Define FALLOC_FL_ZERO_RANGE if needed as FALLOC_FL_ZERO_RANGE is only
defined for aarch64 on uclibc-ng resulting in the following or1k build
failure since commit 577fd10486d8d1472a6b559066f344ac30a3a391:
Create.c: In function 'write_zeroes_fork':
Create.c:155:35: error: 'FALLOC_FL_ZERO_RANGE' undeclared (first use in this function)
155 | if (fallocate(fd, FALLOC_FL_ZERO_RANGE | FALLOC_FL_KEEP_SIZE,
| ^~~~~~~~~~~~~~~~~~~~
Mariusz Tkaczyk [Tue, 26 Mar 2024 12:21:10 +0000 (13:21 +0100)]
mdadm: add CHANGELOG.md
Bring changelog back to life. Remove ANNOUCEs. It will use markdown
format, to have one style. All releases are migrated to new
changelog. It was a exercise I have taken, to familiarize with the
mdadm history.
Blazej Kucman [Fri, 22 Mar 2024 11:51:20 +0000 (12:51 +0100)]
imsm: drive encryption policy implementation
IMSM cares about drive encryption state. It is not allowed to mix disks
with different encryption state within one md device. This policy will
verify that attempt to use disks with different encryption states will
fail. Verification is performed for devices NVMe/SATA Opal and SATA.
There is one exception, Opal SATA drives encryption is not checked when
ENCRYPTION_NO_VERIFY key with "sata_opal" value is set in conf, for this
reason such drives are treated as without encryption support.
Blazej Kucman [Fri, 22 Mar 2024 11:51:19 +0000 (12:51 +0100)]
imsm: print disk encryption information
Print SATA/NVMe disk encryption information in --detail-platform.
Encryption Ability and Status will be printed for each disk.
There is one exception, Opal SATA drives encryption is not checked when
ENCRYPTION_NO_VERIFY key with "sata_opal" value is set in conf, for this
reason such drives are treated as without encryption support.
To test this feature, drives SATA/NVMe with Opal support or SATA drives
with encryption support have to be used.
Example outputs of --detail-platform:
Non Opal, encryption enabled, SATA drive:
Port0 : /dev/sdc (CVPR050600G3120LGN)
Encryption(Ability|Status): Other|Unlocked
NVMe drive without Opal support:
NVMe under VMD : /dev/nvme2n1 (PHLF737302GB1P0GGN)
Encryption(Ability|Status): None|Unencrypted
Unencrypted SATA drive with OPAL support:
- default allow_tpm, we will get an error from mdadm:
Port6 : /dev/sdi (CVTS4246015V180IGN)
mdadm: Detected SATA drive /dev/sdi with Trusted Computing support.
mdadm: Cannot verify encryption state. Requires libata.tpm_enabled=1.
mdadm: Failed to get drive encrytpion information.
- added "libata.allow_tpm=1" to boot parameters(requires reboot),
the status will be read correctly:
Port6 : /dev/sdi (CVTS4246015V180IGN)
Encryption(Ability|Status): SED|Unencrypted
Blazej Kucman [Fri, 22 Mar 2024 11:51:18 +0000 (12:51 +0100)]
Add key ENCRYPTION_NO_VERIFY to conf
Add ENCRYPTION_NO_VERIFY config key and allow to disable checking
encryption status for given type of drives.
The key is introduced because of SATA Opal disks for which TPM commands
must be enabled in libata kernel module, (libata.allow_tpm=1), otherwise
it is impossible to verify encryption status. TPM commands are disabled by
default.
Currently the key only supports the "sata_opal" value, if necessary,
the functionality is ready to support more types of disks. This
functionality will be used in the next patches.
Blazej Kucman [Fri, 22 Mar 2024 11:51:17 +0000 (12:51 +0100)]
Add reading SATA encryption information
Functionality reads information about SATA disk encryption. Technical
documentation used is given in the implementation.
The implementation is able to recognized two encryption standards for SATA
drives, OPAL and ATA security.
If the SATA drive supports OPAL, encryption status and ability are
determined based on Opal Level 0 discovery response, for ATA security,
based on ATA identify response. If SATA supports OPAL, ability is set to
"SED", for ATA security to "Other".
