mirror_zfs/module/zfs
James Pan 472e7c6085 sa_find_sizes() may compute wrong SA header size
Under the right conditions sa_find_sizes() will compute an incorrect
size of the system attribute (SA) header.  This causes a failed assertion
when the SA_HDR_SIZE_MATCH_LAYOUT() test returns false, and may lead
to corruption of SA data.

The bug presents itself when there are more than two variable-length SAs
of just the right size to fit in the bonus buffer of a dnode.  The
existing logic fails to account for the SA header space needed to store
the sizes of all the variable-length SAs.

A reproducer was possible on Linux by setting the xattr=sa dataset
property and storing xattrs on symbolic links (Issue #1648).  Note the
corrupt link target name:

$ zfs set xattr=sa tank/fish
$ cd /tank/fish
$ ln -fs 12345678901234567 link
$ setfattr -n trusted.0000000000000000000 -v 0x000000000000000000000000 -h link
$ setfattr -n trusted.1111111111111111111 -v 0x000000000000000000000000 -h link
$ ls -l link
lrwxrwxrwx 1 root root 17 Dec  6 15:40 link -> 90123456701234567

Commit 6a7c0ccca4 worked around this bug
by forcing xattr's on symlinks to be stored in directory format.  This
change implements a proper fix, so the workaround can now be reverted.

The reference link below contains a reproducer for FreeBSD.

References:
  http://lists.open-zfs.org/pipermail/developer/2013-November/000306.html

