flexi array mti_nidlist member of 'struct mgs_target_info'
is only valid when 'large_nid' is true. However, on returning
from server_lsi2mti() member mti_nidlist was unconditionally
accessed leading to slab-out-of-bounds because its rows are
not yet allocated.
This patch adds a condition for debug printing to either print
member mti_nids(v4/not large nid) or mti_nidlist for large nids
KASAN slab-out-of-bounds was triggered when running
conf-sanity/19b giving the below stack
==================================================================
[ 534.044351] BUG: KASAN: slab-out-of-bounds in string_nocheck+0x1ec/0x290
[ 534.045064] Read of size 1 at addr
ffff88818625d1c0 by task mount.lustre/5165
[ 534.045797]
[ 534.045971] CPU: 1 PID: 5165 Comm: mount.lustre Tainted: G \
W OE ---------r- - 4.18.0-348.23.1.el8_5.x86_64+debug #1
[ 534.047172] Hardware name: Red Hat KVM/RHEL-AV, \
BIOS 1.16.0-4.module_el8.9.0+3659+
9c8643f3 04/01/2014
[ 534.048120] Call Trace:
[ 534.048393] dump_stack+0x8e/0xd0
[ 534.048749] ? string_nocheck+0x1ec/0x290
[ 534.049178] print_address_description.constprop.5+0x1e/0x230
[ 534.054812] string+0xb6/0xc0
[ 534.057142] libcfs_debug_msg+0x152c/0x2290 [libcfs]
[ 534.059975] server_start_targets+0x39d8/0x73e0 [ptlrpc]
[ 534.074514] server_fill_super+0x1352/0x1cc0 [ptlrpc]
[ 534.077431] lustre_fill_super+0x779/0x9f0 [lustre]
[ 534.078519] mount_nodev+0x48/0xe0
[ 534.079441] legacy_get_tree+0x105/0x200
[ 534.080294] vfs_get_tree+0x89/0x330
[ 534.081114] do_mount+0xd40/0x1570
[ 534.083922] ksys_mount+0xb6/0xd0
[ 534.084282] __x64_sys_mount+0xba/0x150
[ 534.084704] do_syscall_64+0xa5/0x430
[ 534.085090] entry_SYSCALL_64_after_hwframe+0x6a/0xdf
----
[ 534.092557] Allocated by task 5165:
[ 534.092927] kasan_save_stack+0x19/0x80
[ 534.093321] __kasan_kmalloc.constprop.9+0xc1/0xd0
[ 534.093817] __kmalloc+0x143/0x260
[ 534.094257] server_lsi2mti+0x6d5/0x1600 [ptlrpc]
[ 534.094838] server_start_targets+0x9f5/0x73e0 [ptlrpc]
[ 534.095489] server_fill_super+0x1352/0x1cc0 [ptlrpc]
[ 534.096062] lustre_fill_super+0x779/0x9f0 [lustre]
[ 534.096584] mount_nodev+0x48/0xe0
[ 534.096946] legacy_get_tree+0x105/0x200
[ 534.097353] vfs_get_tree+0x89/0x330
[ 534.097729] do_mount+0xd40/0x1570
[ 534.098114] ksys_mount+0xb6/0xd0
[ 534.098482] __x64_sys_mount+0xba/0x150
[ 534.098885] do_syscall_64+0xa5/0x430
[ 534.099269] entry_SYSCALL_64_after_hwframe+0x6a/0x
Test-Parameters: trivial testlist=conf-sanity
Signed-off-by: Arshad Hussain <arshad.hussain@aeoncomputing.com>
Change-Id: I82eb33abc70cfe918711835b019af8e07c46272d
Reviewed-on: https://review.whamcloud.com/c/fs/lustre-release/+/58018
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: James Simmons <jsimmons@infradead.org>
Reviewed-by: Frank Sehr <fsehr@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
struct obd_device *mgc = lsi->lsi_mgc;
struct mgs_target_info *mti = NULL;
size_t mti_len = sizeof(*mti);
+ struct lnet_nid nid;
bool must_succeed;
- int rc;
int tried = 0;
+ char *nidstr;
+ int rc;
ENTRY;
LASSERT(mgc);
if (IS_ERR(mti))
GOTO(out, rc = PTR_ERR(mti));
- CDEBUG(D_MOUNT, "Registration %s, fs=%s, %s, index=%04x, flags=%#x\n",
- mti->mti_svname, mti->mti_fsname, mti->mti_nidlist[0],
- mti->mti_stripe_index, mti->mti_flags);
+ if (exp_connect_flags2(lsi->lsi_mgc->u.cli.cl_mgc_mgsexp) &
+ OBD_CONNECT2_LARGE_NID) {
+ nidstr = mti->mti_nidlist[0]; /* large_nid */
+ } else {
+ lnet_nid4_to_nid(mti->mti_nids[0], &nid);
+ nidstr = libcfs_nidstr(&nid);
+ }
+
+ CDEBUG(D_MOUNT,
+ "Registration %s, fs=%s, %s, index=%04x, flags=%#x\n",
+ mti->mti_svname, mti->mti_fsname, nidstr, mti->mti_stripe_index,
+ mti->mti_flags);
/* we cannot ignore registration failure if MGS logs must be updated. */
must_succeed = !!(lsi->lsi_flags &
git://git.whamcloud.com / fs / lustre-release.git / commitdiff