SED(Self-Encrypting Drive) is commonly used to describe drive which using
OPAL or Enterprise standards developed by Trusted Computing Group. Ability
"Other" is used for ATA security because we rely only on information from
ATA identify which describe the overall state of encryption.
It is allowed to mix disks with different encryption ability such as "SED"
and "Other" and it is not security gap.
Motivation for adding this functionality is to block mixing of disks in
IMSM arrays with encryption enabled and disabled. The main goal is to not
allow stealing data by rebuilding array to not encrypted drive which can be
read elsewhere.
For SATA Opal drives, libata allow_tmp parameter enabled is required, which
is necessary for Opal Security commands to work, therefore, if the
parameter is not enabled, SATA Opal disk cannot be used in case the
encryption will be checked by metadata.
Implemented functions will be used in one of the next patches. In one of
the next patches, a flag will be added to enable disabling SATA Opal
encryption checking due to allow_tpm kernel setting dependency.
Blazej Kucman [Fri, 22 Mar 2024 11:51:16 +0000 (12:51 +0100)]
Add reading Opal NVMe encryption information
For NVMe devices with Opal support, encryption information, status and
ability are determined based on Opal Level 0 discovery response. Technical
documentation used is given in the implementation.
Ability in general describes what type of encryption is supported, Status
describes in what state the disk with encryption support is. The current
patch includes only the implementation of reading encryption information,
functions will be used in one of the next patches.
Motivation for adding this functionality is to block mixing of disks in
IMSM arrays with encryption enabled and disabled. The main goal is to not
allow stealing data by rebuilding array to not encrypted drive which can be
read elsewhere.
Value ENA_OTHER from enum encryption_ability will be used in the next
patch.
Mariusz Tkaczyk [Mon, 18 Mar 2024 15:19:30 +0000 (16:19 +0100)]
mdadm: Fix native --detail --export
Mentioned commit (see Fixes) causes that UUID is not swapped as expected
for native superblock. Fix this problem.
For detail, we should avoid superblock calls, we can have information
about supertype from map, use that.
Simplify fname_from_uuid() by removing dependencies to metadata
handler, it is not needed. Decision is taken at compile time, expect
super1 but this function is not used by super1. Add warning about that.
Remove separator, it is always ':'.
Mariusz Tkaczyk [Thu, 29 Feb 2024 11:52:14 +0000 (12:52 +0100)]
Monitor, Incremental: use device policies
spare_criteria is expanded to contain policies which will be generated
by handler's get_spare_criteria() function. It provides a way to
test device for metadata specific policies earlier than during
add_do_super(), when device is already removed from previous
array/container for Monitor.
For Incremental, it ensures that all criteria are tested when trying
spare. It is not tested when device contains valid metadata.
Mariusz Tkaczyk [Thu, 29 Feb 2024 11:52:12 +0000 (12:52 +0100)]
Create: Use device policies
Generate and compare policies, abort if policies do not match.
It is tested for both create modes, with container and disk list
specified directly. It is used if supertype supports it.
For a case when disk list is specified, container may contain more
devices, so additional check on container is done to analyze all disks.
Add support for three scenarios:
- obtaining array wide policies via fd,
- obtaining array wide policies via struct mdinfo,
- getting policies for particular drive from the request.
Add proper functions and make them extern. These functions are used
in next patches.
Mariusz Tkaczyk [Thu, 29 Feb 2024 11:52:10 +0000 (12:52 +0100)]
mdadm.h: Introduce custom device policies
The approach proposed here is to test drive policies outside
validate_geometry() separately per every drive and add determined
policies to list. The implementation reuses dev_policy we have in
mdadm.
This concept addresses following problems:
- test drives if they fit together to criteria required by metadata
handler,
- test all drives assigned to the container even if some of them are not
target of the request, mdmon is free to use any drive in the same
container,
- extensibility, new policies can be added to handler easy,
- fix issues related to imsm controller domain verifying.
Add superswitch function. It is used in next patches.
Mariusz Tkaczyk [Thu, 29 Feb 2024 11:52:09 +0000 (12:52 +0100)]
mdadm: introduce sysfs_get_container_devnm()
There at least two places where it is done directly, so replace them
with function. Print message about creating external array, add "/dev/"
prefix to refer directly to devnode.