Ported-by: Ned Bass <bass6@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1890
2013-12-10 09:48:15 -08:00
..
arc.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
bplist.c Illumos #3464 2013-09-04 16:01:24 -07:00
bpobj.c Illumos #3603, #3604: bobj improvements 2013-10-31 14:57:51 -07:00
bptree.c 26126 panic system rather than corrupting pool if we hit bug 26100 2013-11-05 13:18:26 -08:00
dbuf_stats.c Add visibility in to cached dbufs 2013-10-25 13:59:40 -07:00
dbuf.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
ddt_zap.c Add ddt_object_count() error handling 2012-10-29 08:57:45 -07:00
ddt.c Illumos #3598 2013-10-31 14:58:04 -07:00
dmu_diff.c Illumos #3598 2013-10-31 14:58:04 -07:00
dmu_object.c Illumos #3598 2013-10-31 14:58:04 -07:00
dmu_objset.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dmu_send.c Illumos #4047 2013-11-05 12:23:35 -08:00
dmu_traverse.c Reduce stack for traverse_visitbp() recursion 2013-11-14 14:28:12 -08:00
dmu_tx.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dmu_zfetch.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dmu.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dnode_sync.c Illumos #3742 2013-11-04 10:55:25 -08:00
dnode.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dsl_dataset.c Switch allocations from KM_SLEEP to KM_PUSHPAGE 2013-11-05 12:26:14 -08:00
dsl_deadlist.c Illumos #3104: eliminate empty bpobjs 2013-01-08 10:35:43 -08:00
dsl_deleg.c Illumos #3598 2013-10-31 14:58:04 -07:00
dsl_destroy.c Illumos #4047 2013-11-05 12:23:35 -08:00
dsl_dir.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dsl_pool.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dsl_prop.c Illumos #3742 2013-11-04 10:55:25 -08:00
dsl_scan.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
dsl_synctask.c Illumos #3598 2013-10-31 14:58:04 -07:00
dsl_userhold.c Some nvlist allocations in hold processing need to use KM_PUSHPAGE. 2013-12-02 14:02:46 -08:00
fm.c Condition variable usage, zevent_cv 2012-10-15 16:01:54 -07:00
gzip.c Fix zmod.h usage in userspace 2010-08-31 08:38:46 -07:00
lz4.c Linux 3.11 compat: Rename LZ4 symbols 2013-10-22 10:12:39 -07:00
lzjb.c Illumos #3522 2013-10-30 14:51:27 -07:00
Makefile.in Add visibility in to cached dbufs 2013-10-25 13:59:40 -07:00
metaslab.c Illumos #4168, #4169, #4170 2013-11-05 12:25:44 -08:00
refcount.c Illumos #3464 2013-09-04 16:01:24 -07:00
rrwlock.c Fix several new KM_SLEEP warnings 2013-09-25 15:44:22 -07:00
sa.c sa_find_sizes() may compute wrong SA header size 2013-12-10 09:48:15 -08:00
sha256.c Add linux sha2 support 2010-08-31 13:41:59 -07:00
spa_boot.c Add linux kernel module support 2010-08-31 13:41:58 -07:00
spa_config.c Illumos #3956, #3957, #3958, #3959, #3960, #3961, #3962 2013-11-05 12:23:05 -08:00
spa_errlog.c Illumos #3743 2013-11-04 10:55:25 -08:00
spa_history.c Illumos #3598 2013-10-31 14:58:04 -07:00
spa_misc.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
spa_stats.c Illumos #3537 2013-10-31 09:16:03 -07:00
spa.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
space_map.c Illumos #3464 2013-09-04 16:01:24 -07:00
txg.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
uberblock.c Illumos #3598 2013-10-31 14:58:04 -07:00
unique.c Switch KM_SLEEP to KM_PUSHPAGE 2012-08-27 12:01:37 -07:00
vdev_cache.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
vdev_disk.c Illumos #3598 2013-10-31 14:58:04 -07:00
vdev_file.c Illumos #3949, #3950, #3952, #3953 2013-11-05 12:17:07 -08:00
vdev_label.c Illumos #3956, #3957, #3958, #3959, #3960, #3961, #3962 2013-11-05 12:23:05 -08:00
vdev_mirror.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
vdev_missing.c Illumos #3598 2013-10-31 14:58:04 -07:00
vdev_queue.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
vdev_raidz.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
vdev_root.c Illumos #3598 2013-10-31 14:58:04 -07:00
vdev.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
zap_leaf.c Illumos #3598 2013-10-31 14:58:04 -07:00
zap_micro.c Illumos #3598 2013-10-31 14:58:04 -07:00
zap.c Illumos #3743 2013-11-04 10:55:25 -08:00
zfeature_common.c Illumos #3035 LZ4 compression support in ZFS and GRUB 2013-01-29 09:28:20 -08:00
zfeature.c Illumos #3598 2013-10-31 14:58:04 -07:00
zfs_acl.c Illumos #3742 2013-11-04 10:55:25 -08:00
zfs_byteswap.c Add linux kernel module support 2010-08-31 13:41:58 -07:00
zfs_ctldir.c Handle concurrent snapshot automounts failing due to EBUSY. 2013-11-08 10:45:14 -08:00
zfs_debug.c 26126 panic system rather than corrupting pool if we hit bug 26100 2013-11-05 13:18:26 -08:00
zfs_dir.c Illumos #4347 ZPL can use dmu_tx_assign(TXG_WAIT) 2013-12-06 09:30:51 -08:00
zfs_fm.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
zfs_fuid.c Illumos #3522 2013-10-30 14:51:27 -07:00
zfs_ioctl.c Add module versioning 2013-12-06 09:34:41 -08:00
zfs_log.c Only commit the ZIL once in zpl_writepages() (msync() case). 2013-11-23 15:08:29 -08:00
zfs_onexit.c Illumos #3598 2013-10-31 14:58:04 -07:00
zfs_replay.c Illumos #3598 2013-10-31 14:58:04 -07:00
zfs_rlock.c Illumos #3742 2013-11-04 10:55:25 -08:00
zfs_sa.c Illumos #3742 2013-11-04 10:55:25 -08:00
zfs_vfsops.c Remove incorrect ASSERT in zfs_sb_teardown() 2013-12-02 15:58:58 -08:00
zfs_vnops.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
zfs_znode.c Illumos #4347 ZPL can use dmu_tx_assign(TXG_WAIT) 2013-12-06 09:30:51 -08:00
zil.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
zio_checksum.c Illumos #3598 2013-10-31 14:58:04 -07:00
zio_compress.c Illumos #3598 2013-10-31 14:58:04 -07:00
zio_inject.c Illumos #3598 2013-10-31 14:58:04 -07:00
zio.c Illumos #4045 write throttle & i/o scheduler performance work 2013-12-06 09:32:43 -08:00
zle.c Update core ZFS code from build 121 to build 141. 2010-05-28 13:45:14 -07:00
zpl_ctldir.c Fix 'zfs diff' shares error 2013-12-06 09:42:39 -08:00
zpl_export.c Implement .commit_metadata hook for NFS export 2012-10-03 10:49:45 -07:00
zpl_file.c Only commit the ZIL once in zpl_writepages() (msync() case). 2013-11-23 15:08:29 -08:00
zpl_inode.c Fixes (extends) support for selinux xattrs to more inode types 2013-11-14 14:28:35 -08:00
zpl_super.c Honor CONFIG_FS_POSIX_ACL kernel option 2013-11-05 16:22:05 -08:00
zpl_xattr.c Honor CONFIG_FS_POSIX_ACL kernel option 2013-11-05 16:22:05 -08:00
zrlock.c Export ZFS symbols needed by Lustre. 2010-09-17 16:24:15 -07:00
zvol.c Illumos #3236 2013-11-05 12:14:21 -08:00