Author: mav
Date: Sat Oct 3 11:38:10 2015
New Revision: 288596
URL: https://svnweb.freebsd.org/changeset/base/288596
Log:
MFC r287706 (by delphij):
6214 zpools going south
In r286570 (MFV of r277426) an unprotected write to b_flags to
set the compression mode was introduced. This would open a race
window where data is partially decompressed, modified, checksummed
and written to the pool, resulting in pool corruption due to the
partial decompression.
Prevent this by reintroducing b_compress
illumos/illumos-gate@d4cd038c92c36fd0ae35945831a8fc2975b5272c
Illumos issues:
6214 zpools going south
https://www.illumos.org/issues/6214
Modified:
stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c
stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/arc.h
Directory Properties:
stable/10/ (props changed)
Modified: stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c
==============================================================================
--- stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c Sat Oct
3 11:37:00 2015 (r288595)
+++ stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c Sat Oct
3 11:38:10 2015 (r288596)
@@ -851,6 +851,7 @@ typedef struct l2arc_buf_hdr {
uint64_t b_daddr; /* disk address, offset byte */
/* real alloc'd buffer size depending on b_compress applied */
int32_t b_asize;
+ uint8_t b_compress;
list_node_t b_l2node;
} l2arc_buf_hdr_t;
@@ -930,15 +931,6 @@ static arc_buf_hdr_t arc_eviction_hdr;
#define HDR_HAS_L1HDR(hdr) ((hdr)->b_flags & ARC_FLAG_HAS_L1HDR)
#define HDR_HAS_L2HDR(hdr) ((hdr)->b_flags & ARC_FLAG_HAS_L2HDR)
-/* For storing compression mode in b_flags */
-#define HDR_COMPRESS_OFFSET 24
-#define HDR_COMPRESS_NBITS 7
-
-#define HDR_GET_COMPRESS(hdr) ((enum
zio_compress)BF32_GET(hdr->b_flags, \
- HDR_COMPRESS_OFFSET, HDR_COMPRESS_NBITS))
-#define HDR_SET_COMPRESS(hdr, cmp) BF32_SET(hdr->b_flags, \
- HDR_COMPRESS_OFFSET, HDR_COMPRESS_NBITS, (cmp))
-
/*
* Other sizes
*/
@@ -2229,7 +2221,7 @@ arc_buf_l2_cdata_free(arc_buf_hdr_t *hdr
* separately compressed buffer, so there's nothing to free (it
* points to the same buffer as the arc_buf_t's b_data field).
*/
- if (HDR_GET_COMPRESS(hdr) == ZIO_COMPRESS_OFF) {
+ if (hdr->b_l2hdr.b_compress == ZIO_COMPRESS_OFF) {
hdr->b_l1hdr.b_tmp_cdata = NULL;
return;
}
@@ -2238,12 +2230,12 @@ arc_buf_l2_cdata_free(arc_buf_hdr_t *hdr
* There's nothing to free since the buffer was all zero's and
* compressed to a zero length buffer.
*/
- if (HDR_GET_COMPRESS(hdr) == ZIO_COMPRESS_EMPTY) {
+ if (hdr->b_l2hdr.b_compress == ZIO_COMPRESS_EMPTY) {
ASSERT3P(hdr->b_l1hdr.b_tmp_cdata, ==, NULL);
return;
}
- ASSERT(L2ARC_IS_VALID_COMPRESS(HDR_GET_COMPRESS(hdr)));
+ ASSERT(L2ARC_IS_VALID_COMPRESS(hdr->b_l2hdr.b_compress));
arc_buf_free_on_write(hdr->b_l1hdr.b_tmp_cdata,
hdr->b_size, zio_data_buf_free);
@@ -4467,7 +4459,7 @@ top:
(vd = hdr->b_l2hdr.b_dev->l2ad_vdev) != NULL) {
devw = hdr->b_l2hdr.b_dev->l2ad_writing;
addr = hdr->b_l2hdr.b_daddr;
- b_compress = HDR_GET_COMPRESS(hdr);
+ b_compress = hdr->b_l2hdr.b_compress;
b_asize = hdr->b_l2hdr.b_asize;
/*
* Lock out device removal.
@@ -6028,6 +6020,8 @@ l2arc_read_done(zio_t *zio)
if (cb->l2rcb_compress != ZIO_COMPRESS_OFF)
l2arc_decompress_zio(zio, hdr, cb->l2rcb_compress);
ASSERT(zio->io_data != NULL);
+ ASSERT3U(zio->io_size, ==, hdr->b_size);
+ ASSERT3U(BP_GET_LSIZE(&cb->l2rcb_bp), ==, hdr->b_size);
/*
* Check this survived the L2ARC journey.