Mariusz Tkaczyk [Thu, 29 Feb 2024 11:52:06 +0000 (12:52 +0100)]
mdadm: drop get_required_spare_criteria()
Only IMSM implements get_spare_criteria, so load_super() in
get_required_spare_criteria() is dead code. It is moved inside
metadata handler, because only IMSM implements it.
Give possibility to provide devnode to be opened. With that we can hide
load_container() used only to fill spare criteria inside handler
and simplify implementation in generic code.
Add helper function for testing spare criteria in Incremental and
error messages.
File descriptor in get_spare_criteria_imsm() is always opened on purpose.
New functionality added in next patches will require it. For the same
reason, function is moved to other place.
Mariusz Tkaczyk [Thu, 29 Feb 2024 11:52:05 +0000 (12:52 +0100)]
mdadm: Add functions for spare criteria verification
It is done similar way in few places. As a result, two almost identical
functions (dev_size_from_id() and dev_sector_size_from_id()) are
removed. Now, it uses same file descriptor to send two ioctls.
Two extern functions are added, in next patches
disk_fd_matches_criteria() is used.
Next optimization is inline zeroing struct spare_criteria. With that,
we don't need to reset values in get_spare_criteria_imsm().
Dedicated boolean field for checking if criteria are filled is added.
We don't need to execute the code if it is not set.
Kinga Tanska [Tue, 27 Feb 2024 02:36:14 +0000 (03:36 +0100)]
Detail: remove duplicated code
Remove duplicated code from Detail(), where MD_UUID and MD_DEVNAME
are being set. Superblock is no longer required to print system
properties. Now it tries to obtain map in two ways.
Mariusz Tkaczyk [Fri, 23 Feb 2024 14:51:45 +0000 (15:51 +0100)]
mdadm: remove mkinitramfs stuff
This script uses mdadm.static which is known to not be abandoned
(probably not working) from years. Mdadm is integrated with dracut
and mkinitramfs these days.
Kinga Tanska [Tue, 27 Feb 2024 06:36:39 +0000 (07:36 +0100)]
super-intel: respect IMSM_DEVNAME_AS_SERIAL flag
IMSM_DEVNAME_AS_SERIAL flag was respected only when searching
serial using nvme or scsi device wasn't successful. This
flag shall be applied first, to have user settings with
the highest priority.
Mateusz Kusiak [Wed, 28 Feb 2024 15:37:20 +0000 (16:37 +0100)]
Monitor: Allow no PID in check_one_sharer()
Commit 5fb5479ad100 ("Monitor: open file before check in
check_one_sharer()") introduced a regression that prohibits monitor
from starting if PID file does not exist.
Mateusz Kusiak [Tue, 20 Feb 2024 16:04:44 +0000 (17:04 +0100)]
test: run tests on system level mdadm
The tests run with MDADM_NO_SYSTEMCTL flag by default, however it has
no effect on udev. In case of external metadata, even if flag is set,
udev will trigger systemd to launch mdmon.
This commit changes test execution level, so the tests are run on system
level mdadm, meaning local build must be installed prior to running
tests.
Add warning that the tests are run on system level mdadm and local
build must be installed first.
Do not call mdadm with "quiet" as it makes it not display critical
messages necessary for debug.
Remove forcing speed_limit and add restoring system speed_limit_max
after test execution.
Mateusz Kusiak [Tue, 20 Feb 2024 10:56:12 +0000 (11:56 +0100)]
mdmon: refactor md device name check in main()
Refactor mdmon main function to verify if fd is valid prior to checking
device name. This is due to static code analysis complaining after
change b938519e7719 ("util: remove obsolete code from get_md_name").
Mateusz Kusiak [Thu, 18 Jan 2024 10:30:18 +0000 (11:30 +0100)]
Grow: Move update_tail assign to Grow_reshape()
Due to e919fb0af245 ("FIX: Enable metadata updates for raid0") code
can't enter super-intel.c:3415, resulting in checkpoint not being
saved to metadata for second volume in matrix raid array.
This results in checkpoint being stuck at last value for the
first volume.
Move st->update_tail to Grow_reshape() so it is assigned for each
volume.
Mateusz Kusiak [Thu, 18 Jan 2024 10:30:17 +0000 (11:30 +0100)]
Super-intel: Fix first checkpoint restart
When imsm based array is stopped after reaching first checkpoint and
then assembled, first checkpoint is reported as 0.
