Mariusz Tkaczyk [Tue, 19 Oct 2021 10:07:43 +0000 (12:07 +0200)]
imsm: introduce helpers to manage file descriptors
To avoid direct comparisions define dedicated inlines.
This patch propagates them in super-intel.c. They are declared globally
for future usage outside IMSM.
Additionally, it adds fd check in save_backup_imsm() to remove
code vulnerability and simplifies targets array implementation.
It also propagates pr_vrb() macro instead if (verbose) condidtion.
Xiao Ni [Wed, 27 Oct 2021 12:23:14 +0000 (20:23 +0800)]
mdadm/Detail: Can't show container name correctly when unpluging disks
The test case is:
1. create one imsm container
2. create a raid5 device from the container
3. unplug two disks
4. mdadm --detail /dev/md126
[root@rhel85 ~]# mdadm -D /dev/md126
/dev/md126:
Container : ��, member 0
The Detail function first gets container name by function
map_dev_preferred. Then it tries to find which disks are
available. In patch db5377883fef(It should be FAILED..)
uses map_dev_preferred to find which disks are under /dev.
But now, the major/minor information comes from kernel space.
map_dev_preferred malloc memory and init a device list when
first be called by Detail. It can't find the device in the
list by the major/minor. It free the memory and reinit the
list.
The container name now points to an area tha has been freed.
So the containt is a mess.
This patch replaces map_dev_preferred with access.
Fixes: db5377883fef (It should be FAILED when raid has) Signed-off-by: Xiao Ni <xni@redhat.com> Reported-by: Fine Fan <ffan@redhat.com> Acked-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Nigel Croxon [Thu, 14 Oct 2021 16:02:00 +0000 (12:02 -0400)]
Fix 2 dc stream buffer
To meet requirements of Common Criteria certification vulnerablility
assessment. Static code analysis has been run and found the following
Error: DC.STREAM_BUFFER (CWE-120): [#def46]
mdadm-4.2: dont_call: "fscanf" assumes an arbitrarily
long string, so callers must use correct precision specifiers or
never use "fscanf".
The change is to define a value for string %s.
V2: Tighten the value in policy.c to match the limit of the metadata.
Add a change to policy_save_path() to use correct precision on the
fscanf call.
Nigel Croxon [Tue, 17 Aug 2021 13:14:48 +0000 (09:14 -0400)]
Fix potential overlap dest buffer
To meet requirements of Common Criteria certification vulnerablility
assessment. Static code analysis has been run and found the following
error. Overlapping_buffer: The source buffer potentially overlaps
with the destination buffer, which results in undefined
behavior for "memcpy".
Nigel Croxon [Mon, 23 Aug 2021 12:48:35 +0000 (08:48 -0400)]
disallow create or grow clustered bitmap with writemostly set
Do not support creating an MD array on a clustered system
(--bitmap=clustered) and disks with the write mostly
(--write-mostly) flag set.
Or do not grow an MD array on a non-clustered bitmap to a
clustered bitmap with disks having the write mostly flag set.
The actual results is the MD array is created successfully.
But the expected results should be a failure with an
error message stating:
Can not set --write-mostly with a clustered bitmap.
and disks marked write-mostly are not supported with clustered bitmap.
V2:
Added the device name in the error message during creation:
mdadm -CR /dev/md0 -l1 --raid-devices=2 /dev/sda --write-mostly /dev/sdb --bitmap=clustered
mdadm: Can not set /dev/sdb --write-mostly with a clustered bitmap.
Added the array name in the error message when growing:
mdadm --grow /dev/md0 --bitmap=clustered
mdadm: /dev/md0 disks marked write-mostly are not supported with clustered bitmap
Nigel Croxon [Wed, 25 Aug 2021 15:30:14 +0000 (11:30 -0400)]
Fix buffer size warning for strcpy
To meet requirements of Common Criteria certification vulnerability
assessment. Static code analysis has been run and found the following
error:
buffer_size_warning: Calling "strncpy" with a maximum size
argument of 16 bytes on destination array "ve->name" of
size 16 bytes might leave the destination string unterminated.
https://people.redhat.com/ncroxon/mdadm-4.2-rc2-scan-results.html
The change is to make the destination size to fit the allocated size.
