb_cow_head
igbvf: remove open-coded skb_cow_head
...
Pull vfs updates from Al Viro:
"The first vfs pile, with deep apologies for being very late in this
window.
Assorted cleanups and fixes, plus a large preparatory part of iov_iter
work. There's a lot more of that, but it'll probably go into the next
merge window - it *does* shape up nicely, removes a lot of
boilerplate, gets rid of locking inconsistencie between aio_write and
splice_write and I hope to get Kent's direct-io rewrite merged into
the same queue, but some of the stuff after this point is having
(mostly trivial) conflicts with the things already merged into
mainline and with some I want more testing.
This one passes LTP and xfstests without regressions, in addition to
usual beating. BTW, readahead02 in ltp syscalls testsuite has started
giving failures since "mm/readahead.c: fix readahead failure for
memoryless NUMA nodes and limit readahead pages" - might be a false
positive, might be a real regression..."
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (63 commits)
missing bits of "splice: fix racy pipe->buffers uses"
cifs: fix the race in cifs_writev()
ceph_sync_{,direct_}write: fix an oops on ceph_osdc_new_request() failure
kill generic_file_buffered_write()
ocfs2_file_aio_write(): switch to generic_perform_write()
ceph_aio_write(): switch to generic_perform_write()
xfs_file_buffered_aio_write(): switch to generic_perform_write()
export generic_perform_write(), start getting rid of generic_file_buffer_write()
generic_file_direct_write(): get rid of ppos argument
btrfs_file_aio_write(): get rid of ppos
kill the 5th argument of generic_file_buffered_write()
kill the 4th argument of __generic_file_aio_write()
lustre: don't open-code kernel_recvmsg()
ocfs2: don't open-code kernel_recvmsg()
drbd: don't open-code kernel_recvmsg()
constify blk_rq_map_user_iov() and friends
lustre: switch to kernel_sendmsg()
ocfs2: don't open-code kernel_sendmsg()
take iov_iter stuff to mm/iov_iter.c
process_vm_access: tidy up a bit
...
Several spots in the kernel perform a sequence like:
skb_queue_tail(&sk->s_receive_queue, skb);
sk->sk_data_ready(sk, skb->len);
But at the moment we place the SKB onto the socket receive queue it
can be consumed and freed up. So this skb->len access is potentially
to freed up memory.
Furthermore, the skb->len can be modified by the consumer so it is
possible that the value isn't accurate.
And finally, no actual implementation of this callback actually uses
the length argument. And since nobody actually cared about it's
value, lots of call sites pass arbitrary values in such as '0' and
even '1'.
So just remove the length argument from the callback, that way there
is no confusion whatsoever and all of these use-after-free cases get
fixed as a side effect.
Based upon a patch by Eric Dumazet and his suggestion to audit this
issue tree-wide.
Signed-off-by: David S. Miller <davem@davemloft.net>
Pull renameat2 system call from Miklos Szeredi:
"This adds a new syscall, renameat2(), which is the same as renameat()
but with a flags argument.
The purpose of extending rename is to add cross-rename, a symmetric
variant of rename, which exchanges the two files. This allows
interesting things, which were not possible before, for example
atomically replacing a directory tree with a symlink, etc... This
also allows overlayfs and friends to operate on whiteouts atomically.
Andy Lutomirski also suggested a "noreplace" flag, which disables the
overwriting behavior of rename.
These two flags, RENAME_EXCHANGE and RENAME_NOREPLACE are only
implemented for ext4 as an example and for testing"
* 'cross-rename' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs:
ext4: add cross rename support
ext4: rename: split out helper functions
ext4: rename: move EMLINK check up
ext4: rename: create ext4_renament structure for local vars
vfs: add cross-rename
vfs: lock_two_nondirectories: allow directory args
security: add flags to rename hooks
vfs: add RENAME_NOREPLACE flag
vfs: add renameat2 syscall
vfs: rename: use common code for dir and non-dir
vfs: rename: move d_move() up
vfs: add d_is_dir()