diff --git a/lustre/include/obd_support.h b/lustre/include/obd_support.h
index 350a4e2ca1c5b2a775770eb78c42f881dc5f89d6..2189aef36982eb84b6a378c784ac4b48df98f0e8 100644
--- a/lustre/include/obd_support.h
+++ b/lustre/include/obd_support.h
@@ -576,7 +576,7 @@ do { \
#define OBD_SLAB_FREE_PTR(ptr, slab) \
OBD_SLAB_FREE((ptr), (slab), sizeof *(ptr))
-#define KEY_IS(str) (keylen >= strlen(key) && strcmp(key, str) == 0)
+#define KEY_IS(str) (keylen >= strlen(str) && strcmp(key, str) == 0)
#if defined(__linux__)
#include <linux/obd_support.h>
diff --git a/lustre/lov/lov_obd.c b/lustre/lov/lov_obd.c
index 65f99e1199ec5f76f57e2532fd39a051c47b3e52..c6c7832e4890c6e80396b2cec337ca12b3d682e2 100644
--- a/lustre/lov/lov_obd.c
+++ b/lustre/lov/lov_obd.c
@@ -2362,7 +2362,7 @@ static int lov_get_info(struct obd_export *exp, __u32 keylen,
GOTO(out, rc = -ENXIO);
} else if (KEY_IS("last_id")) {
obd_id *ids = val;
- int size = sizeof(obd_id);
+ unsigned int size = sizeof(obd_id);
for (i = 0; i < lov->desc.ld_tgt_count; i++) {
if (!lov->lov_tgts[i] || !lov->lov_tgts[i]->ltd_active)
continue;
diff --git a/lustre/mds/handler.c b/lustre/mds/handler.c
index 2964f7356ac52f9f0cc51f8e946f8907e0909f00..b313b0f503572f815a5fd0d56c11be6e50cddbbb 100644
--- a/lustre/mds/handler.c
+++ b/lustre/mds/handler.c
@@ -1330,9 +1330,8 @@ static char *reint_names[] = {
static int mds_set_info_rpc(struct obd_export *exp, struct ptlrpc_request *req)
{
- char *key;
- __u32 *val;
- int keylen, rc = 0;
+ void *key, *val;
+ int keylen, vallen, rc = 0;
ENTRY;
key = lustre_msg_buf(req->rq_reqmsg, REQ_REC_OFF, 1);
@@ -1342,25 +1341,27 @@ static int mds_set_info_rpc(struct obd_export *exp, struct ptlrpc_request *req)
}
keylen = lustre_msg_buflen(req->rq_reqmsg, REQ_REC_OFF);
- val = lustre_msg_buf(req->rq_reqmsg, REQ_REC_OFF + 1, sizeof(*val));
- if (val == NULL) {
- DEBUG_REQ(D_HA, req, "no set_info val");
- RETURN(-EFAULT);
- }
+ val = lustre_msg_buf(req->rq_reqmsg, REQ_REC_OFF + 1, 0);
+ vallen = lustre_msg_buflen(req->rq_reqmsg, REQ_REC_OFF + 1);
rc = lustre_pack_reply(req, 1, NULL, NULL);
if (rc)
RETURN(rc);
lustre_msg_set_status(req->rq_repmsg, 0);
- if (keylen < strlen("read-only") ||
- memcmp(key, "read-only", keylen) != 0)
- RETURN(-EINVAL);
+ if (KEY_IS("read-only")) {
+ if (val == NULL || vallen < sizeof(__u32)) {
+ DEBUG_REQ(D_HA, req, "no set_info val");
+ RETURN(-EFAULT);
+ }
- if (*val)
- exp->exp_connect_flags |= OBD_CONNECT_RDONLY;
- else
- exp->exp_connect_flags &= ~OBD_CONNECT_RDONLY;
+ if (*(__u32 *)val)
+ exp->exp_connect_flags |= OBD_CONNECT_RDONLY;
+ else
+ exp->exp_connect_flags &= ~OBD_CONNECT_RDONLY;
+ } else {
+ RETURN(-EINVAL);
+ }
RETURN(0);
}
diff --git a/lustre/obdfilter/filter.c b/lustre/obdfilter/filter.c
index ac4363a1fab68968b2de52697dc9c396c16ffd07..ad639a392c50996bb4d87dd2dd7e7e57a5e52525 100644
--- a/lustre/obdfilter/filter.c
+++ b/lustre/obdfilter/filter.c
@@ -3465,28 +3465,40 @@ static int filter_get_info(struct obd_export *exp, __u32 keylen,
RETURN(-EINVAL);
}
- if (keylen == strlen("blocksize") &&
- memcmp(key, "blocksize", keylen) == 0) {
+ if (KEY_IS("blocksize")) {
__u32 *blocksize = val;
+ if (blocksize) {
+ if (*vallen < sizeof(*blocksize))
+ RETURN(-EOVERFLOW);