V5:
Simplify the the strnlen call.
V4:
Code cleanup of the interim "if" statement.
V3: Doc change only:
The code change from filling ve->name with spaces to filling it with
null-terminated is to comform to the SNIA - Common RAID Disk Data
Format Specification. The format for VD_Name (ve->name) specifies
the field to be either ASCII or UNICODE. Bit 2 of the VD_Type field
MUST be used to determine the Unicode or ASCII format of this field.
If this field is not used, all bytes MUST be set to zero.
V2: Change from zero-terminated to zero-padded on memset and
change from using strncpy to memcpy, feedback from Neil Brown.
Wu Guanghao [Mon, 16 Aug 2021 07:24:51 +0000 (15:24 +0800)]
mdadm: fix coredump of mdadm --monitor -r
The --monitor -r option requires a parameter, otherwise a null pointer will be manipulated
when converting to integer data, and a coredump will appear.
The case when array is already degraded has been omitted
by commit 7b99edab2834 ("Assemble.c: respect force flag.").
Appropriative support has been added now.
Handlers for "run" and "force" have been divided into independent
routines. Especially force has to be as meaningless as possible.
It respects following rules:
- user agrees to start array as degraded (by --run) or is already
degraded
- raid456 module is in use
- some drives are missing (to limit potential abuses)
It doesn't allow to skip resync on dirty, but not degraded array.
This patch cleans up message generation for external array and makes it
consistent. Following code could be reused also for native.
In current implementation assemble_container_content is called once, in
both Incremental or Assembly mode. Thus makes that partial assembly is
not likely to happen. It is possible, but requires user input.
Partial assembly during reshape fails (sysfs_set_array
error - not yet investigated). For now I put FIXME to mark current
logic as known to be buggy because preexist_cnt contains both exp_cnt
and new_cnt which may produce an incorrect message.
Check for new disks and runstop is unnecessary, so has been removed.
This allows to print assemble status in every case, even if nothing new
happens.
Mateusz Grzonka [Mon, 28 Jun 2021 12:15:04 +0000 (14:15 +0200)]
imsm: Fix possible memory leaks and refactor freeing struct dl
Free memory allocated by structs dl and intel_super.
Allow __free_imsm_disk to decide if fd has to be closed and propagate it
across code instead of direct struct dl freeing.
Xiao Ni [Tue, 22 Jun 2021 15:15:55 +0000 (23:15 +0800)]
mdadm: Fix building errors
In util.c, there is a building error:
'/md/metadata_version' directive writing 20 bytes into a
region of size between 0 and 255 [-Werror=format-overflow=]
In mapfile.c
It declares the fouth argument as 'int *' in map_update,
but in mdadm.h it's previously declared as an array 'int[4]'
Signed-off-by: Xiao Ni <xni@redhat.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Don't associate spares with other arrays during RAID Examine
Spares in imsm belong to containers, not volumes, and must go into
a separate container when assembling the RAID.
Remove association spares with other arrays and make Examine print
separate containers for spares.
Auto assemble without config file already works like this. So make
creating a config file and assembling from it consistent with auto
assemble.
With this change, mdadm -Es will add this line to output if spares
are found:
ARRAY metadata=imsm UUID=00000000:00000000:00000000:00000000
Remove Spare drives line from details for external metadata
Arrays with external metadata do not have spare disks directly
assigned to volumes; spare disks belong to containers and are
moved to arrays when the array is degraded/reshaping.
Thus, the display of zero spare disks in volume details is
incorrect and can be confusing.
