c/mirror_zfs
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_zfs.git synced 2026-05-23 19:04:45 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
b8addf92216a358d3936092f88bb916c64ce3e20
mirror_zfs/module/zfs
T
History
Gality b8addf9221 dmu_direct: avoid UAF in dmu_write_direct_done() 
dmu_write_direct_done() passes dmu_sync_arg_t to
dmu_sync_done(), which updates the override state and
frees the completion context. The Direct I/O error path
then still dereferences dsa->dsa_tx while rolling the
dirty record back with dbuf_undirty(), resulting in a
use-after-free.

Save dsa->dsa_tx in a local variable before calling
dmu_sync_done() and use that saved tx for the error
rollback. This preserves the existing ownership model
for dsa and does not change the Direct I/O write
semantics.

Reviewed-by: Brian Atkinson <batkinson@lanl.gov>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Co-authored-by: gality369 <gality369@example.com>
Signed-off-by: ZhengYuan Huang <gality369@gmail.com>
Closes #18440
2026-04-27 10:57:52 -07:00
..
abd.c
Preserve LIFO ordering of kmap ops in abd_raidz_gen_iterate()
2025-12-10 10:21:29 -08:00
aggsum.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
arc.c
ARC: Increase parallel eviction batching
2026-02-05 13:48:30 -08:00
blake3_zfs.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
blkptr.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
bplist.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
bpobj.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
bptree.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
bqueue.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
brt.c
Add BRT support to zpool prefetch command
2025-11-12 13:07:09 -08:00
btree.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
dataset_kstats.c
CI: Test & fix Linux ZFS built-in build
2026-02-19 11:14:37 -08:00
dbuf_stats.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
dbuf.c
Prevent range tree corruption race by updating dnode_sync()
2026-04-27 10:57:52 -07:00
ddt_log.c
CI: Test & fix Linux ZFS built-in build
2026-02-19 11:14:37 -08:00
ddt_stats.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
ddt_zap.c
DDT: Fix compressed entry buffer size
2026-02-05 13:48:31 -08:00
ddt.c
CI: Test & fix Linux ZFS built-in build
2026-02-19 11:14:37 -08:00
dmu_diff.c
Allow physical rewrite without logical
2025-08-06 10:36:07 -07:00
dmu_direct.c
dmu_direct: avoid UAF in dmu_write_direct_done()
2026-04-27 10:57:52 -07:00
dmu_object.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
dmu_objset.c
Fix snapshot automount expiry cancellation deadlock
2025-12-10 10:21:29 -08:00
dmu_recv.c
Fix activating large_microzap on receive
2026-02-17 11:54:58 -08:00
dmu_redact.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
dmu_send.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
dmu_traverse.c
Allow physical rewrite without logical
2025-08-06 10:36:07 -07:00
dmu_tx.c
Improve caching for dbuf prefetches
2026-02-17 11:54:58 -08:00
dmu_zfetch.c
Wire O_DIRECT also to Uncached I/O (#17218)
2025-05-13 14:26:55 -07:00
dmu.c
Add BRT support to zpool prefetch command
2025-11-12 13:07:09 -08:00
dnode_sync.c
Prevent range tree corruption race by updating dnode_sync()
2026-04-27 10:57:52 -07:00
dnode.c
Prevent range tree corruption race by updating dnode_sync()
2026-04-27 10:57:52 -07:00
dsl_bookmark.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
dsl_crypt.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
dsl_dataset.c
Reduce dataset buffers re-dirtying
2026-02-05 13:48:30 -08:00
dsl_deadlist.c
Fix missed assertion update in physical rewrite patch
2025-08-13 15:56:25 -04:00
dsl_deleg.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
dsl_destroy.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
dsl_dir.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
dsl_pool.c
Prefer VERIFY0P(n) over VERIFY(n == NULL)
2025-08-07 11:41:37 -07:00
dsl_prop.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
dsl_scan.c
