1. 10 9月, 2013 5 次提交
    • J
      rbd: fix error handling from rbd_snap_name() · da6a6b63
      Josh Durgin 提交于
      rbd_snap_name() calls rbd_dev_v{1,2}_snap_name() depending on the
      format of the image. The format 1 version returns NULL on error, which
      is handled by the caller. The format 2 version returns an ERR_PTR,
      which the caller of rbd_snap_name() does not expect.
      
      Fortunately this is unlikely to occur in practice because
      rbd_snap_id_by_name() is called before rbd_snap_name(). This would hit
      similar errors to rbd_snap_name() (like the snapshot not existing) and
      return early, so rbd_snap_name() would not hit an error unless the
      snapshot was removed between the two calls or memory was exhausted.
      
      Use an ERR_PTR in rbd_dev_v1_snap_name() so that the specific error
      can be propagated, and it is consistent with rbd_dev_v2_snap_name().
      Handle the ERR_PTR in the only rbd_snap_name() caller.
      Suggested-by: NAlex Elder <alex.elder@linaro.org>
      Signed-off-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NAlex Elder <elder@linaro.org>
      da6a6b63
    • J
      rbd: ignore unmapped snapshots that no longer exist · efadc98a
      Josh Durgin 提交于
      This prevents erroring out while adding a device when a snapshot
      unrelated to the current mapping is deleted between reading the
      snapshot context and reading the snapshot names. If the mapped
      snapshot name is not found an error still occurs as usual.
      Signed-off-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NAlex Elder <elder@linaro.org>
      efadc98a
    • J
      rbd: fix use-after free of rbd_dev->disk · 9875201e
      Josh Durgin 提交于
      Removing a device deallocates the disk, unschedules the watch, and
      finally cleans up the rbd_dev structure. rbd_dev_refresh(), called
      from the watch callback, updates the disk size and rbd_dev
      structure. With no locking between them, rbd_dev_refresh() may use the
      device or rbd_dev after they've been freed.
      
      To fix this, check whether RBD_DEV_FLAG_REMOVING is set before
      updating the disk size in rbd_dev_refresh(). In order to prevent a
      race where rbd_dev_refresh() is already revalidating the disk when
      rbd_remove() is called, move the call to rbd_bus_del_dev() after the
      watch is unregistered and all notifies are complete. It's safe to
      defer deleting this structure because no new requests can be submitted
      once the RBD_DEV_FLAG_REMOVING is set, since the device cannot be
      opened.
      
      Fixes: http://tracker.ceph.com/issues/5636Signed-off-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NAlex Elder <elder@linaro.org>
      9875201e
    • J
      rbd: make rbd_obj_notify_ack() synchronous · 20e0af67
      Josh Durgin 提交于
      The only user of rbd_obj_notify_ack() is rbd_watch_cb(). It used
      asynchronously with no tracking of when the notify ack completes, so
      it may still be in progress when the osd_client is shut down.  This
      results in a BUG() since the osd client assumes no requests are in
      flight when it stops. Since all notifies are flushed before the
      osd_client is stopped, waiting for the notify ack to complete before
      returning from the watch callback ensures there are no notify acks in
      flight during shutdown.
      
      Rename rbd_obj_notify_ack() to rbd_obj_notify_ack_sync() to reflect
      its new synchronous nature.
      Signed-off-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NAlex Elder <elder@linaro.org>
      20e0af67
    • J
      rbd: complete notifies before cleaning up osd_client and rbd_dev · 9abc5990
      Josh Durgin 提交于
      To ensure rbd_dev is not used after it's released, flush all pending
      notify callbacks before calling rbd_dev_image_release(). No new
      notifies can be added to the queue at this point because the watch has
      already be unregistered with the osd_client.
      Signed-off-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NAlex Elder <elder@linaro.org>
      9abc5990
  2. 04 9月, 2013 3 次提交
  3. 10 8月, 2013 1 次提交
  4. 04 7月, 2013 9 次提交
  5. 02 7月, 2013 2 次提交
  6. 27 6月, 2013 1 次提交
  7. 26 6月, 2013 1 次提交
    • J
      rbd: fetch object order before using it · 1617e40c
      Josh Durgin 提交于
      rbd_dev_v2_header_onetime() fetches striping information, and
      checks whether the image can be read by compariing the stripe unit
      to the object size. It determines the object size by shifting
      the object order, which is 0 at this point since it has not been
      read yet. Move the call to get the image size and object order
      before rbd_dev_v2_header_onetime() so it is set before use.
      Signed-off-by: NJosh Durgin <josh.durgin@inktank.com>
      Reviewed-by: NSage Weil <sage@inktank.com>
      1617e40c
  8. 13 6月, 2013 1 次提交
  9. 18 5月, 2013 2 次提交
    • A
      rbd: fix cleanup in rbd_add() · 3abef3b3
      Alex Elder 提交于
      Bjorn Helgaas pointed out that a recent commit introduced a
      use-after-free condition in an error path for rbd_add().
      He correctly stated:
      