This behaviour is valid only for initial checkpoint, if the array was
stopped while performing some action.
Last checkpoint value is not taken from metadata but always starts
with 0 and it's incremented when sync_completed in sysfs changes.
In simplification, read_and_act() is responsible for checkpoint updates
and is executed each time sysfs checkpoint update happens. For first
checkpoint it is executed twice and due to marking checkpoint before
triggering any action on the array, it is impossible to read
sync_completed from sysfs in just two iterations.
The workaround to this is not marking any checkpoint for first
sysfs checkpoint after RAID assembly, to preserve checkpoint value
stored in metadata.
Mateusz Kusiak [Thu, 18 Jan 2024 10:30:15 +0000 (11:30 +0100)]
Remove hardcoded checkpoint interval checking
Mdmon assumes that kernel marks checkpoint every 1/16 of the volume size
and that the checkpoints are equal in size. This is not true, kernel may
mark checkpoints more frequently depending on several factors, including
sync speed. This results in checkpoints reported by mdadm --examine
falling behind the one reported by kernel.
Mariusz Tkaczyk [Mon, 5 Feb 2024 14:50:29 +0000 (15:50 +0100)]
Revert "mdadm: remove container_enough logic"
Mentioned patch changes way of IMSM member arrays assembling, they are
updated by every new drive incremental processes. Previously, member
arrays were created and filled once, by last drive incremental process.
We determined regressions with various impact. Unfortunately, initial
testing didn't show them.
Regressions are connected to drive appearance order and may not be
reproducible on every configuration, there are at least two know
issues for now:
- sysfs attributes are filled using old metadata if there is
outdated drive and it is enumerated first.
- rebuild may be aborted and started from beginning after reboot,
if drive under rebuild is enumerated as the last one.
Mariusz Tkaczyk [Thu, 1 Feb 2024 11:32:41 +0000 (12:32 +0100)]
super1: remove support for name= in config
Only super1 provides "name=" to config. It is recoreded in metadata
so there is no need to duplicate same information.
UUID is our main key.
It is not used by Incremental and Assemble handles empty name well
because other supertypes don't set it in conf.
Expectation that the name in config is same as in metadata is bug prone.
Config should be the place where use can define customized settings.
Remove printing "name=" from mdadm config creation commands. Ignore
the name in config file to keep backward compatibility. Remove
description from man mdadm.conf.
Update 00conftest because "name" is no longer accepted.
As the name is ignored, error for mdadm --detail is not printed.
Reported-by: Stefan Fleischmann <sfle@kth.se> Fixes: e2eb503bd797 ("mdadm: Follow POSIX Portable Character Set") Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
Song Liu [Tue, 9 Jan 2024 23:07:16 +0000 (15:07 -0800)]
tests: Gate tests for linear flavor with variable LINEAR
linear flavor is being removed in the kernel [1], so tests for the linear
flavor will fail. Add detection for linear flavor and --disable-linear
option, with the same logic as multipath.
[1] https://lore.kernel.org/linux-raid/20231214222107.2016042-1-song@kernel.org/ Signed-off-by: Song Liu <song@kernel.org> Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
Pawel Piatkowski [Wed, 20 Dec 2023 09:32:49 +0000 (10:32 +0100)]
manage: adjust checking subarray state in update_subarray
Only changing bitmap related consistency_policy requires
subarray to be inactive.
consistency_policy with PPL or NO_PPL value can be changed on
active subarray.
It fixes regression introduced in commit db10eab68e652f141169 ("Fix --update-subarray on active volume")
Mateusz Grzonka [Tue, 21 Nov 2023 00:58:23 +0000 (01:58 +0100)]
Mdmonitor: Improve udev event handling
Mdmonitor is waiting for udev queue to become empty.
Even if the queue becomes empty, udev might still be processing last event.
However we want to wait and wake up mdmonitor when udev finished
processing events..
Also, the udev queue interface is considered legacy and should not be
used outside of udev.
Use udev monitor instead, and wake up mdmonitor on every event triggered
by udev for md block device.
We need to generate more change events from kernel, because they are
missing in some situations, for example, when rebuild started.
This will be addressed in a separate patch.
Move udev specific code into separate functions, and place them in udev.c file.
Also move use_udev() logic from lib.c into newly created file.
