d/numam-spdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
708ed4fb6e
numam-spdk/lib/nvmf/ctrlr_discovery.c
Seth Howell 20b35d769d nvmf: don't keep a global discovery log page. 
Keeping a global discovery log page was meant to be a time saving
mechanism, but in the current implementation, it doesn't work properly,
and can cause undesirable behavior and potential crashes. There are two
main problems with keeping a global log page.

1. Admin qpairs can be assigned to any SPDK thread. This means that when
multiple initiators connect to the host and request the discovery log,
they can both be running through the spdk_nvmf_ctrlr_get_log_page
function at the same time. In the event that the discovery generation
counter is incremented while these accesses are occurring, it can cause
one or both of the threads to update the log at the same time. This
results in both logs trying to free the old log page (double free) and
set their log as the new one (possible memory leak).

2. The second problem is that each host is supposed to get a unique
discovery log based on the subsystems to which they have access.
Currently the code relies on whether the discovery log page offset in
the request is equal to 0 to determine if it should load a new discovery
log page or use the cached one. This is inherently faulty because it
relies on initiator provided value to determine what information to
provide from the log page. An initiator could easily send a discovery
request with an offset greater than 0 on purpose to procure most of a
log page provided to another host.

Overall, I think it's safest to not cache the log page at all anymore
and rely on a thread local fresh log page each time.

Reported-by: Curt Bruns <curt.e.bruns@intel.com>

Change-Id: Ib048e26f139927d888fed7019e0deec346359582
Signed-off-by: Seth Howell <seth.howell@intel.com>
Reviewed-on: https://review.gerrithub.io/c/spdk/spdk/+/466839
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Changpeng Liu <changpeng.liu@intel.com>
Reviewed-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
2019-09-03 00:30:59 +00:00

161 lines
5.0 KiB
C
Raw Blame History

/*-
* BSD LICENSE
*
* Copyright (c) Intel Corporation.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* * Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* * Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
* * Neither the name of Intel Corporation nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
* NVMe over Fabrics discovery service
*/
#include "spdk/stdinc.h"
#include "nvmf_internal.h"
#include "transport.h"
#include "spdk/event.h"
#include "spdk/string.h"
#include "spdk/trace.h"
#include "spdk/nvmf_spec.h"
#include "spdk/bdev_module.h"
#include "spdk_internal/log.h"
static struct spdk_nvmf_discovery_log_page *
nvmf_generate_discovery_log(struct spdk_nvmf_tgt *tgt, const char *hostnqn, size_t *log_page_size)
{
uint64_t numrec = 0;
struct spdk_nvmf_subsystem *subsystem;
struct spdk_nvmf_listener *listener;
struct spdk_nvmf_discovery_log_page_entry *entry;
struct spdk_nvmf_discovery_log_page *disc_log;
size_t cur_size;
uint32_t sid;
SPDK_DEBUGLOG(SPDK_LOG_NVMF, "Generating log page for genctr %" PRIu64 "\n",
tgt->discovery_genctr);
cur_size = sizeof(struct spdk_nvmf_discovery_log_page);
disc_log = calloc(1, cur_size);
if (disc_log == NULL) {
SPDK_ERRLOG("Discovery log page memory allocation error\n");
return NULL;
}
for (sid = 0; sid < tgt->max_subsystems; sid++) {
subsystem = tgt->subsystems[sid];
if ((subsystem == NULL) ||
(subsystem->state == SPDK_NVMF_SUBSYSTEM_INACTIVE) ||
(subsystem->state == SPDK_NVMF_SUBSYSTEM_DEACTIVATING)) {
continue;
}
if (subsystem->subtype == SPDK_NVMF_SUBTYPE_DISCOVERY) {
continue;
}
if (!spdk_nvmf_subsystem_host_allowed(subsystem, hostnqn)) {
continue;
}
for (listener = spdk_nvmf_subsystem_get_first_listener(subsystem); listener != NULL;
listener = spdk_nvmf_subsystem_get_next_listener(subsystem, listener)) {
size_t new_size = cur_size + sizeof(*entry);
void *new_log_page = realloc(disc_log, new_size);
if (new_log_page == NULL) {
SPDK_ERRLOG("Discovery log page memory allocation error\n");
break;
}
disc_log = new_log_page;
cur_size = new_size;
entry = &disc_log->entries[numrec];
memset(entry, 0, sizeof(*entry));
entry->portid = numrec;
entry->cntlid = 0xffff;
entry->asqsz = listener->transport->opts.max_aq_depth;
entry->subtype = subsystem->subtype;
snprintf(entry->subnqn, sizeof(entry->subnqn), "%s", subsystem->subnqn);
spdk_nvmf_transport_listener_discover(listener->transport, &listener->trid, entry);
numrec++;
}
}
disc_log->numrec = numrec;
disc_log->genctr = tgt->discovery_genctr;
*log_page_size = cur_size;
return disc_log;
}
void
spdk_nvmf_get_discovery_log_page(struct spdk_nvmf_tgt *tgt, const char *hostnqn, struct iovec *iov,
uint32_t iovcnt, uint64_t offset, uint32_t length)
{
size_t copy_len = 0;
size_t zero_len = 0;
struct iovec *tmp;
size_t log_page_size = 0;
struct spdk_nvmf_discovery_log_page *discovery_log_page;
discovery_log_page = nvmf_generate_discovery_log(tgt, hostnqn, &log_page_size);
/* Copy the valid part of the discovery log page, if any */
if (discovery_log_page) {
for (tmp = iov; tmp < iov + iovcnt; tmp++) {
copy_len = spdk_min(tmp->iov_len, length);
copy_len = spdk_min(log_page_size - offset, copy_len);
memcpy(tmp->iov_base, (char *)discovery_log_page + offset, copy_len);
offset += copy_len;
length -= copy_len;
zero_len = tmp->iov_len - copy_len;
if (log_page_size <= offset || length == 0) {
break;
}
}
/* Zero out the rest of the payload */
if (zero_len) {
memset((char *)tmp->iov_base + copy_len, 0, zero_len);
}
for (++tmp; tmp < iov + iovcnt; tmp++) {
memset((char *)tmp->iov_base, 0, tmp->iov_len);
}
free(discovery_log_page);
}
}
Reference in New Issue View Git Blame Copy Permalink