public inbox for lvm2-cvs@sourceware.org
help / color / mirror / Atom feed
* LVM2 ./WHATS_NEW lib/format1/import-extents.c
@ 2011-03-30 12:30 zkabelac
  0 siblings, 0 replies; 3+ messages in thread
From: zkabelac @ 2011-03-30 12:30 UTC (permalink / raw)
  To: lvm-devel, lvm2-cvs

CVSROOT:	/cvs/lvm2
Module name:	LVM2
Changes by:	zkabelac@sourceware.org	2011-03-30 12:30:40

Modified files:
	.              : WHATS_NEW 
	lib/format1    : import-extents.c 

Log message:
	Fix reading of unitialized memory
	
	Could be reached via few of our lvm2 test cases:
	
	==11501== Invalid read of size 8
	==11501==    at 0x49B2E0: _area_length (import-extents.c:204)
	==11501==    by 0x49B40C: _read_linear (import-extents.c:222)
	==11501==    by 0x49B952: _build_segments (import-extents.c:323)
	==11501==    by 0x49B9A0: _build_all_segments (import-extents.c:334)
	==11501==    by 0x49BB4C: import_extents (import-extents.c:364)
	==11501==    by 0x497655: _format1_vg_read (format1.c:217)
	==11501==    by 0x47E43E: _vg_read (metadata.c:2901)
	
	cut from t-vgcvgbackup-usage.sh
	--
	pvcreate -M1 $(cat DEVICES)
	vgcreate -M1 -c n $vg $(cat DEVICES)
	lvcreate -l1 -n $lv1 $vg $dev1
	--
	
	Idea of the fix is rather defensive - to allocate one extra element
	to 'map' array which is then used in _area_length() - where the
	loop checks, whether next map entry is continuous.
	
	By placing there always one extra zero entry -
	we fix the read of unallocated memory, and we make sure the data would
	not make a continous block.
	
	FIXME: there could be a problem if some special broken lvm1 data would be imported.
	As the format1 is currently not really used - leave it for future fix
	and use this small hotfix for now.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/WHATS_NEW.diff?cvsroot=lvm2&r1=1.1962&r2=1.1963
http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/lib/format1/import-extents.c.diff?cvsroot=lvm2&r1=1.39&r2=1.40

--- LVM2/WHATS_NEW	2011/03/29 21:57:56	1.1962
+++ LVM2/WHATS_NEW	2011/03/30 12:30:39	1.1963
@@ -1,5 +1,6 @@
 Version 2.02.85 - 
 ===================================
+  Fix reading of unallocated memory in lvm1 format import function.
   Replace several strncmp() calls with id_equal().
   Fix lvmcache_info transfer to orphan_vginfo in _lvmcache_update_vgname().
   Fix -Wold-style-definition gcc warnings.
--- LVM2/lib/format1/import-extents.c	2010/04/08 00:28:57	1.39
+++ LVM2/lib/format1/import-extents.c	2011/03/30 12:30:39	1.40
@@ -63,8 +63,12 @@
 			goto_bad;
 
 		lvm->lv = ll->lv;
+		/*
+		 * Alloc 1 extra element, so the loop in _area_length() and
+		 * _check_stripe() finds the last map member as noncontinuous.
+		 */
 		if (!(lvm->map = dm_pool_zalloc(mem, sizeof(*lvm->map)
-					     * ll->lv->le_count)))
+					     * (ll->lv->le_count + 1))))
 			goto_bad;
 
 		if (!dm_hash_insert(maps, ll->lv->name, lvm))


^ permalink raw reply	[flat|nested] 3+ messages in thread
* LVM2 ./WHATS_NEW lib/format1/import-extents.c
@ 2007-03-15 13:38 agk
  0 siblings, 0 replies; 3+ messages in thread
From: agk @ 2007-03-15 13:38 UTC (permalink / raw)
  To: lvm-devel, lvm2-cvs