Pawel Piatkowski [Thu, 19 Oct 2023 14:35:25 +0000 (16:35 +0200)]
Fix assembling RAID volume by using incremental
After change "mdadm: remove container_enough logic"
IMSM volumes are started immediately. If volume is during
reshape, then it will be blocked by block_subarray() during
first mdadm -I <devname>. Assemble_container_content() for
next disk will see the change because metadata version from
sysfs and metadata doesn't match and will execute
sysfs_set_array again. Then it fails to set same
component_size, it is prohibited by kernel.
If array is frozen then first sign from metadata version
is different ("/" vs "-"), so exclude it from comparison.
All we want is to double check that base properties are set
and we don't need to call sysfs_set_array again.
Pawel Piatkowski [Thu, 19 Oct 2023 14:35:24 +0000 (16:35 +0200)]
mdadm: remove container_enough logic
Arrays without enough disk count will be assembled but not
started.
Now RAIDs will be assembled always (even if they are failed).
RAID devices in all states will be assembled and exposed
to mdstat.
This change affects only IMSM (for ddf it wasn't used,
container_enough was set to true always).
Removed this logic from incremental_container as well with
runstop checking because runstop condition is being verified
in assemble_container_content function.
Xiao Ni [Tue, 17 Oct 2023 12:35:46 +0000 (20:35 +0800)]
mdadm/super1: Add MD_FEATURE_RAID0_LAYOUT if kernel>=5.4
After and include kernel v5.4, it adds one feature bit MD_FEATURE_RAID0_LAYOUT.
It must need to specify a layout for raid0 with more than one zone. But for
raid0 with one zone, in fact it also has a defalut layout.
Now for raid0 with one zone, *unknown* layout can be seen when running mdadm -D
command. It's the reason that mdadm doesn't set MD_FEATURE_RAID0_LAYOUT for
raid0 with one zone. Then in kernel space, super_1_validate sets mddev->layout
to -1 because of no MD_FEATURE_RAID0_LAYOUT. In fact, in raid0 io path, it
uses the default layout. Set raid0_need_layout to true if kernel_version<=v5.4.
Fixes: 329dfc28debb ('Create: add support for RAID0 layouts.') Signed-off-by: Xiao Ni <xni@redhat.com> Reviewed-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> Signed-off-by: Jes Sorensen <jes@trained-monkey.org>
Xiao Ni [Wed, 11 Oct 2023 13:03:32 +0000 (21:03 +0800)]
mdadm/ddf: Abort when raid disk is smaller in getinfo_super_ddf
The metadata is corrupted when the raid_disk<0. So abort directly.
This also can avoid a building error:
super-ddf.c:1988:58: error: array subscript -1 is below array bounds of ‘struct phys_disk_entry[0]’
Xiao Ni [Fri, 8 Sep 2023 08:44:35 +0000 (16:44 +0800)]
mdadm/tests: Don't run mknod before losetup
Sometimes it can fail:
losetup: /var/tmp/mdtest0: failed to set up loop device: No such device or address
/dev/loop0 and /var/tmp/mdtest0 are already created before losetup.
Because losetup can create device node by itself. So remove mknod.
Signed-off-by: Xiao Ni <xni@redhat.com> Signed-off-by: Jes Sorensen <jes@trained-monkey.org>
Li Xiao Keng [Thu, 7 Sep 2023 11:37:44 +0000 (19:37 +0800)]
Fix race of "mdadm --add" and "mdadm --incremental"
There is a raid1 with sda and sdb. And we add sdc to this raid,
it may return -EBUSY.
The main process of --add:
1. dev_open(sdc) in Manage_add
2. store_super1(st, di->fd) in write_init_super1
3. fsync(fd) in store_super1
4. close(di->fd) in write_init_super1
5. ioctl(ADD_NEW_DISK)
Step 2 and 3 will add sdc to metadata of raid1. There will be
udev(change of sdc) event after step4. Then "/usr/sbin/mdadm
--incremental --export $devnode --offroot $env{DEVLINKS}"
will be run, and the sdc will be added to the raid1. Then
step 5 will return -EBUSY because it checks if device isn't
claimed in md_import_device()->lock_rdev()->blkdev_get_by_dev()
->blkdev_get().
It will be confusing for users because sdc is added first time.
The "incremental" will get map_lock before add sdc to raid1.