Blazej Kucman [Tue, 15 Jun 2021 14:45:39 +0000 (16:45 +0200)]
Use dev_open in validate geometry container
Fix regression caused by the patch 1f5d54a06
("Manage: Call validate_geometry when adding drive to external container")
- mdmonitor passes to Manage() routine dev name as min:mjr.
The open() used in validate_geometry_container()
in both ddf and imsm requires path, replace open calls by dev_open,
which allows to use dev path and min:mjr.
Mariusz Tkaczyk [Mon, 17 May 2021 14:39:03 +0000 (16:39 +0200)]
Manage: Call validate_geometry when adding drive to external container
When adding drive to container call validate_geometry to verify whether
drive is supported and can be addded to container.
Remove unused parameters from validate_geometry_imsm_container().
There is no need to pass them.
Don't calculate freesize if it is not mandatory. Make it configurable.
Mariusz Tkaczyk [Mon, 17 May 2021 14:39:00 +0000 (16:39 +0200)]
imsm: add generic method to resolve "device" links
Each virtual device is linked with parent by "device". This patch adds
possibility to get previous device in sysfs tree.
Depending on device type, there is a different amount of virutal
layers. The best we can do is allow to directly specify how many
"device" links need to be resolved. This approach also allows to get
previous virtual device, which may contain some attributes.
Simplify fd2devname, this function doesn't require new functionality and
shall use generic fd2kname.
For nvme drives represented via nvme-subystem when path to block
device if requested, then return it without translation.
Nigel Croxon [Fri, 26 Mar 2021 11:56:10 +0000 (07:56 -0400)]
mdadm: fix growing containers
This fixes growing containers which was broken with
commit 4ae96c802203ec3c (mdadm: fix reshape from RAID5 to RAID6 with
backup file)
The issue being that containers use the function
wait_for_reshape_isms and expect a number value and not a
string value of "max". The change is to test for external
before setting the correct value.
Mariusz Tkaczyk [Wed, 17 Mar 2021 12:01:54 +0000 (13:01 +0100)]
imsm: support for third Sata controller
Add new UEFI TSata variable. Remove CSata variable.
This variable has been never exposed by UEFI.
Remove vulnerability to match different hbas with SATA variable.
Jakub Radtke [Fri, 15 Jan 2021 05:47:01 +0000 (00:47 -0500)]
Grow: Block reshape when external metadata and write-intent bitmap
Current kernel sysfs interface for the bitmap is limited. It allows
the applying of the bitmap on non-active volumes only.
The reshape operation for a volume with a bitmap should be blocked.
Signed-off-by: Jakub Radtke <jakub.radtke@intel.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Jakub Radtke [Fri, 15 Jan 2021 05:47:00 +0000 (00:47 -0500)]
Create: Block automatic enabling bitmap for external metadata
For external metadata, bitmap should be added only when
explicitly set by the administrator.
They could be additional requirements to consider before
enabling the external metadata's functionality
(e.g., kernel support).
Signed-off-by: Jakub Radtke <jakub.radtke@intel.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Jakub Radtke [Fri, 15 Jan 2021 05:46:58 +0000 (00:46 -0500)]
Add "bitmap" to allowed command-line values
Currently, the sysfs interface allows bitmap setup only when volume
is in an inactive state.
For external metadata to add bitmap to existing volume instead of
GROW, the UPDATE operation can be done.
The patch adds a "bitmap" argument to the allowed values for UPDATE.
Signed-off-by: Jakub Radtke <jakub.radtke@intel.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Jakub Radtke [Fri, 15 Jan 2021 05:46:56 +0000 (00:46 -0500)]
imsm: Write-intent bitmap support
This patch enables the bitmap functionality with the IMSM metadata format.
The functionality covers "internal" bitmap.