CVSROOT:	/cvs/lvm2
Module name:	LVM2
Changes by:	agk@sourceware.org	2007-03-15 13:38:28

Modified files:
	.              : WHATS_NEW 
	lib/format1    : import-extents.c 

Log message:
	Try to fix reading in of lvm1 striped LVs.
	There are two fixes other than improving variable names and updating code
	layout etc.
	The loop counter is incremented by area_len instead of area_len * stripes;
	the 3rd _check_stripe parameter is no longer multiplied by number of stripes.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/WHATS_NEW.diff?cvsroot=lvm2&r1=1.585&r2=1.586
http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/lib/format1/import-extents.c.diff?cvsroot=lvm2&r1=1.31&r2=1.32

--- LVM2/WHATS_NEW	2007/03/13 14:59:21	1.585
+++ LVM2/WHATS_NEW	2007/03/15 13:38:27	1.586
@@ -1,9 +1,9 @@
 Version 2.02.24 -
 ====================================
+  Fix reading of striped LVs in LVM1 format.
+  Flag nolocking as clustered so clvmd startup sees clustered LVs. (2.02.10)
   Add a few missing pieces of vgname command line validation.
   Support the /dev/mapper prefix on most command lines.
-  Flag nolocking as a clustered locking module as we need to be able
-    to look at clustered LVs at clvmd startup (2.02.10)
 
 Version 2.02.23 - 8th March 2007
 ================================
--- LVM2/lib/format1/import-extents.c	2006/05/09 21:23:50	1.31
+++ LVM2/lib/format1/import-extents.c	2007/03/15 13:38:28	1.32
@@ -203,6 +203,19 @@
 	return 1;
 }
 
+static uint32_t _area_length(struct lv_map *lvm, uint32_t le)
+{
+	uint32_t len = 0;
+
+	do
+		len++;
+	while ((lvm->map[le + len].pv == lvm->map[le].pv) &&
+		 (lvm->map[le].pv &&
+		  lvm->map[le + len].pe == lvm->map[le].pe + len));
+
+	return len;
+}
+
 static int _read_linear(struct cmd_context *cmd, struct lv_map *lvm)
 {
 	uint32_t le = 0, len;
@@ -215,13 +228,7 @@
 	}
 
 	while (le < lvm->lv->le_count) {
-		len = 0;
-
-		do
-			len++;
-		while ((lvm->map[le + len].pv == lvm->map[le].pv) &&
-			 (lvm->map[le].pv &&
-			  lvm->map[le + len].pe == lvm->map[le].pe + len));
+		len = _area_length(lvm, le);
 
 		if (!(seg = alloc_lv_segment(cmd->mem, segtype, lvm->lv, le,
 					     len, 0, 0, NULL, 1, len, 0, 0, 0))) {
@@ -230,10 +237,8 @@
 		}
 
 		if (!set_lv_segment_area_pv(seg, 0, lvm->map[le].pv,
-					    lvm->map[le].pe)) {
-			stack;
-			return 0;
-		}
+					    lvm->map[le].pe))
+			return_0;
 
 		list_add(&lvm->lv->segments, &seg->list);
 
@@ -244,7 +249,8 @@
 }
 
 static int _check_stripe(struct lv_map *lvm, uint32_t area_count,
-			 uint32_t seg_len, uint32_t base_le, uint32_t len)
+			 uint32_t area_len, uint32_t base_le,
+			 uint32_t total_area_len)
 {
 	uint32_t st;
 
