[dm-devel] [PATCH 0/4] Fix segfault on access to mpp->hwe
mwilck at suse.com
mwilck at suse.com
Mon Jul 13 11:07:39 UTC 2020
From: Martin Wilck <mwilck at suse.com>
This is in response to Lixiaokeng's post
"master - libmultipath: fix use after free when iscsi logs in".
On top of Lixiaokeng's patch, I've added some log messages and
a fix for mpp->hwe handling in sync_paths().
The question remains how we handle maps without paths. I believe we're good
here, please review my assessment.
mpp->hwe is only accessed in propsel.c, via the mp_set_hwe() macro. Patch 3 of
my series adds an error message if this happens while mpp->hwe is NULL. IMO it
shouldn't happen because we don't check map properties for empty
maps. Normally this is done when a map is created, and we don't create maps
without paths.
The case where a map looses all paths during its normal lifetime and
can't be removed (e.g. because it's busy) is already covered by the
current code AFAICT. When a new path is re-added, we'll call adopt_paths
and verify_paths(), which will make sure that mpp->hwe is set again
to the pp->hwe member of the newly added path.
Reviews and comments welcome.
Regards
Martin
Martin Wilck (3):
libmultipath: warn if freeing path that holds mpp->hwe
libmultipath: warn about NULL value of mpp->hwe
libmultipath: fix mpp->hwe handling in sync_paths()
lixiaokeng (1):
master - libmultipath: fix use after free when iscsi logs in
libmultipath/propsel.c | 4 +++-
libmultipath/structs_vec.c | 9 +++++++++
2 files changed, 12 insertions(+), 1 deletion(-)
--
2.26.2
More information about the dm-devel
mailing list