So we add map_lock before write_init_super in "mdadm --add"
to fix the race of "add" and "incremental".
Signed-off-by: Li Xiao Keng <lixiaokeng@huawei.com> Signed-off-by: Guanqin Miao <miaoguanqin@huawei.com> Reviewed-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> Signed-off-by: Jes Sorensen <jes@trained-monkey.org>
Coly Li [Sun, 13 Aug 2023 16:46:13 +0000 (00:46 +0800)]
Incremental: remove obsoleted calls to udisks
Utility udisks is removed from udev upstream, calling this obsoleted
command in run_udisks() doesn't make any sense now.
This patch removes the calls chain of udisks, which includes routines
run_udisk(), force_remove(), and 2 locations where force_remove() are
called. Considering force_remove() is removed with udisks util, it is
fair to remove Manage_stop() inside force_remove() as well.
In the two modifications where calling force_remove() are removed,
the failure from Manage_subdevs() can be safely ignored, because,
1) udisks doesn't exist, no need to check the return value to umount
the file system by udisks and remove the component disk again.
2) After the 'I' inremental remove, there is another 'r' hot remove
following up. The first incremental remove is a best-try effort.
Therefore in this patch, where force_remove() is removed, the return
value of calling Manage_subdevs() is not checked too.
Mariusz Tkaczyk [Thu, 1 Jun 2023 07:27:50 +0000 (09:27 +0200)]
mdadm: Follow POSIX Portable Character Set
When the user creates a device with a name that contains whitespace,
mdadm timeouts and throws an error. This issue is caused by udev, which
truncates /dev/md link until the first whitespace.
This patch introduces prohibition of characters other than A-Za-z0-9.-_
in the device name. Also, it prohibits using leading "-" in device name,
so name won't be confused with cli parameter.
Set of allowed characters is taken from POSIX 3.280 Portable Character
Set. Also, device name length now is limited to NAME_MAX.
In some places, there are other requirements for string length (e.g. size
up to MD_NAME_MAX for device name). This routine is made to follow POSIX
and other, more strict limitations should be checked separately.
We are aware of the risk of regression in exceptional cases (as
escape_devname function is removed) that should be fixed by updating
the array name.
The POSIX validation is added for:
- 'name' parameter in every mode.
- first devlist entry, for Build, Create, Assemble, Manage, Grow.
- config entries, both devname and "name=".
Mariusz Tkaczyk [Thu, 1 Jun 2023 07:27:49 +0000 (09:27 +0200)]
mdadm: define ident_set_devname()
Use dedicated set method for ident->devname. Now, devname validation
is done early for modes where device is created (Build, Create and
Assemble). The rules, used for devname validation are derived from
config file.
It could cause regression with execeptional cases where existing device
has name which doesn't match criteria for Manage and Grow modes. It is
low risk and those modes are not omitted from early devname validation.
Use can used main numbered devnode to avoid this problem.
Messages exposed to user are changed so it might cause a regression
in negative scenarios. Error codes are not changed.
Mariusz Tkaczyk [Thu, 1 Jun 2023 07:27:48 +0000 (09:27 +0200)]
mdadm: refactor ident->name handling
Create dedicated setter for name in mddev_ident and propagate it.
Following changes are made:
- move duplicated code from config.c and mdadm.c into new function.
- Add error enum in mdadm.h.
- Use MD_NAME_MAX instead of hardcoded value in mddev_ident.
- Use secure functions.
- Add more detailed verification of the name.
- make error messages reusable for cmdline and config:
- for cmdline, these are errors so use pr_err().
- for config, these are just warnings, so use pr_info().
Mariusz Tkaczyk [Thu, 1 Jun 2023 07:27:47 +0000 (09:27 +0200)]
mdadm: set ident.devname if applicable
This patch tries to propagate the usage of struct mddev_ident for cmdline
where it is applicable. To avoid regression, this value is derived
from devlist->devname for applicable modes only.
As a result, the whole structure is passed to some functions. It produces
some changes for Build, Create and Assemble.
No functional changes intended.
The goal of the change is to unify devname validation which is done in
next patches.
Mariusz Tkaczyk [Thu, 1 Jun 2023 07:27:46 +0000 (09:27 +0200)]
tests: create 00confnames
The test is an attempt to document current implementation of devnode
and name handling for config entries. It is focused on incremental-
default way of array assembling on boot.