          I think b536f69a "rbd: set up devices only for mapped images"
          introduced a use-after-free error in rbd_add():
      	...
          If rbd_dev_device_setup() returns an error, we call
          rbd_dev_image_release(), which ultimately kfrees rbd_dev.
          Then we call rbd_dev_destroy(), which references fields in
          the already-freed rbd_dev struct before kfreeing it again.
      
      The simple fix is to return the error code after the call to
      rbd_dev_image_release().
      
      Closer examination revealed that there's no need to clean up
      rbd_opts in that function, so fix that too.
      
      Update some other comments that have also become out of date.
      Reported-by: NBjorn Helgaas <bhelgaas@google.com>
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      3abef3b3
    • A
      rbd: don't destroy ceph_opts in rbd_add() · 7262cfca
      Alex Elder 提交于
      Whether rbd_client_create() successfully creates a new client or
      not, it takes responsibility for getting the ceph_opts structure
      it's passed destroyed.  If successful, the structure becomes
      associated with the created client; if not, rbd_client_create()
      will destroy it.
      
      Previously, rbd_get_client() would call ceph_destroy_options()
      if rbd_get_client() failed, and that meant it got called twice.
      That led freeing various pointers more than once, which is never a
      good idea.
      
      This resolves:
          http://tracker.ceph.com/issues/4559
      
      Cc: stable@vger.kernel.org # 3.8+
      Reported-by: NDan van der Ster <dan@vanderster.com>
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      7262cfca
  10. 14 5月, 2013 12 次提交
    • A
      rbd: re-submit flattened write request (part 2) · 638f5abe
      Alex Elder 提交于
      Add code to rbd_img_obj_exists_callback() to detect when a clone's
      parent image has disappeared, and re-submit the original write
      request in that case.
      
      Kill off some redundant assertions.
      
      This completes the resolution for:
          http://tracker.ceph.com/issues/3763Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      638f5abe
    • A
      rbd: re-submit write request for flattened clone · bbea1c1a
      Alex Elder 提交于
      Add code to rbd_img_parent_read_full_callback() to detect when a
      clone's parent image has disappeared, and re-submit the original
      write request in that case.  (See the previous commit for more
      reasoning about why this is appropriate.)
      
      Rename some variables in rbd_img_obj_parent_read_full_callback()
      to match the convention used in the previous patch.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      bbea1c1a
    • A
      rbd: re-submit read request for flattened clone · 02c74fba
      Alex Elder 提交于
      If a clone image gets flattened while a parent read request is
      underway, the original rbd object request needs to be resubmitted.
      
      The reason is that by the time we get the response to the parent
      read request, the data read from the parent may be out of date.
      In other words, we could see this sequence of events:
      
          rbd client                      parent image/osd
          ----------                      ----------------
          original object ENOENT;
              issue parent read
                                          respond to parent read
                                          child image flattened
          original image header refresh
                   <--- original object written independently here
          parent read response received
      
      Add code to rbd_img_parent_read_callback() to detect when a clone's
      parent image has disappeared (as evidenced by its parent overlap
      becoming 0), and re-submit the original read request in that case.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      02c74fba
    • A
      rbd: detect when clone image is flattened · 392a9dad
      Alex Elder 提交于
      A format 2 clone image can be the subject of a "flatten" operation,
      during which all of its data gets "copied up" from its parent image,
      leaving the image fully populated.  Once this is complete, the
      clone's association with the parent is abolished.
      
      Since this can occur when a clone is mapped, we need to detect when
      it has occurred and handle it accordingly.  We know an image has
      been flattened when we know it at one time had a parent, but we have
      learned (via a "get_parent" object class method call) it no longer
      has one.
      
      There might be in-flight requests at the point we learn an image has
      been flattened, so we can't simply clean up parent data structures
      right away.  Instead, we'll drop the initial parent reference when
      the parent has disappeared (rather than when the image gets
      destroyed), which will allow the last in-flight reference to clean
      things up when it's complete.
      
      We leverage the fact that a zero parent overlap renders an image
      effectively unlayered.  We set the overlap to 0 at the point we
      detect the clone image has flattened, which allows the unlayered
      behavior to take effect immediately, while keeping other parent
      structures in place until in-flight requests to complete.
      