There are the following limitation to "internal" metadata:
- creating the bitmap using --grow is not supported
- parameter --bitmap-chunk is ignored (default value 64MiB is used)
Signed-off-by: Jakub Radtke <jakub.radtke@intel.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Jakub Radtke [Fri, 15 Jan 2021 05:46:55 +0000 (00:46 -0500)]
Enable bitmap support for external metadata
The patch enables the implementation of a write-intent bitmap for external
metadata.
Configuration of the internal bitmaps for non-native metadata requires the
extension in superswitch to perform an additional sysfs setup before the
array is activated.
Signed-off-by: Jakub Radtke <jakub.radtke@intel.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Xiao Ni [Tue, 9 Feb 2021 09:39:51 +0000 (17:39 +0800)]
It should be FAILED when raid has not enough active disks
It can't remove the disk if there are not enough disks. For example, raid5 can't remove the
second disk. If the second disk is unplug from machine, it's better show missing and the raid
should be FAILED. It's better for administrator to monitor the raid.
Signed-off-by: Xiao Ni <xni@redhat.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
mdmonitor: check if udev has finished events processing
If mdmonitor is awaken by event, wait for udev to finish
events processing, to eliminate the race between udev and mdadm
when spare has been added and need to be moved by mdmonitor
Mariusz Tkaczyk [Wed, 13 Jan 2021 08:58:45 +0000 (09:58 +0100)]
imsm: use saved fds during migration
IMSM super keeps open descriptors in super->disks structure, they are
reliable and should be chosen if possible. The repeatedly called open
and close during reshape generates redundant udev change events on
each member drive.
Zhao Heming [Wed, 3 Feb 2021 00:22:51 +0000 (08:22 +0800)]
super1.c: avoid useless sync when bitmap switches from clustered to none
With kernel commit 480523feae58 ("md: only call set_in_sync() when it
is expected to succeed."), mddev->in_sync in clustered array is always
zero. It makes metadata resync_offset to always zero.
When assembling a clusterd array with "-U no-bitmap" option, kernel
md layer "mddev->resync_offset == 0" and "mddev->bitmap == NULL" will
trigger raid1 do sync on every bitmap chunk. the sync action is useless,
we should avoid it.
Related kernel flow:
```
md_do_sync
mddev->pers->sync_request
raid1_sync_request
md_bitmap_start_sync(mddev->bitmap, sector_nr, &sync_blocks, 1)
__bitmap_start_sync(bitmap, offset,&blocks1, degraded)
if (bitmap == NULL) {/* FIXME or bitmap set as 'failed' */
*blocks = 1024;
return 1; /* always resync if no bitmap */
}
```
NeilBrown [Fri, 26 Feb 2021 01:02:36 +0000 (12:02 +1100)]
Grow: be careful of corrupt dev_roles list
I've seen a case where the dev_roles list of a linear array
was corrupt. ->max_dev was > 128 and > raid_disks, and the
extra slots were '0', not 0xFFFE or 0xFFFF.
This caused problems when a 128th device was added.
So:
1/ make Grow_Add_device more robust so that if numbers
look wrong, it fails-safe.
2/ make examine_super1() report details if the dev_roles
array is corrupt.
Nigel Croxon [Wed, 20 Jan 2021 20:05:42 +0000 (15:05 -0500)]
mdadm: fix reshape from RAID5 to RAID6 with backup file
Reshaping a 3-disk RAID5 to 4-disk RAID6 will cause a hang of
the resync after the grow.
Adding a spare disk to avoid degrading the array when growing
is successful, but not successful when supplying a backup file
on the command line. If the reshape job is not already running,
set the sync_max value to max.
Lidong Zhong [Mon, 14 Dec 2020 14:51:33 +0000 (22:51 +0800)]
Dump: get stat from a wrong metadata file when restoring metadata
The dumped metadata files are shown as below
localhost:~ # ll -ih test/
total 16K 34565564 -rw-r--r-- 2 root root 1.0G Dec 14 21:15
scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-3 34565563 -rw-r--r-- 2 root root 1.0G Dec 14 21:15
scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-4 34565563 -rw-r--r-- 2 root root 1.0G Dec 14 21:15 sda 34565564 -rw-r--r-- 2 root root 1.0G Dec 14 21:15 sdb
It reports such error when trying to restore metadata for /dev/sda
localhost:~ # mdadm --restore=test /dev/sda
mdadm: test/scsi-0QEMU_QEMU_HARDDISK_drive-scsi0-0-0-4 is not the same
size as /dev/sda - cannot restore.
