linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Lars Ellenberg <lars.ellenberg@linbit.com>
To: Jens Axboe <axboe@kernel.dk>,
	linux-kernel@vger.kernel.org, linux-block@vger.kernel.org
Cc: drbd-dev@lists.linbit.com
Subject: [PATCH 05/17] drbd: disconnect, if the wrong UUIDs are attached on a connected peer
Date: Thu, 20 Dec 2018 17:23:32 +0100	[thread overview]
Message-ID: <20181220162344.8430-6-lars.ellenberg@linbit.com> (raw)
In-Reply-To: <20181220162344.8430-1-lars.ellenberg@linbit.com>

With "on-no-data-accessible suspend-io", DRBD requires the next attach
or connect to be to the very same data generation uuid tag it lost last.

If we first lost connection to the peer,
then later lost connection to our own disk,
we would usually refuse to re-connect to the peer,
because it presents the wrong data set.

However, if the peer first connects without a disk,
and then attached its disk, we accepted that same wrong data set,
which would be "unexpected" by any user of that DRBD
and cause "undefined results" (read: very likely data corruption).

The fix is to forcefully disconnect as soon as we notice that the peer
attached to the "wrong" dataset.

Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
---
 drivers/block/drbd/drbd_receiver.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/block/drbd/drbd_receiver.c b/drivers/block/drbd/drbd_receiver.c
index fbf30fe45862..0a9f3c65f70a 100644
--- a/drivers/block/drbd/drbd_receiver.c
+++ b/drivers/block/drbd/drbd_receiver.c
@@ -4170,7 +4170,7 @@ static int receive_uuids(struct drbd_connection *connection, struct packet_info
 	kfree(device->p_uuid);
 	device->p_uuid = p_uuid;
 
-	if (device->state.conn < C_CONNECTED &&
+	if ((device->state.conn < C_CONNECTED || device->state.pdsk == D_DISKLESS) &&
 	    device->state.disk < D_INCONSISTENT &&
 	    device->state.role == R_PRIMARY &&
 	    (device->ed_uuid & ~((u64)1)) != (p_uuid[UI_CURRENT] & ~((u64)1))) {
-- 
2.17.1

next prev parent reply	other threads:[~2018-12-20 16:34 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-12-20 16:23 [PATCH 00/17] DRBD updates for 4.21 Lars Ellenberg
2018-12-20 16:23 ` [PATCH 01/17] drbd: narrow rcu_read_lock in drbd_sync_handshake Lars Ellenberg
2018-12-20 16:23 ` [PATCH 02/17] drbd: must not use connection after kref_put(&connection->kref) Lars Ellenberg
2018-12-20 16:23 ` [PATCH 03/17] drbd: centralize printk reporting of new size into drbd_set_my_capacity() Lars Ellenberg
2018-12-20 16:23 ` [PATCH 04/17] drbd: ignore "all zero" peer volume sizes in handshake Lars Ellenberg
2018-12-20 16:23 ` Lars Ellenberg [this message]
2018-12-20 16:23 ` [PATCH 06/17] drbd: fix confusing error message during attach Lars Ellenberg
2018-12-20 16:23 ` [PATCH 07/17] drbd: attach on connected diskless peer must not shrink a consistent device Lars Ellenberg
2018-12-20 16:23 ` [PATCH 08/17] drbd: reject attach of unsuitable uuids even if connected Lars Ellenberg
2018-12-20 16:23 ` [PATCH 09/17] drbd: fix comment typos Lars Ellenberg
2018-12-20 16:23 ` [PATCH 10/17] drbd: do not block when adjusting "disk-options" while IO is frozen Lars Ellenberg
2018-12-20 16:23 ` [PATCH 11/17] drbd: avoid spurious self-outdating with concurrent disconnect / down Lars Ellenberg
2018-12-20 16:23 ` [PATCH 12/17] drbd: fix print_st_err()'s prototype to match the definition Lars Ellenberg
2018-12-20 16:23 ` [PATCH 13/17] drbd: don't retry connection if peers do not agree on "authentication" settings Lars Ellenberg
2018-12-20 16:23 ` [PATCH 14/17] drbd: skip spurious timeout (ping-timeo) when failing promote Lars Ellenberg
2018-12-20 16:23 ` [PATCH 15/17] drbd: introduce P_ZEROES (REQ_OP_WRITE_ZEROES on the "wire") Lars Ellenberg
2018-12-20 16:23 ` [PATCH 16/17] drbd: Avoid Clang warning about pointless switch statment Lars Ellenberg
2018-12-20 16:23 ` [PATCH 17/17] drbd: Change drbd_request_detach_interruptible's return type to int Lars Ellenberg
2018-12-20 16:27 ` [PATCH 00/17] DRBD updates for 4.21 Jens Axboe

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:fbf30fe4586 dfblob:0a9f3c65f70
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20181220162344.8430-6-lars.ellenberg@linbit.com \
    --to=lars.ellenberg@linbit.com \
    --cc=axboe@kernel.dk \
    --cc=drbd-dev@lists.linbit.com \
    --cc=linux-block@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).