      This and the next few patches resolve:
          http://tracker.ceph.com/issues/3763Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      392a9dad
    • A
      rbd: reference count parent requests · a2acd00e
      Alex Elder 提交于
      Keep a reference count for uses of the parent information for an rbd
      device.
      
      An initial reference is set in rbd_img_request_create() if the
      target image has a parent (with non-zero overlap).  Each image
      request for an image with a non-zero parent overlap gets another
      reference when it's created, and that reference is dropped when the
      request is destroyed.
      
      The initial reference is dropped when the image gets torn down.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      a2acd00e
    • A
      rbd: define parent image request routines · e93f3152
      Alex Elder 提交于
      Define rbd_parent_request_create() and rbd_parent_request_destroy()
      to handle the creation of parent image requests submitted for
      layered image objects.  For simplicity, let rbd_img_request_put()
      handle dropping the reference to any image request (parent or not),
      and call whichever destructor is appropriate on the last put.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      e93f3152
    • A
      rbd: define rbd_dev_unparent() · fb65d228
      Alex Elder 提交于
      Define rbd_dev_unparent() to encapsulate cleaning up parent data
      structures from a layered rbd image.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      fb65d228
    • A
      rbd: don't release write request until necessary · 8785b1d4
      Alex Elder 提交于
      Previously when a layered write was going to involve a copyup
      request, the original osd request was released before submitting the
      parent full-object read.  The osd request for the copyup would then
      be allocated in rbd_img_obj_parent_read_full_callback().
      
      Shortly we will be handling the event of mapped layered images
      getting flattened, and when that occurs we need to resubmit the
      original request.  We therefore don't want to release the osd
      request until we really konw we're going to replace it--in the
      callback function.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      8785b1d4
    • A
      rbd: get parent info on refresh · 642a2537
      Alex Elder 提交于
      Get parent info for format 2 images on every refresh (rather than
      just during the initial probe).  This will be needed to detect the
      disappearance of the parent image in the event a mapped image
      becomes unlayered (i.e., flattened).  Avoid leaking the previous
      parent spec on the second and subsequent times this information is
      requested by dropping the previous one (if any) before updating it.
      (Also, extract the pool id into a local variable before assigning
      it into the parent spec.)
      
      Switch to using a non-zero parent overlap value rather than the
      existence of a parent (a non-null parent_spec pointer) to determine
      whether to mark a request layered.  It will soon be possible for
      a layered image to become unlayered while a request is in flight.
      
      This means that the layered flag for an image request indicates that
      there was a non-zero parent overlap at the time the image request
      was created.  The parent overlap can change thereafter, which may
      lead to special handling at request submission or completion time.
      
      This and the next several patches are related to:
          http://tracker.ceph.com/issues/3763
      
      NOTE:
      If an error occurs while refreshing the parent info (i.e.,
      requesting it after initial probe), the old parent info will
      persist.  This is not really correct, and is a scenario that needs
      to be addressed.  For now we'll assert that the failure mode is
      unlikely, but the issue has been documented in tracker issue 5040.
      Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      642a2537
    • A
      rbd: ignore zero-overlap parent · 70cf49cf
      Alex Elder 提交于
      An rbd clone image that has an overlap with its parent of 0 is
      effectively not a layered image at all.  Detect this case and treat
      such an image as non-layered.  Issue a warning to be sure the user
      knows what's going on.
      
      This resolves:
          http://tracker.ceph.com/issues/5028Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      70cf49cf
    • A
      rbd: support reading parent page data for writes · b91f09f1
      Alex Elder 提交于
      Currently, rbd_img_obj_parent_read_full() assumes the incoming
      object request contains bio data.  But if a layered image is part of
      a multi-layer stack of images it will result in read requests of
      page data to parent images.
      
      This is handling the same kind of issue as was resolved by this
      commit:
          5b2ab72d  rbd: support reading parent page data
      
      This resolves:
          http://tracker.ceph.com/issues/5027Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      b91f09f1
    • A
      rbd: fix parent request size assumption · ebda6408
      Alex Elder 提交于
      The code that reads object data from the parent for a copyup on
      write request currently assumes that the size of that request is the
      size of a "full" object from the original target image.
      
      That is not necessarily the case.  The parent overlap could reduce
      the request size below that.  To fix that assumption we need to
      record the number of pages in the copyup_pages array, for both an
      image request and an object request.  Rename a local variable in
      rbd_img_obj_parent_read_full_callback() to reflect we're recording
      the length of the parent read request, not the size of the target
      object.
      
      This resolves:
          http://tracker.ceph.com/issues/5038Signed-off-by: NAlex Elder <elder@inktank.com>
      Reviewed-by: NJosh Durgin <josh.durgin@inktank.com>
      ebda6408
  11. 09 5月, 2013 3 次提交