It's because the stb value has been changed to other metadata file in
the while statement.
Mariusz Tkaczyk [Fri, 11 Dec 2020 11:28:38 +0000 (12:28 +0100)]
Incremental: Remove redundant spare movement logic
If policy is set then mdmonitor is responsible for moving spares.
This logic is reduntant and potentialy dangerus, spare could be moved at
initrd stage depending on drives appearance order.
Tkaczyk Mariusz [Thu, 15 Oct 2020 08:45:29 +0000 (10:45 +0200)]
udev: start grow service automatically
Grow continue via service or fork is started during raid assembly.
If raid was assembled in initrd it will be newer restarted after
switch root.
Add udev support for starting mdadm-grow-continue service.
Kinga Tanska [Thu, 22 Oct 2020 12:22:29 +0000 (14:22 +0200)]
Make target to install binaries only
Make install causes installation of binaries, udev and man.
This commit contains new target make install-bin, which
results in installation of binaries only.
Zhao Heming [Sat, 24 Oct 2020 09:43:12 +0000 (17:43 +0800)]
mdadm/Detail: show correct state for clustered array
After kernel md module commit 480523feae581, in clustered env,
mddev->in_sync always zero, it will make array.state never set
up MD_SB_CLEAN. it causes "mdadm -D /dev/mdX" show state 'active'
all the time.
bitmap.c: add a new API IsBitmapDirty() to support inquiry bitmap
dirty or clean.
Mariusz Tkaczyk [Wed, 4 Nov 2020 09:02:36 +0000 (10:02 +0100)]
mdadm: Unify forks behaviour
If mdadm is run by udev or systemd, it gets a pipe as each stream.
Forks in the background may run after an event or service has been
processed when udev is detached from pipe. As a result process
fails quietly if any message is written.
To prevent from it, each fork has to close all parent streams. Leave
stderr and stdout opened only for debug purposes.
Unify it across all forks. Introduce other descriptors detection by
scanning /proc/self/fd directory. Add generic method for
managing systemd services.
Mariusz Tkaczyk [Tue, 24 Nov 2020 13:15:15 +0000 (14:15 +0100)]
imsm: update num_data_stripes according to dev_size
If array was created in UEFI there is possibility that
member size is not rounded to 1MB. After any size reconfiguration
it will be rounded down to 1MB per each member but the old
component size will remain in metadata.
During reshape old array size is calculated from component size because
dev_size is not a part of map and is bumped to new value quickly.
It may result in size mismatch if array is assembled during reshape.
If difference in calculated size and dev_size is observed try to fix it.
num_data_stripes value can be safety updated to smaller value if array
doesn't occuppy whole reserved component space.
Mariusz Tkaczyk [Tue, 24 Nov 2020 12:39:49 +0000 (13:39 +0100)]
Create.c: close mdfd and generate uevent
During mdfd closing change event is not generated because open() is
called before start watching mddevice by udev.
Device is ready at this stage. Unblock device, close fd and
generate event to give a chance next layers to work.
Lidong Zhong [Sun, 22 Nov 2020 15:12:29 +0000 (23:12 +0800)]
Detail: fix segfault during IMSM raid creation
It can be reproduced with non IMSM hardware and IMSM_NO_PLATFORM
environmental variable set. The array state is inactive when creating
an IMSM container. And the structure info is NULL because load_super()
always fails since no intel HBA information could be obtained.