@@ -6064,7 +6058,7 @@ l2arc_read_done(zio_t *zio)
ASSERT(!pio || pio->io_child_type == ZIO_CHILD_LOGICAL);
zio_nowait(zio_read(pio, cb->l2rcb_spa, &cb->l2rcb_bp,
- buf->b_data, zio->io_size, arc_read_done, buf,
+ buf->b_data, hdr->b_size, arc_read_done, buf,
zio->io_priority, cb->l2rcb_flags, &cb->l2rcb_zb));
}
}
@@ -6381,7 +6375,7 @@ l2arc_write_buffers(spa_t *spa, l2arc_de
* can't access without holding the ARC list locks
* (which we want to avoid during compression/writing).
*/
- HDR_SET_COMPRESS(hdr, ZIO_COMPRESS_OFF);
+ hdr->b_l2hdr.b_compress = ZIO_COMPRESS_OFF;
hdr->b_l2hdr.b_asize = hdr->b_size;
hdr->b_l1hdr.b_tmp_cdata = hdr->b_l1hdr.b_buf->b_data;
@@ -6583,7 +6577,7 @@ l2arc_compress_buf(arc_buf_hdr_t *hdr)
l2arc_buf_hdr_t *l2hdr = &hdr->b_l2hdr;
ASSERT(HDR_HAS_L1HDR(hdr));
- ASSERT(HDR_GET_COMPRESS(hdr) == ZIO_COMPRESS_OFF);
+ ASSERT3S(l2hdr->b_compress, ==, ZIO_COMPRESS_OFF);
ASSERT(hdr->b_l1hdr.b_tmp_cdata != NULL);
len = l2hdr->b_asize;
@@ -6595,7 +6589,7 @@ l2arc_compress_buf(arc_buf_hdr_t *hdr)
if (csize == 0) {
/* zero block, indicate that there's nothing to write */
zio_data_buf_free(cdata, len);
- HDR_SET_COMPRESS(hdr, ZIO_COMPRESS_EMPTY);
+ l2hdr->b_compress = ZIO_COMPRESS_EMPTY;
l2hdr->b_asize = 0;
hdr->b_l1hdr.b_tmp_cdata = NULL;
ARCSTAT_BUMP(arcstat_l2_compress_zeros);
@@ -6613,7 +6607,7 @@ l2arc_compress_buf(arc_buf_hdr_t *hdr)
bzero((char *)cdata + csize, rounded - csize);
csize = rounded;
}
- HDR_SET_COMPRESS(hdr, ZIO_COMPRESS_LZ4);
+ l2hdr->b_compress = ZIO_COMPRESS_LZ4;
l2hdr->b_asize = csize;
hdr->b_l1hdr.b_tmp_cdata = cdata;
ARCSTAT_BUMP(arcstat_l2_compress_successes);
@@ -6700,7 +6694,8 @@ l2arc_decompress_zio(zio_t *zio, arc_buf
static void
l2arc_release_cdata_buf(arc_buf_hdr_t *hdr)
{
- enum zio_compress comp = HDR_GET_COMPRESS(hdr);
+ ASSERT(HDR_HAS_L2HDR(hdr));
+ enum zio_compress comp = hdr->b_l2hdr.b_compress;
ASSERT(HDR_HAS_L1HDR(hdr));
ASSERT(comp == ZIO_COMPRESS_OFF || L2ARC_IS_VALID_COMPRESS(comp));
Modified: stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/arc.h
==============================================================================
--- stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/arc.h Sat Oct
3 11:37:00 2015 (r288595)
+++ stable/10/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/sys/arc.h Sat Oct
3 11:38:10 2015 (r288596)
@@ -88,21 +88,6 @@ typedef enum arc_flags
/* Flags specifying whether optional hdr struct fields are defined */
ARC_FLAG_HAS_L1HDR = 1 << 19,
ARC_FLAG_HAS_L2HDR = 1 << 20,
-
-
- /*
- * The arc buffer's compression mode is stored in the top 7 bits of the
- * flags field, so these dummy flags are included so that MDB can
- * interpret the enum properly.
- */
- ARC_FLAG_COMPRESS_0 = 1 << 24,
- ARC_FLAG_COMPRESS_1 = 1 << 25,
- ARC_FLAG_COMPRESS_2 = 1 << 26,
- ARC_FLAG_COMPRESS_3 = 1 << 27,
- ARC_FLAG_COMPRESS_4 = 1 << 28,
- ARC_FLAG_COMPRESS_5 = 1 << 29,
- ARC_FLAG_COMPRESS_6 = 1 << 30
-
} arc_flags_t;
struct arc_buf {
_______________________________________________
svn-src-stable-10@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-stable-10
To unsubscribe, send any mail to "svn-src-stable-10-unsubscr...@freebsd.org"
