mirror of
				https://git.proxmox.com/git/mirror_zfs.git
				synced 2025-10-25 01:14:59 +03:00 
			
		
		
		
	Fix integer overflow of ZTOI(zp)->i_generation
The ZFS on-disk format stores each inode's generation ID as a 64 bit number on disk and in-core. However, the Linux kernel's inode is only a 32 bit number. In most places, the code handles this correctly, but the cast is missing in zfs_rezget(). For many pools, this isn't an issue since the generation ID is computed as the current txg when the inode is created and many pools don't have more than 2^32 txgs. For the pools that have more txgs, this issue causes any inode with a high enough generation number to report IO errors after a call to "zfs rollback" while holding the file or directory open. This patch simply adds the missing cast. Reviewed-by: Alek Pinchuk <apinchuk@datto.com> Reviewed-by: George Melikov <mail@gmelikov.ru> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Tom Caputi <tcaputi@datto.com> Closes #8858
This commit is contained in:
		
							parent
							
								
									8e91c5ba6a
								
							
						
					
					
						commit
						3ce85b5e60
					
				| @ -1253,7 +1253,7 @@ zfs_rezget(znode_t *zp) | ||||
| 	ZFS_TIME_DECODE(&ZTOI(zp)->i_mtime, mtime); | ||||
| 	ZFS_TIME_DECODE(&ZTOI(zp)->i_ctime, ctime); | ||||
| 
 | ||||
| 	if (gen != ZTOI(zp)->i_generation) { | ||||
| 	if ((uint32_t)gen != ZTOI(zp)->i_generation) { | ||||
| 		zfs_znode_dmu_fini(zp); | ||||
| 		zfs_znode_hold_exit(zfsvfs, zh); | ||||
| 		return (SET_ERROR(EIO)); | ||||
|  | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 Tom Caputi
						Tom Caputi