Signed-off-by: Lidong Zhong <lidong.zhong@suse.com> Reported-by: Tkaczyk Mariusz <mariusz.tkaczyk@intel.com> Fixes: 64bf4dff3430 (Detail: show correct raid level when the array is inactive)
NeilBrown [Wed, 14 Oct 2020 02:12:48 +0000 (13:12 +1100)]
Super1: allow RAID0 layout setting to be removed.
Once the RAID0 layout has been set, the RAID0 array cannot be assembled
on an older kernel which doesn't understand layouts.
This is an intentional safety feature, but sometimes people need the
ability to roll-back to a previously working configuration.
So add "--update=layout-unspecified" to remove RAID0 layout information
from the superblock.
Running "--assemble --update=layout-unspecified" will cause the assembly
the fail when run on a newer kernel, but will allow it to work on
an older kernel.
Stop reporting any events from container but still track them,
it is important for spare migration.
Stop mdmonitor if no redundant array is presented in mdstat.
There is nothing to follow.
After 52209d6ee118 ("Monitor: release /proc/mdstat fd when no arrays
present") mdstat fd is closed if mdstat is empty or cannot be opened.
It causes that monitor is not able to select on mdstat. Select
doesn't fail because it gets valid descriptor to a different resource.
As a result any new event will be unnoticed until timeout (delay).
Refresh mdstat after wake up, don't poll on wrong resource.
Detail: show correct raid level when the array is inactive
Sometimes the raid level in the output of `mdadm -D /dev/mdX` is
misleading when the array is in inactive state. Here is a testcase for
introduction.
1\ creating a raid1 device with two disks. Specify a different hostname
rather than the real one for later verfication.
node1:~ # mdadm --create /dev/md0 --homehost TESTARRAY -o -l 1 -n 2 /dev/sdb
/dev/sdc
2\ remove one of the devices and reboot
3\ show the detail of raid1 device
node1:~ # mdadm -D /dev/md127
/dev/md127:
Version : 1.2
Raid Level : raid0
Total Devices : 1
Persistence : Superblock is persistent
State : inactive
Working Devices : 1
You can see that the "Raid Level" in /dev/md127 is raid0 now.
After step 2\ is done, the degraded raid1 device is recognized
as a "foreign" array in 64-md-raid-assembly.rules. And thus the
timer to activate the raid1 device is not triggered. The array
level returned from GET_ARRAY_INFO ioctl is 0. And the string
shown for "Raid Level" is
str = map_num(pers, array.level);
And the definition of pers is
mapping_t pers[] = {
{ "linear", LEVEL_LINEAR},
{ "raid0", 0},
{ "0", 0}
...
So the misleading "raid0" is shown in this testcase.
Changelog:
v1: don't show "Raid Level" when array is inactive Signed-off-by: Lidong Zhong <lidong.zhong@suse.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Xiao Ni [Mon, 27 Jul 2020 01:14:20 +0000 (09:14 +0800)]
Specify nodes number when updating cluster nodes
Now it allows updating cluster nodes without specify --nodes. It can write superblock
with zero nodes. It can break the current cluster. Add this check to avoid this problem.
v2: It needs check c.update first to avoid NULL pointer reference
v3: Wol points the typo error
Signed-off-by: Xiao Ni <xni@redhat.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
allenpeng [Fri, 12 Jun 2020 09:00:39 +0000 (17:00 +0800)]
mdadm/Grow: prevent md's fd from being occupied during delayed time
If we start reshaping on md which shares sub-devices with another
resyncing md, it may be forced to wait for others to complete. mdadm
occupies the md's fd during this time, which causes the md can not be
stopped and the filesystem can not be mounted on the md. We can close
md's fd earlier to solve this problem.