Use reduced precision for scan times
2026-02-05 13:48:31 -08:00
dsl_synctask.c
dmu_tx_assign: make all VERIFY0 calls use DMU_TX_SUSPEND
2025-05-28 10:28:59 -07:00
dsl_userhold.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
edonr_zfs.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
fm.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
gzip.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
hkdf.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
lz4_zfs.c
SPDX: license tags: BSD-2-Clause
2025-03-13 17:56:46 -07:00
lz4.c
SPDX: license tags: BSD-2-Clause
2025-03-13 17:56:46 -07:00
lzjb.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
metaslab.c
Fix available space accounting for special/dedup (#18222)
2026-02-19 11:14:37 -08:00
mmp.c
mmp: claim sequence id before final import
2026-02-10 17:01:29 -08:00
multilist.c
Allow vmem_alloc backed multilists
2025-08-12 13:36:03 -07:00
objlist.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
pathname.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
range_tree.c
range_tree: use zfs_panic_recover() for partial-overlap remove
2026-04-27 10:57:52 -07:00
refcount.c
Implement allocation size ranges and use for gang leaves (#17111)
2025-05-02 15:32:18 -07:00
rrwlock.c
Prefer VERIFY0P(n) over VERIFY(n == NULL)
2025-08-07 11:41:37 -07:00
sa.c
Lock db_mtx around arc_release() in couple places
2026-02-05 13:48:31 -08:00
sha2_zfs.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
skein_zfs.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
spa_checkpoint.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
spa_config.c
spa_misc: add an API for spa_namespace_lock
2025-11-12 13:06:54 -08:00
spa_errlog.c
fix memleak in spa_errlog.c
2026-04-23 15:02:10 -07:00
spa_history.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
spa_log_spacemap.c
Fix available space accounting for special/dedup (#18222)
2026-02-19 11:14:37 -08:00
spa_misc.c
draid: fix data corruption after disk clear
2026-04-23 14:54:23 -07:00
spa_stats.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
spa.c
Fix deadlock on dmu_tx_assign() from vdev_rebuild()
2026-04-23 14:54:14 -07:00
space_map.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
space_reftree.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
THIRDPARTYLICENSE.cityhash
OpenZFS 8484 - Implement aggregate sum and use for arc counters
2018-06-06 09:35:59 -07:00
THIRDPARTYLICENSE.cityhash.descrip
OpenZFS 8484 - Implement aggregate sum and use for arc counters
2018-06-06 09:35:59 -07:00
txg.c
txg_wait_synced_flags: add TXG_WAIT_SUSPEND flag to not wait if pool suspended
2025-05-28 10:27:46 -07:00
uberblock.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
unique.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_draid_rand.c
SPDX: license tags: LicenseRef-OpenZFS-ThirdParty-PublicDomain
2025-03-13 17:57:31 -07:00
vdev_draid.c
draid: fix cksum errors after rebuild with degraded disks
2026-04-23 15:00:46 -07:00
vdev_file.c
Enable zhack to work properly with 4k sector size disks
2025-09-10 15:01:32 -07:00
vdev_indirect_births.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
vdev_indirect_mapping.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
vdev_indirect.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
vdev_initialize.c
spa_misc: add an API for spa_namespace_lock
2025-11-12 13:06:54 -08:00
vdev_label.c
mmp: claim sequence id before final import
2026-02-10 17:01:29 -08:00
vdev_mirror.c
draid: fix cksum errors after rebuild with degraded disks
2026-04-23 15:00:46 -07:00
vdev_missing.c
Implement allocation size ranges and use for gang leaves (#17111)
2025-05-02 15:32:18 -07:00
vdev_queue.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
vdev_raidz_math_aarch64_neon_common.h
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_aarch64_neon.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_aarch64_neonx2.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_avx2.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_avx512bw.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_avx512f.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_impl.h