The expectations are aligned to current implementation for native
metadata because it is the most complicated scenario- both variables
can be set.
Yu Kuai [Mon, 29 May 2023 13:28:22 +0000 (21:28 +0800)]
tests: add a regression test for raid456 deadlock
The deadlock is described in [1], as the last patch described, it's
fixed first by [2], however this fix will be reverted and the deadlock
is supposed to be fixed by [3].
Yu Kuai [Mon, 29 May 2023 13:28:21 +0000 (21:28 +0800)]
tests: add a regression test for raid10 deadlock
The deadlock is described in [1], it's fixed first by [2], however,
it turns out this commit will trigger other problems[3], hence this
commit will be reverted and the deadlock is supposed to be fixed by [1].
Yu Kuai [Mon, 29 May 2023 13:28:20 +0000 (21:28 +0800)]
tests: support to skip checking dmesg
Prepare to add a regression test for raid10 that require error injection
to trigger error path, and kernel will complain about io error, checking
dmesg for error log will make it impossible to pass this test.
Commit e9fb93af0f76 ("Fix memory leak in file Assemble")
fixes few memory leaks in Assemble, but it introduces
problem with assembling RAID volume. It was caused by
clearing metadata too fast, not only on fail in
select_devices() function.
This commit removes redundant memory free.
It is essential to avoid buffer overflows and similar bugs as much as
possible.
According to Intel rules we are obligated to verify certain
compiler flags, so it will be much easier if they are added to the
Makefile.
Add gcc flags for prevention of buffer overflows, format string vulnerabilities,
stack protection to prevent stack overwrites and aslr enablement through -fPIE.
Also make the flags configurable.
The changes were verified on gcc versions 7.5, 8.3, 9.2, 10 and 12.2.
imsm: Add reading vmd register for finding imsm capability
Currently mdadm does not find imsm capability when running inside VM.
This patch adds the possibility to read from vmd register and check for
capability, effectively allowing to use mdadm with imsm inside virtual machines.
Additionally refactor find_imsm_capability() to make assignments in new
lines.
Xiao Ni [Fri, 25 Aug 2023 12:55:41 +0000 (20:55 +0800)]
mdadm: Stop mdcheck_continue timer when mdcheck_start service can finish check
mdcheck_continue is triggered by mdcheck_start timer. It's used to
continue check action if the raid is too big and mdcheck_start
service can't finish check action. If mdcheck start can finish check
action, it doesn't need to mdcheck continue service anymore. So stop
it when mdcheck start service can finish check action.
Blazej Kucman [Fri, 16 Jun 2023 19:45:55 +0000 (21:45 +0200)]
Add secure gethostname() wrapper
gethostname() func does not ensure null-terminated string
if hostname is longer than buffer length.
For security, a function s_gethostname() has been added
to ensure that "\0" is added to the end of the buffer.
Previously this had to be handled in each place
of the gethostname() call.
Mariusz Tkaczyk [Mon, 29 May 2023 13:52:38 +0000 (15:52 +0200)]
imsm: fix free space calculations
Between two volumes or between last volume and metadata at least
IMSM_RESERVED_SECTORS gap must exist. Currently the gap can be doubled
because metadata reservation contains IMSM_RESERVED_SECTORS too.
Divide reserve variable into pre_reservation and post_reservation to be
more flexible and decide separately if each reservation is needed.
Pre_reservation is needed only when a volume is created and it is not a
real first volume in a container (we can check that by extent_idx).
This type of reservation is not needed for expand.
Post_reservation is not needed only if real last volume is created or
expanded because reservation is done with the metadata.
The volume index in metadata cannot be trusted, because the real volume
order can be reversed. It is safer to use extent table, it is sorted by
start position.
Mariusz Tkaczyk [Mon, 29 May 2023 13:52:37 +0000 (15:52 +0200)]
imsm: return free space after volume for expand
merge_extends() routine searches for the biggest free space. For expand,
it works only in standard cases where the last volume is expanded and
the free space is determined after the last volume.
Add volume index to extent struct and use that do determine size after
super->current_vol during expand.
Limitation to last volume is no longer needed. It unblocks scenarios
where kill-subarray is used to remove first volume and later it is
recreated (now it is the second volume, even if it is placed before
existing one).