mirror of
https://git.proxmox.com/git/mirror_zfs.git
synced 2024-11-17 10:01:01 +03:00
67629d0f08
A rounding discrepancy exists between how sa_build_layouts() and
sa_find_sizes() calculate when the spill block needs to be kicked in.
This results in a narrow size range where sa_build_layouts() believes
there must be a spill block allocated but due to the discrepancy there
isn't. A panic then occurs when the hdl->sa_spill NULL pointer is
dereferenced.
The following reproducer for this bug was isolated:
truncate -s 128m /tmp/tank
zpool create tank /tmp/tank
zfs create -o xattr=sa tank/fish
ln -s `perl -e 'print "z" x 41'` /tank/fish/z
setfattr -hn trusted.foo -v`perl -e 'print "z"x45'` /tank/fish/z
This test results in roughly the following system attribute (SA)
layout:
176 bytes - "standard" SA's
41 bytes - name of symbolic link target
100 bytes - XDR encoded nvlist for xattr
---
317 bytes - total
Because 317 is less than DN_MAX_BONUSLEN (320), sa_find_sizes()
decides no spill block is needed. But sa_build_layouts() rounds 41 up
to 48 when computing the space requirements so it tries to switch to
the spill block.
Note that we were only able to reproduce this bug using a combination
of symbolic links and the Linux-specific xattr=sa dataset property.
So while this issue is not technically Linux-specific, it may be
difficult or impossible to hit the narrow size range needed to
reproduce it on other platforms.
To fix the discrepancy, round the running total in sa_find_sizes() up
to an 8-byte boundary before accounting for each SA, since this is how
they will be stored in the bonus and (possibly) spill buffers.
To make the intent of the code more clear, explicitly assert key
assumptions about expected alignment of data and whether spill-over
will occur.
Signed-off-by: Matthew Ahrens <mahrens@delphix.com
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #1240
|
||
|---|---|---|
| cmd | ||
| config | ||
| dracut | ||
| etc | ||
| include | ||
| lib | ||
| man | ||
| module | ||
| patches | ||
| scripts | ||
| udev | ||
| .gitignore | ||
| AUTHORS | ||
| autogen.sh | ||
| configure.ac | ||
| copy-builtin | ||
| COPYING | ||
| COPYRIGHT | ||
| DISCLAIMER | ||
| dkms.conf.in | ||
| dkms.postinst | ||
| Makefile.am | ||
| META | ||
| OPENSOLARIS.LICENSE | ||
| PKGBUILD-zfs-modules.in | ||
| PKGBUILD-zfs.in | ||
| README.markdown | ||
| zfs-modules.spec.in | ||
| zfs-script-config.sh.in | ||
| ZFS.RELEASE | ||
| zfs.release.in | ||
| zfs.spec.in | ||
Native ZFS for Linux! ZFS is an advanced file system and volume manager which was originally developed for Solaris. It has been successfully ported to FreeBSD and now there is a functional Linux ZFS kernel port too. The port currently includes a fully functional and stable SPA, DMU, and ZVOL with a ZFS Posix Layer (ZPL) on the way!
$ ./configure
$ make pkg
To copy the kernel code inside your kernel source tree for builtin compilation:
$ ./configure --enable-linux-builtin --with-linux=/usr/src/linux-...
$ ./copy-builtin /usr/src/linux-...
Full documentation for building, configuring, and using ZFS can be found at: http://zfsonlinux.org