mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2026-05-22 10:37:35 +03:00
Preserve itx alloc size for zio_data_buf_free()
Using zio_data_buf_alloc() to allocate the itx's may be unsafe because the itx->itx_lr.lrc_reclen field is not constant from allocation to free. Using a different itx->itx_lr.lrc_reclen size in zio_data_buf_free() can result in the allocation being returned to the wrong kmem cache. This issue can be avoided entirely by storing the allocation size in itx->itx_size and using that for zio_data_buf_free(). Reviewed by: Prakash Surya <prakash.surya@delphix.com> Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov> Closes #6912
This commit is contained in:
Brian Behlendorf
committed by
Tony Hutter
Tony Hutter
parent
6db8f1a0d1
commit
4a98780933
@@ -394,6 +394,7 @@ typedef struct itx {
|
||||
uint8_t itx_sync; /* synchronous transaction */
|
||||
zil_callback_t itx_callback; /* Called when the itx is persistent */
|
||||
void *itx_callback_data; /* User data for the callback */
|
||||
size_t itx_size; /* allocated itx structure size */
|
||||
uint64_t itx_oid; /* object id */
|
||||
lr_t itx_lr; /* common part of log record */
|
||||
/* followed by type-specific part of lr_xx_t and its immediate data */
|
||||
|
||||
Reference in New Issue
Block a user