+ *blocksize = obd->u.obt.obt_sb->s_blocksize;
+ }
*vallen = sizeof(*blocksize);
- *blocksize = obd->u.obt.obt_sb->s_blocksize;
RETURN(0);
}
- if (keylen == strlen("blocksize_bits") &&
- memcmp(key, "blocksize_bits", keylen) == 0) {
+ if (KEY_IS("blocksize_bits")) {
__u32 *blocksize_bits = val;
+ if (blocksize_bits) {
+ if (*vallen < sizeof(*blocksize_bits))
+ RETURN(-EOVERFLOW);
+ *blocksize_bits = obd->u.obt.obt_sb->s_blocksize_bits;
+ }
*vallen = sizeof(*blocksize_bits);
- *blocksize_bits = obd->u.obt.obt_sb->s_blocksize_bits;
RETURN(0);
}
- if (keylen >= strlen("last_id") && memcmp(key, "last_id", 7) == 0) {
+ if (KEY_IS("last_id")) {
obd_id *last_id = val;
/* FIXME: object groups */
- *last_id = filter_last_id(&obd->u.filter, 0);
+ if (last_id) {
+ if (*vallen < sizeof(*last_id))
+ RETURN(-EOVERFLOW);
+ *last_id = filter_last_id(&obd->u.filter, 0);
+ }
+ *vallen = sizeof(*last_id);
RETURN(0);
}
+
CDEBUG(D_IOCTL, "invalid key\n");
RETURN(-EINVAL);
}
@@ -3506,8 +3518,7 @@ static int filter_set_info_async(struct obd_export *exp, __u32 keylen,
RETURN(-EINVAL);
}
- if (keylen < strlen(KEY_MDS_CONN) ||
- memcmp(key, KEY_MDS_CONN, keylen) != 0)
+ if (!KEY_IS(KEY_MDS_CONN))
RETURN(-EINVAL);
LCONSOLE_WARN("%s: received MDS connection from %s\n", obd->obd_name,
diff --git a/lustre/osc/osc_request.c b/lustre/osc/osc_request.c
index 25e265651c79912c55f54df1f67c53a8a1720782..9e6fec39c6fb2f3ca5fa2194edec93a15d4e8d74 100644
--- a/lustre/osc/osc_request.c
+++ b/lustre/osc/osc_request.c
@@ -3256,13 +3256,12 @@ static int osc_get_info(struct obd_export *exp, obd_count keylen,
if (!vallen || !val)
RETURN(-EFAULT);
- if (keylen > strlen("lock_to_stripe") &&
- strcmp(key, "lock_to_stripe") == 0) {
+ if (KEY_IS("lock_to_stripe")) {
__u32 *stripe = val;
*vallen = sizeof(*stripe);
*stripe = 0;
RETURN(0);
- } else if (keylen >= strlen("last_id") && strcmp(key, "last_id") == 0) {
+ } else if (KEY_IS("last_id")) {
struct ptlrpc_request *req;
obd_id *reply;
char *bufs[2] = { NULL, key };
diff --git a/lustre/ost/ost_handler.c b/lustre/ost/ost_handler.c
index ee9d24a34e5c692e6f6894e34e0e5c534f8826dd..2495bf6d94aa143574c0dd28583186299caaa2ea 100644
--- a/lustre/ost/ost_handler.c
+++ b/lustre/ost/ost_handler.c
@@ -1260,10 +1260,9 @@ out:
static int ost_get_info(struct obd_export *exp, struct ptlrpc_request *req)
{
- char *key;
+ void *key, *reply;
int keylen, rc = 0;
- int size[2] = { sizeof(struct ptlrpc_body), sizeof(obd_id) };
- obd_id *reply;
+ int size[2] = { sizeof(struct ptlrpc_body), 0 };
ENTRY;
key = lustre_msg_buf(req->rq_reqmsg, REQ_REC_OFF, 1);
@@ -1273,16 +1272,20 @@ static int ost_get_info(struct obd_export *exp, struct ptlrpc_request *req)
}
keylen = lustre_msg_buflen(req->rq_reqmsg, REQ_REC_OFF);
- if (keylen < strlen("last_id") || memcmp(key, "last_id", 7) != 0)
- RETURN(-EPROTO);
+ /* call once to get the size to allocate the reply buffer */
+ rc = obd_get_info(exp, keylen, key, &size[1], NULL);
+ if (rc)
+ RETURN(rc);
rc = lustre_pack_reply(req, 2, size, NULL);
if (rc)
RETURN(rc);
reply = lustre_msg_buf(req->rq_repmsg, REPLY_REC_OFF, sizeof(*reply));
+ /* call again to fill in the reply buffer */
rc = obd_get_info(exp, keylen, key, size, reply);
lustre_msg_set_status(req->rq_repmsg, 0);
+
RETURN(rc);
}