mpathpersist scsi3 pgr broken
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
multipath-tools (Ubuntu) |
Fix Released
|
Undecided
|
Mitchell Dzurick | ||
Jammy |
Fix Released
|
Undecided
|
Mitchell Dzurick | ||
Lunar |
Fix Released
|
Undecided
|
Mitchell Dzurick | ||
Mantic |
Fix Released
|
Undecided
|
Mitchell Dzurick |
Bug Description
[Impact]
The command ordering between libmpathpersist and multipathd is not using the correct keyword for commands. The result is when attempting to use mpathpersist a "Missing argument" is displayed and the command can not be executed properly.
This is a regression caused by a CVE fix in release 0.8.8-1ubuntu1.
https:/
A patch from upstream fixes this by handling different command ordering: https:/
[Test Plan]
The autopkgtest provide sufficient testing to spot for regressions, specifically tgtbasedmpaths does a full set-up and stress test of the multipath on local iscsi targets. Therefore, the targeted test here will be for mpathpersist and ensuring the command ordering is working, on-top of that, ensuring the multipath-tools package upgrades in-place without any problems.
1. Set up a VM
2. Login to VM, and install required packages
# apt install -y lsscsi multipath-tools open-iscsi tgt
// If testing new PPA add that here
# add-apt-repository -y ppa:mitchdz/
3. Setup targets to test against
```
targetname=
cwd=$(pwd)
testdir=
localhost=
portal=
maxpaths=4
backfn=
expectwwid=
testdisk=
### Setup mpath devices
# Restart tgtd to make sure modules are all loaded
service tgt restart || echo "Failed to restart tgt" >&2
# prep SINGLE test file
truncate --size 100M ${backfn}
# create target
tgtadm --lld iscsi --op new --mode target --tid 1 -T "${targetname}"
# allow all to bind the target
tgtadm --lld iscsi --op bind --mode target --tid 1 -I ALL
# set backing file
tgtadm --lld iscsi --op new --mode logicalunit --tid 1 --lun 1 -b "${cwd}/${backfn}"
# scan for targets (locally)
iscsiadm --mode discovery --type sendtargets --portal ${localhost}
# login
echo "login #1"
iscsiadm --mode node --targetname "${targetname}" --portal ${portal} --login
# duplicate this session (always 1)
for i in $(seq 2 ${maxpaths})
do
echo "extra login #${i}"
iscsiadm --mode session -r 1 --op new
done
udevadm settle
sleep 5 # sleep a bit to allow device to be created.
# status summary
echo "Status after initial setup"
tgtadm --lld iscsi --mode target --op show
tgtadm --lld iscsi --op show --mode conn --tid 1
iscsiadm --mode session -P 1
lsscsi -liv
multipath -v3 -ll
dmsetup table
echo "Test WWN should now point to DM"
readlink "${testdisk}" | grep dm
```
4. test mpathpersist usage
// Current (failing) case
# dpkg -l multipath-tools | awk '/^ii/ {print $3}'
0.8.8-1ubuntu1.
# mpathpersist -v2 --out --register-ignore --param-
184.785211 | mpatha: adding new path sdd
184.786687 | mpatha: adding new path sda
184.788045 | mpatha: adding new path sdc
184.789458 | mpatha: adding new path sdb
184.790255 | mpatha: pr message=map mpatha setprstatus
184.790521 | mpatha: message=map mpatha setprstatus reply=map mpatha setprstatus: Missing argument
....
// Fixed case
# dpkg -l multipath-tools | awk '/^ii/ {print $3}'
0.8.8-1ubuntu1.
# mpathpersist -v2 --out --register-ignore --param-
299.345497 | mpatha: adding new path sdd
299.347042 | mpatha: adding new path sdb
299.348504 | mpatha: adding new path sdc
299.349918 | mpatha: adding new path sda
299.350760 | mpatha: pr message=setprstatus map mpatha
299.351526 | mpatha: message=setprstatus map mpatha reply=ok
5. Test in-place upgrade
# dpkg -l multipath-tools | awk '/^ii/ {print $3}'
0.8.8-1ubuntu1.