@@ -252,11 +258,11 @@
 	 * Is the next physical extent in every stripe adjacent to the last?
 	 */
 	for (st = 0; st < area_count; st++)
-		if ((lvm->map[base_le + st * len + seg_len].pv !=
-		     lvm->map[base_le + st * len].pv) ||
-		    (lvm->map[base_le + st * len].pv &&
-		     lvm->map[base_le + st * len + seg_len].pe !=
-		     lvm->map[base_le + st * len].pe + seg_len))
+		if ((lvm->map[base_le + st * total_area_len + area_len].pv !=
+		     lvm->map[base_le + st * total_area_len].pv) ||
+		    (lvm->map[base_le + st * total_area_len].pv &&
+		     lvm->map[base_le + st * total_area_len + area_len].pe !=
+		     lvm->map[base_le + st * total_area_len].pe + area_len))
 			return 0;
 
 	return 1;
@@ -264,7 +270,7 @@
 
 static int _read_stripes(struct cmd_context *cmd, struct lv_map *lvm)
 {
-	uint32_t st, le = 0, len;
+	uint32_t st, first_area_le = 0, total_area_len;
 	uint32_t area_len;
 	struct lv_segment *seg;
 	struct segment_type *segtype;
@@ -277,26 +283,25 @@
 			  "with logical extent count (%u) for %s",
 			  lvm->stripes, lvm->lv->le_count, lvm->lv->name);
 	}
-	len = lvm->lv->le_count / lvm->stripes;
 
-	if (!(segtype = get_segtype_from_string(cmd, "striped"))) {
-		stack;
-		return 0;
-	}
+	total_area_len = lvm->lv->le_count / lvm->stripes;
+
+	if (!(segtype = get_segtype_from_string(cmd, "striped")))
+		return_0;
 
-	while (le < len) {
+	while (first_area_le < total_area_len) {
 		area_len = 1;
 
 		/* 
-		 * Find how many blocks are contiguous in all stripes
+		 * Find how many extents are contiguous in all stripes
 		 * and so can form part of this segment
 		 */
 		while (_check_stripe(lvm, lvm->stripes,
-				     area_len * lvm->stripes, le, len))
+				     area_len, first_area_le, total_area_len))
 			area_len++;
 
 		if (!(seg = alloc_lv_segment(cmd->mem, segtype, lvm->lv,
-					     lvm->stripes * le,
+					     lvm->stripes * first_area_le,
 					     lvm->stripes * area_len,
 					     0, lvm->stripe_size, NULL,
 					     lvm->stripes,
@@ -310,15 +315,13 @@
 		 */
 		for (st = 0; st < seg->area_count; st++)
 			if (!set_lv_segment_area_pv(seg, st,
-						    lvm->map[le + st * len].pv,
-						    lvm->map[le + st * len].pe)) {
-				stack;
-				return 0;
-			}
+			      lvm->map[first_area_le + st * total_area_len].pv,
+			      lvm->map[first_area_le + st * total_area_len].pe))
+				return_0;
 
 		list_add(&lvm->lv->segments, &seg->list);
 
-		le += seg->len;
+		first_area_le += area_len;
 	}
 
 	return 1;


^ permalink raw reply	[flat|nested] 3+ messages in thread
* LVM2 ./WHATS_NEW lib/format1/import-extents.c
@ 2005-12-19 16:28 agk
  0 siblings, 0 replies; 3+ messages in thread
From: agk @ 2005-12-19 16:28 UTC (permalink / raw)
  To: lvm2-cvs

CVSROOT:	/cvs/lvm2
Module name:	LVM2
Changes by:	agk@sourceware.org	2005-12-19 16:28:35

Modified files:
	.              : WHATS_NEW 
	lib/format1    : import-extents.c 

Log message:
	Add details to format1 'Invalid LV in extent map' error message.

Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/WHATS_NEW.diff?cvsroot=lvm2&r1=1.335&r2=1.336
http://sourceware.org/cgi-bin/cvsweb.cgi/LVM2/lib/format1/import-extents.c.diff?cvsroot=lvm2&r1=1.29&r2=1.30


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-03-30 12:30 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2011-03-30 12:30 LVM2 ./WHATS_NEW lib/format1/import-extents.c zkabelac
  -- strict thread matches above, loose matches on Subject: below --
2007-03-15 13:38 agk
2005-12-19 16:28 agk

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).