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_powerpc_altivec_common.h
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_powerpc_altivec.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_scalar.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_sse2.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math_ssse3.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
vdev_raidz_math.c
tunables: don't assert initialisation in impl getters
2025-05-28 16:50:22 -07:00
vdev_raidz.c
draid: fix cksum errors after rebuild with degraded disks
2026-04-23 15:00:46 -07:00
vdev_rebuild.c
draid: fix data corruption after disk clear
2026-04-23 14:54:23 -07:00
vdev_removal.c
spa_misc: add an API for spa_namespace_lock
2025-11-12 13:06:54 -08:00
vdev_root.c
Implement allocation size ranges and use for gang leaves (#17111)
2025-05-02 15:32:18 -07:00
vdev_trim.c
spa_misc: add an API for spa_namespace_lock
2025-11-12 13:06:54 -08:00
vdev.c
draid: fix data corruption after disk clear
2026-04-23 14:54:23 -07:00
zap_leaf.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zap_micro.c
DDT: Add/use zap_lookup_length_uint64_by_dnode()
2026-02-05 13:48:31 -08:00
zap.c
DDT: Add/use zap_lookup_length_uint64_by_dnode()
2026-02-05 13:48:31 -08:00
zcp_get.c
zcp: get_prop: fix encryptionroot and encryption
2025-05-27 20:04:37 -04:00
zcp_global.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zcp_iter.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zcp_set.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zcp_synctask.c
zcp_synctask: add zfs.sync.clone()
2025-06-10 14:53:10 -07:00
zcp.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
zfeature.c
Synchronize the update of feature refcount
2025-09-09 17:03:27 -07:00
zfs_byteswap.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zfs_chksum.c
chksum: run 256K benchmark on demand, preserve chksum_stat_data
2025-12-10 10:21:29 -08:00
zfs_crrd.c
Fix time database update calculations
2025-09-15 12:43:34 -07:00
zfs_debug_common.c
nvlist: Add nvlist_snprintf() and zfs_dbgmsg_nvlist()
2025-04-18 09:22:16 -04:00
zfs_fm.c
Fix snapshot automount expiry cancellation deadlock
2025-12-10 10:21:29 -08:00
zfs_fuid.c
Pass flags to more DMU write/hold functions
2025-11-12 13:04:58 -08:00
zfs_impl.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zfs_ioctl.c
Fix s_active leak in zfsvfs_hold() when z_unmounted is true
2026-04-23 15:02:14 -07:00
zfs_log.c
ZIL: pass commit errors back to ITX callbacks
2025-08-08 16:43:20 -07:00
zfs_onexit.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zfs_quota.c
Bypass snprintf() in quota checks if no quotas set
2026-02-05 13:48:31 -08:00
zfs_ratelimit.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zfs_replay.c
dmu_tx: rename dmu_tx_assign() flags from TXG_* to DMU_TX_* (#17143)
2025-03-18 16:04:22 -07:00
zfs_rlock.c
Prefer VERIFY0(n) over VERIFY3U(n, ==, 0)
2025-08-07 11:41:25 -07:00
zfs_sa.c
ZIL: allow zil_commit() to fail with error
2025-08-08 16:43:09 -07:00
zfs_vnops.c
ZIL: allow zil_commit() to fail with error
2025-08-08 16:43:09 -07:00
zfs_znode.c
Add default user/group/project quota properties
2025-04-03 10:35:22 -07:00
zil.c
ZIL: Make allocations more flexible
2025-08-14 08:50:17 -07:00
zio_checksum.c
Prefer VERIFY0(n) over VERIFY(n == 0)
2025-08-07 11:40:59 -07:00
zio_compress.c
CI: Test & fix Linux ZFS built-in build
2026-02-19 11:14:37 -08:00
zio_inject.c
spa_misc: add an API for spa_namespace_lock
2025-11-12 13:06:54 -08:00
zio.c
draid: fix cksum errors after rebuild with degraded disks
2026-04-23 15:00:46 -07:00
zle.c
SPDX: license tags: CDDL-1.0
2025-03-13 17:56:27 -07:00
zrlock.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
zthr.c
Prefer VERIFY0P(n) over VERIFY3P(n, ==, NULL)
2025-08-07 11:41:42 -07:00
zvol.c
spa_misc: add an API for spa_namespace_lock
2025-11-12 13:06:54 -08:00