Reproducible Steps:
1. create two partitions on sda, sdb, sdc, sdd
2. create raid1 with sda1, sdb1
mdadm -C /dev/md1 --assume-clean -l1 -n2 /dev/sda1 /dev/sdb1
3. create raid5 with sda2, sdb2, sdc2
mdadm -C /dev/md2 --assume-clean -l5 -n3 /dev/sda2 /dev/sdb2 /dev/sdc2
4. start resync at md1
echo repair > /sys/block/md1/md/sync_action
5. reshape raid5 to raid6
mdadm -a /dev/md2 /dev/sdd2
mdadm --grow /dev/md2 -n4 -l6 --backup-file=/root/md2-backup
Now mdadm is occupying the fd of md2, causing md2 unable to be stopped
6.Try to stop md2, an error message shows
mdadm -S /dev/md2
mdadm: Cannot get exclusive access to /dev/md3:Perhaps a running process,
mounted filesystem or active volume group?
Reviewed-by: Alex Wu <alexwu@synology.com> Reviewed-by: BingJing Chang <bingjingc@synology.com> Reviewed-by: Danny Shih <dannyshih@synology.com> Signed-off-by: ChangSyun Peng <allenpeng@synology.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
David Favro [Sat, 23 May 2020 12:24:59 +0000 (08:24 -0400)]
Detect too-small device: error rather than underflow/crash
For 1.x metadata, when the user requested creation of an array on
component devices that were too small even to hold the superblock,
an undetected integer wraparound (underflow) resulted in an enormous
computed size which resulted in various follow-on errors such as
floating-point exception.
This patch detects this condition, prints a reasonable diagnostic
message, and refuses to continue.
Signed-off-by: David Favro <dfavro@meta-dynamic.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
Guoqing Jiang [Mon, 18 May 2020 21:53:36 +0000 (23:53 +0200)]
restripe: fix ignoring return value of ‘read’ and lseek
Got below error when run "make everything".
restripe.c: In function ‘test_stripes’:
restripe.c:870:4: error: ignoring return value of ‘read’, declared with attribute warn_unused_result [-Werror=unused-result]
read(source[i], stripes[i], chunk_size);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fix it by check the return value of ‘read’, and free memory
in the failure case.
And check the return value of lseek as well per Jes's comment.
Jes Sorensen [Tue, 19 May 2020 00:19:53 +0000 (20:19 -0400)]
Include count for \0 character when using strncpy to implement strdup.
We have to include the \0 character in the length when copying a
string with strncpy() for which length was found with strlen().
Otherwise the destination will not get null terminated - except that
we explicitly zeroed it out earlier.
Guoqing Jiang [Mon, 18 May 2020 21:53:35 +0000 (23:53 +0200)]
uuid.c: split uuid stuffs from util.c
Currently, 'make raid6check' is build broken since commit b06815989
("mdadm: load default sysfs attributes after assemblation").
/usr/bin/ld: sysfs.o: in function `sysfsline':
sysfs.c:(.text+0x2707): undefined reference to `parse_uuid'
/usr/bin/ld: sysfs.c:(.text+0x271a): undefined reference to `uuid_zero'
/usr/bin/ld: sysfs.c:(.text+0x2721): undefined reference to `uuid_zero'
Apparently, the compile of mdadm or raid6check are coupled with uuid
functions inside util.c. However, we can't just add util.o to CHECK_OBJS
which raid6check is needed, because it caused other worse problems.
So, let's introduce a uuid.c file which is indenpended file to fix the
problem, all the contents are splitted from util.c.
Tkaczyk Mariusz [Fri, 15 May 2020 09:23:14 +0000 (11:23 +0200)]
Makefile: add EXTRAVERSION support
Add optional EXTRAVERSION parameter to Makefile and allow to mark version
by user friendly label. It might be useful when creating custom
spins of mdadm, or labeling some instance in between major releases.
Mariusz Tkaczyk [Tue, 5 May 2020 10:17:17 +0000 (12:17 +0200)]
Assemble.c: respect force flag.
If the array is dirty handler will set resync_start to 0 to inform kernel
that resync is needed. RWH affects only raid456 module, for other
levels array will be started even array is degraded and resync cannot be
performed.