# multipath -ll
mpatha (36000000000000
size=100M features='0' hwhandler='0' wp=rw
|-+- policy=
| `- 9:0:0:1 sdd 8:48 active ready running
|-+- policy=
| `- 6:0:0:1 sda 8:0 active ready running
|-+- policy=
| `- 7:0:0:1 sdb 8:16 active ready running
`-+- policy=
`- 8:0:0:1 sdc 8:32 active ready running
# sudo apt install multipath-
# dpkg -l multipath-tools | awk '/^ii/ {print $3}'
0.8.8-1ubuntu1.
# multipath -ll
mpatha (36000000000000
size=100M features='0' hwhandler='0' wp=rw
|-+- policy=
| `- 9:0:0:1 sdd 8:48 active ready running
|-+- policy=
| `- 6:0:0:1 sda 8:0 active ready running
|-+- policy=
| `- 7:0:0:1 sdb 8:16 active ready running
`-+- policy=
`- 8:0:0:1 sdc 8:32 active ready running
[Where things can go wrong]
- The applied patch is relatively small and handles different command ordering. A potential issue I foresee is other occurences of a mismatch between the libaries.
Related branches
- git-ubuntu bot: Approve
- Simon Chopin (community): Approve
- Lena Voytek (community): Approve
- Canonical Server Core Reviewers: Pending requested
- Canonical Server Reporter: Pending requested
-
Diff: 2784 lines (+2377/-31)17 files modifieddebian/changelog (+2105/-0)
debian/control (+10/-1)
debian/initramfs/hooks/multipath (+22/-2)
debian/initramfs/scripts/init-top/multipath (+18/-2)
debian/initramfs/scripts/local-bottom/multipath (+24/-22)
debian/initramfs/scripts/local-premount/multipath (+30/-0)
debian/kpartx-boot.install (+1/-0)
debian/kpartx-boot.postinst (+34/-0)
debian/kpartx-boot.postrm (+45/-0)
debian/kpartx-initramfs/hooks/kpartx (+22/-0)
debian/multipath-tools.dm-mpath-lvm.udev (+26/-0)
debian/multipath-tools.install (+1/-0)
debian/multipath-udeb.install (+1/-0)
debian/multipath.conf (+3/-0)
debian/patches/enable-find-multipaths.patch (+17/-0)
debian/patches/series (+1/-0)
debian/rules (+17/-4)
- Athos Ribeiro (community): Abstain
- Bryce Harrington (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 134 lines (+85/-3)5 files modifieddebian/changelog (+10/-0)
debian/multipath-tools.maintscript (+1/-0)
debian/patches/0018-libmpathpersist-fix-command-keyword-ordering.patch (+73/-0)
debian/patches/series (+1/-0)
debian/rules (+0/-3)
- Bryce Harrington (community): Approve
- Athos Ribeiro: Pending requested
- Canonical Server Reporter: Pending requested
-
Diff: 137 lines (+88/-3)5 files modifieddebian/changelog (+13/-0)
debian/multipath-tools.maintscript (+1/-0)
debian/patches/0018-libmpathpersist-fix-command-keyword-ordering.patch (+73/-0)
debian/patches/series (+1/-0)
debian/rules (+0/-3)
CVE References
description: | updated |
description: | updated |
description: | updated |
description: | updated |
tags: |
added: verification-done verification-done-lunar removed: verification-doneverification-done-lunar |
Hi Arnaud, thanks for taking the time to report this bug.
I don't have an easy way to reproduce it locally, but it seems like you have everything set up to verify and confirm the possible fix. Would you be able to test the following PPA and see if the package in it fixes the bug?
https:/ /launchpad. net/~sergiodj/ +archive/ ubuntu/ multipath- tools
If it works, then we can proceed with the SRU process.
Thanks.