LU-10220 mdd: fix buf alloc in mdd_changelog_data_store_by_fid

Fix allocation of mti_big_buf by call to lu_buf_check_and_alloc()
in mdd_changelog_data_store_by_fid().
reclen must take the header size of struct llog_changelog_rec into
account.

Maybe no memory corruptions were seen before because the buffer size
allocated in a previous call to mdd_declare_changelog_store() was
covering the need. But audit will add more information in changelog
records, provoking memory corruptions without this fix.

Lustre-change: https://review.whamcloud.com/30014
Lustre-commit: f173f93032c62bd1f95330f331d3d93ce5a31598

Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Id0a06c412b54c0ae12c15d53f3e166e3e5d9ed68
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: Henri Doreau <henri.doreau@cea.fr>
Reviewed-by: Fan Yong <fan.yong@intel.com>
Reviewed-by: Faccini Bruno <bruno.faccini@intel.com>
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Signed-off-by: Minh Diep <minh.diep@intel.com>
Reviewed-on: https://review.whamcloud.com/30356
Tested-by: Jenkins
Tested-by: Maloo <hpdd-maloo@intel.com>
Reviewed-by: John L. Hammond <john.hammond@intel.com>

diff --git a/lustre/mdd/mdd_dir.c b/lustre/mdd/mdd_dir.c
index b0120ab..d259c0e 100644 (file)
--- a/lustre/mdd/mdd_dir.c
+++ b/lustre/mdd/mdd_dir.c
@@ -736,8 +736,6 @@ static int mdd_llog_record_calc_size(const struct lu_env *env,
 {
        const struct lu_ucred   *uc = lu_ucred(env);
        enum changelog_rec_flags crf = 0;
-       size_t                   hdr_size = sizeof(struct llog_changelog_rec) -
-                                           sizeof(struct changelog_rec);
 
        if (sname != NULL)
                crf |= CLF_RENAME;
@@ -745,7 +743,7 @@ static int mdd_llog_record_calc_size(const struct lu_env *env,
        if (uc != NULL && uc->uc_jobid[0] != '\0')
                crf |= CLF_JOBID;
 
-       return llog_data_len(hdr_size + changelog_rec_offset(crf) +
+       return llog_data_len(LLOG_CHANGELOG_HDR_SZ + changelog_rec_offset(crf) +
                             (tname != NULL ? tname->ln_namelen : 0) +
                             (sname != NULL ? 1 + sname->ln_namelen : 0));
 }

diff --git a/lustre/mdd/mdd_internal.h b/lustre/mdd/mdd_internal.h
index 2588436..7470b34 100644 (file)
--- a/lustre/mdd/mdd_internal.h
+++ b/lustre/mdd/mdd_internal.h
@@ -61,6 +61,9 @@
 /** some changelog records purged */
 #define CLM_PURGE 0x40000
 
+#define LLOG_CHANGELOG_HDR_SZ (sizeof(struct llog_changelog_rec) - \
+                              sizeof(struct changelog_rec))
+
 struct mdd_changelog {
        spinlock_t              mc_lock;        /* for index */
        int                     mc_flags;

diff --git a/lustre/mdd/mdd_object.c b/lustre/mdd/mdd_object.c
index b6f4d4b..88069ca 100644 (file)
--- a/lustre/mdd/mdd_object.c
+++ b/lustre/mdd/mdd_object.c
@@ -640,22 +640,24 @@ static int mdd_changelog_data_store_by_fid(const struct lu_env *env,
                                    const struct lu_fid *fid,
                                    struct thandle *handle)
 {
-       const struct lu_ucred           *uc = lu_ucred(env);
-       struct llog_changelog_rec       *rec;
-       struct lu_buf                   *buf;
-       int                              reclen;
-       int                              rc;
+       const struct lu_ucred *uc = lu_ucred(env);
+       struct llog_changelog_rec *rec;
+       struct lu_buf *buf;
+       int reclen;
+       int rc;
 
        flags = (flags & CLF_FLAGMASK) | CLF_VERSION;
        if (uc != NULL && uc->uc_jobid[0] != '\0')
                flags |= CLF_JOBID;
 
-       reclen = llog_data_len(changelog_rec_offset(flags & CLF_SUPPORTED));
+       reclen = llog_data_len(LLOG_CHANGELOG_HDR_SZ +
+                              changelog_rec_offset(flags & CLF_SUPPORTED));
        buf = lu_buf_check_and_alloc(&mdd_env_info(env)->mti_big_buf, reclen);
        if (buf->lb_buf == NULL)
                RETURN(-ENOMEM);
        rec = buf->lb_buf;
 
+       rec->cr_hdr.lrh_len = reclen;
        rec->cr.cr_flags = flags;
        rec->cr.cr_type = (__u32)type;
        rec->cr.cr_tfid = *fid;