Force is really meaningful for raid456. If array is degraded and resync
is requested, kernel will reject an attempt to start the array. To
respect force, it has to be marked as clean (this will be done for each
array without PPL) and remove the resync request (only for raid 456).
Data corruption may occur so proper warning is added.
mdadm: No super block found on /dev/ram1 (Expected magic a92b4efc, got 00000000)
mdadm: no RAID superblock on /dev/ram1
mdadm: /dev/md111 assembled from 1 drive - need all 2 to start it (use --run to insist).
The mdadm say that it assembled but mdadm does not create /dev/md111.
The message is wrong.
After applying this patch, mdadm reports error correctly as following.
mdadm: No super block found on /dev/ram1 (Expected magic a92b4efc, got 00000000)
mdadm: no RAID superblock on /dev/ram1
mdadm: /dev/ram1 has no superblock - assembly aborted
Signed-off-by: Gioh Kim <gi-oh.kim@cloud.ionos.com> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
New drive in container always appears as spare. Manager is able to
handle that, and queues appropriative update to monitor.
No update from mdadm side has to be processed, just insert the drive and
ping the mdmon. Metadata has to be written if no mdmon is running (case
for Raid0 or container without arrays).
If bare drive is added very early on startup (by custom bare rule),
there is possiblity that mdmon was not restarted after switch root. Old
one is not able to handle new drive. New one fails because there is
drive without metadata in container and metadata cannot be loaded.
To prevent this, write spare metadata before adding device
to container. Mdmon will overwrite it (same case as spare migration,
if drive appears it writes the most recent metadata).
Metadata has to be written only on new drive before sysfs_add_disk(),
don't race with mdmon if running.
Coly Li [Fri, 10 Apr 2020 16:24:46 +0000 (00:24 +0800)]
Monitor: improve check_one_sharer() for checking duplicated process
When running mdadm monitor with scan mode, only one autorebuild process
is allowed. check_one_sharer() checks duplicated process by following
steps,
1) Read autorebuild.pid file,
- if file does not exist, no duplicated process, go to 3).
- if file exists, continue to next step.
2) Read pid number from autorebuild.pid file, then check procfs pid
directory /proc/<PID>,
- if the directory does not exist, no duplicated process, go to 3)
- if the directory exists, print error message for duplicated process
and exit this mdadm.
3) Write current pid into autorebuild.pid file, continue to monitor in
scan mode.
The problem for the above step 2) is, if after system reboots and
another different process happens to have exact same pid number which
autorebuild.pid file records, check_one_sharer() will treat it as a
duplicated mdadm process and returns error with message "Only one
autorebuild process allowed in scan mode, aborting".
This patch tries to fix the above same-pid-but-different-process issue
by one more step to check the process command name,
1) Read autorebuild.pid file
- if file does not exist, no duplicated process, go to 4).
- if file exists, continue to next step.
2) Read pid number from autorebuild.pid file, then check procfs file
comm with the specific pid directory /proc/<PID>/comm
- if the file does not exit, it means the directory /proc/<PID> does
not exist, go to 4)
- if the file exits, continue next step
3) Read process command name from /proc/<PIC>/comm, compare the command
name with "mdadm" process name,
- if not equal, no duplicated process, goto 4)
- if strings are equal, print error message for duplicated process
and exit this mdadm.
4) Write current pid into autorebuild.pid file, continue to monitor in
scan mode.
Now check_one_sharer() returns error for duplicated process only when
the recorded pid from autorebuild.pid exists, and the process has exact
same command name as "mdadm".
When adding a device to a container mdadm has to close its file
descriptor before sysfs_add_disk(). This generates change event.
There is race possibility because metadata is already written and other
-I process can place drive differently. As a result device can be added
to two containers simultaneously.
From IMSM perspective there is no need to react for change event. IMSM
doesn't support stacked devices.
projects / thirdparty / mdadm.git / log
