From f173f93032c62bd1f95330f331d3d93ce5a31598 Mon Sep 17 00:00:00 2001
From: Sebastien Buisson <sbuisson@ddn.com>
Date: Fri, 10 Nov 2017 00:48:08 +0900
Subject: [PATCH] LU-10220 mdd: fix buf alloc in
 mdd_changelog_data_store_by_fid

Fix allocation of mti_big_buf by call to lu_buf_check_and_alloc()
in mdd_changelog_data_store_by_fid().
reclen must take the header size of struct llog_changelog_rec into
account.

Maybe no memory corruptions were seen before because the buffer size
allocated in a previous call to mdd_declare_changelog_store() was
covering the need. But audit will add more information in changelog
records, provoking memory corruptions without this fix.

Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Id0a06c412b54c0ae12c15d53f3e166e3e5d9ed68
Reviewed-on: https://review.whamcloud.com/30014
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Henri Doreau <henri.doreau@cea.fr>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Reviewed-by: Faccini Bruno <bruno.faccini@intel.com>
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
---
 lustre/mdd/mdd_dir.c      |  4 +---
 lustre/mdd/mdd_internal.h |  3 +++
 lustre/mdd/mdd_object.c   | 14 ++++++++------
 3 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/lustre/mdd/mdd_dir.c b/lustre/mdd/mdd_dir.c
index 1d1538d..a2b6fca 100644
--- a/lustre/mdd/mdd_dir.c
+++ b/lustre/mdd/mdd_dir.c
@@ -736,8 +736,6 @@ static int mdd_llog_record_calc_size(const struct lu_env *env,
 {
 	const struct lu_ucred	*uc = lu_ucred(env);
 	enum changelog_rec_flags crf = 0;
-	size_t			 hdr_size = sizeof(struct llog_changelog_rec) -
-					    sizeof(struct changelog_rec);
 
 	if (sname != NULL)
 		crf |= CLF_RENAME;
@@ -745,7 +743,7 @@ static int mdd_llog_record_calc_size(const struct lu_env *env,
 	if (uc != NULL && uc->uc_jobid[0] != '\0')
 		crf |= CLF_JOBID;
 
-	return llog_data_len(hdr_size + changelog_rec_offset(crf) +
+	return llog_data_len(LLOG_CHANGELOG_HDR_SZ + changelog_rec_offset(crf) +
 			     (tname != NULL ? tname->ln_namelen : 0) +
 			     (sname != NULL ? 1 + sname->ln_namelen : 0));
 }
diff --git a/lustre/mdd/mdd_internal.h b/lustre/mdd/mdd_internal.h
index 7d1d8e6..966c67d 100644
--- a/lustre/mdd/mdd_internal.h
+++ b/lustre/mdd/mdd_internal.h
@@ -61,6 +61,9 @@
 /** some changelog records purged */
 #define CLM_PURGE 0x40000
 
+#define LLOG_CHANGELOG_HDR_SZ (sizeof(struct llog_changelog_rec) - \
+			       sizeof(struct changelog_rec))
+
 struct mdd_changelog {
 	spinlock_t		mc_lock;	/* for index */
 	int			mc_flags;
diff --git a/lustre/mdd/mdd_object.c b/lustre/mdd/mdd_object.c
index 0fa360d..482f8e6 100644
--- a/lustre/mdd/mdd_object.c
+++ b/lustre/mdd/mdd_object.c
@@ -639,22 +639,24 @@ static int mdd_changelog_data_store_by_fid(const struct lu_env *env,
 				    const struct lu_fid *fid,
 				    struct thandle *handle)
 {
-	const struct lu_ucred           *uc = lu_ucred(env);
-	struct llog_changelog_rec	*rec;
-	struct lu_buf			*buf;
-	int				 reclen;
-	int				 rc;
+	const struct lu_ucred *uc = lu_ucred(env);
+	struct llog_changelog_rec *rec;
+	struct lu_buf *buf;
+	int reclen;
+	int rc;
 
 	flags = (flags & CLF_FLAGMASK) | CLF_VERSION;
 	if (uc != NULL && uc->uc_jobid[0] != '\0')
 		flags |= CLF_JOBID;
 
-	reclen = llog_data_len(changelog_rec_offset(flags & CLF_SUPPORTED));
+	reclen = llog_data_len(LLOG_CHANGELOG_HDR_SZ +
+			       changelog_rec_offset(flags & CLF_SUPPORTED));
 	buf = lu_buf_check_and_alloc(&mdd_env_info(env)->mti_big_buf, reclen);
 	if (buf->lb_buf == NULL)
 		RETURN(-ENOMEM);
 	rec = buf->lb_buf;
 
+	rec->cr_hdr.lrh_len = reclen;
 	rec->cr.cr_flags = flags;
 	rec->cr.cr_type = (__u32)type;
 	rec->cr.cr_tfid = *fid;
-- 
1.8.3.1