Set file mode during zfs_write #11576
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes openzfs#11474
ghost
added
the
|
If you can come up with a test case we can incorporate in ZTS great, but I'd like to see this merged either way. |
behlendorf
approved these changes
Feb 8, 2021
There was a problem hiding this comment.
The fix here looks good, thanks for running this one down. I agree it'd be nice to have a ZTS test for this, but I don't think it needs to hold up merging this since the fix is straightforward. I think the only somewhat subtle thing is that it is import that ip->i_mode also be updated but that will be handled in zfs_inode_update() a little latter in the function.
behlendorf
added
Status: Accepted
behlendorf
pushed a commit
that referenced
this pull request
Feb 8, 2021
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes #11474 Closes #11576
freebsd-git
pushed a commit
to freebsd/freebsd-src
that referenced
this pull request
Feb 9, 2021
Apply openzfs/zfs#11576 Direct commit from upstream openzfs. Full commit message below: Set file mode during zfs_write 3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes #11474 Closes #11576 Obtained from: openzfs/zfs@f8ce8aed0 MFC after: 0 days Sponsored by: iXsystems, Inc.
freebsd-git
pushed a commit
to freebsd/freebsd-src
that referenced
this pull request
Feb 9, 2021
Apply openzfs/zfs#11576 Direct commit from upstream openzfs. Full commit message below: Set file mode during zfs_write 3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes #11474 Closes #11576 Obtained from: openzfs/zfs@f8ce8aed0 MFC after: 0 days Sponsored by: iXsystems, Inc. (cherry picked from commit e9d419a)
uqs
pushed a commit
to freebsd/freebsd-ports
that referenced
this pull request
Feb 9, 2021
See openzfs/zfs#11576 for details. Reviewed by: wg Approved by: wg (ports) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D28554 git-svn-id: svn+ssh://svn.freebsd.org/ports/head@564796 35697150-7ecd-e111-bb59-0022644237b5
uqs
pushed a commit
to freebsd/freebsd-ports
that referenced
this pull request
Feb 9, 2021
See openzfs/zfs#11576 for details. Reviewed by: wg Approved by: wg (ports) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D28554
uqs
pushed a commit
to freebsd/freebsd-ports
that referenced
this pull request
Feb 9, 2021
sysutils/openzfs*: Bump to fix mode issue in zfs_write See openzfs/zfs#11576 for details. Approved by: portmgr (blanket, security/stability) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D28554
freebsd-git
pushed a commit
to freebsd/freebsd-src
that referenced
this pull request
Feb 9, 2021
Apply openzfs/zfs#11576 Direct commit from upstream openzfs. Full commit message below: Set file mode during zfs_write 3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes #11474 Closes #11576 Approved by: re (gdb) Obtained from: openzfs/zfs@f8ce8aed0 Sponsored by: iXsystems, Inc. (cherry picked from commit e9d419a) (cherry picked from commit 618dee6)
Jehops
pushed a commit
to Jehops/freebsd-ports-legacy
that referenced
this pull request
Feb 9, 2021
See openzfs/zfs#11576 for details. Reviewed by: wg Approved by: wg (ports) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D28554 git-svn-id: svn+ssh://svn.freebsd.org/ports/head@564796 35697150-7ecd-e111-bb59-0022644237b5
|
If I read this right the problem may have resulted in files with garbage mode hitting storage. Does 'scrub' or whatever other method scan and fix them? I presume some files might have received accidentally correct but unintended mode and that may be impossible to detect, but the rest should be fixable? |
dch
pushed a commit
to skunkwerks/ports
that referenced
this pull request
Feb 10, 2021
See openzfs/zfs#11576 for details. Reviewed by: wg Approved by: wg (ports) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D28554
10 tasks
jsai20
pushed a commit
to jsai20/zfs
that referenced
this pull request
Mar 30, 2021
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes openzfs#11474 Closes openzfs#11576
uqs
pushed a commit
to freebsd/freebsd-ports
that referenced
this pull request
Apr 1, 2021
sysutils/openzfs*: Bump to fix mode issue in zfs_write See openzfs/zfs#11576 for details. Approved by: portmgr (blanket, security/stability) Sponsored by: iXsystems, Inc. Differential Revision: https://reviews.freebsd.org/D28554
sempervictus
pushed a commit
to sempervictus/zfs
that referenced
this pull request
May 31, 2021
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes openzfs#11474 Closes openzfs#11576
brooksdavis
pushed a commit
to CTSRD-CHERI/cheribsd
that referenced
this pull request
Oct 27, 2021
Apply openzfs/zfs#11576 Direct commit from upstream openzfs. Full commit message below: Set file mode during zfs_write 3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update. 3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function). The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode. Reviewed-by: Ryan Moeller <ryan@ixsystems.com> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Antonio Russo <aerusso@aerusso.net> Closes #11474 Closes #11576 Obtained from: openzfs/zfs@f8ce8aed0 MFC after: 0 days Sponsored by: iXsystems, Inc.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Motivation and Context
3d40b65 refactored zfs_vnops.c, which shared much code verbatim between Linux and BSD. After a successful write, the suid/sgid bits are reset, and the mode to be written is stored in newmode. On Linux, this was propagated to both the in-memory inode and znode, which is then updated with sa_update.
3d40b65 accidentally removed the initialization of newmode, which happened to occur on the same line as the inode update (which has been moved out of the function).
The uninitialized newmode can be saved to disk, leading to a crash on stat() of that file, in addition to a merely incorrect file mode.
Description
This patch restores that initialization.
How Has This Been Tested?
On a VM, it addresses the reproducer in #11474.
Types of changes
Checklist:
Signed-off-by.