Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-doc
 Path: blob/main/website/static/security/patches/EN-15:07/zfs.patch
18096 views
1
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c

2
===================================================================

3
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c	(revision 284174)

4
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/arc.c	(working copy)

5
@@ -344,6 +344,7 @@ typedef struct arc_stats {

6
 	kstat_named_t arcstat_l2_evict_lock_retry;

7
 	kstat_named_t arcstat_l2_evict_reading;

8
 	kstat_named_t arcstat_l2_free_on_write;

9
+	kstat_named_t arcstat_l2_cdata_free_on_write;

10
 	kstat_named_t arcstat_l2_abort_lowmem;

11
 	kstat_named_t arcstat_l2_cksum_bad;

12
 	kstat_named_t arcstat_l2_io_error;

13
@@ -421,6 +422,7 @@ static arc_stats_t arc_stats = {

14
 	{ "l2_evict_lock_retry",	KSTAT_DATA_UINT64 },

15
 	{ "l2_evict_reading",		KSTAT_DATA_UINT64 },

16
 	{ "l2_free_on_write",		KSTAT_DATA_UINT64 },

17
+	{ "l2_cdata_free_on_write",	KSTAT_DATA_UINT64 },

18
 	{ "l2_abort_lowmem",		KSTAT_DATA_UINT64 },

19
 	{ "l2_cksum_bad",		KSTAT_DATA_UINT64 },

20
 	{ "l2_io_error",		KSTAT_DATA_UINT64 },

21
@@ -1629,6 +1631,21 @@ arc_buf_add_ref(arc_buf_t *buf, void* tag)

22
 	    data, metadata, hits);

23
 }

24
 

25
+static void

26
+arc_buf_free_on_write(void *data, size_t size,

27
+    void (*free_func)(void *, size_t))

28
+{

29
+	l2arc_data_free_t *df;

30
+

31
+	df = kmem_alloc(sizeof (l2arc_data_free_t), KM_SLEEP);

32
+	df->l2df_data = data;

33
+	df->l2df_size = size;

34
+	df->l2df_func = free_func;

35
+	mutex_enter(&l2arc_free_on_write_mtx);

36
+	list_insert_head(l2arc_free_on_write, df);

37
+	mutex_exit(&l2arc_free_on_write_mtx);

38
+}

39
+

40
 /*

41
  * Free the arc data buffer.  If it is an l2arc write in progress,

42
  * the buffer is placed on l2arc_free_on_write to be freed later.

43
@@ -1639,14 +1656,7 @@ arc_buf_data_free(arc_buf_t *buf, void (*free_func

44
 	arc_buf_hdr_t *hdr = buf->b_hdr;

45
 

46
 	if (HDR_L2_WRITING(hdr)) {

47
-		l2arc_data_free_t *df;

48
-		df = kmem_alloc(sizeof (l2arc_data_free_t), KM_SLEEP);

49
-		df->l2df_data = buf->b_data;

50
-		df->l2df_size = hdr->b_size;

51
-		df->l2df_func = free_func;

52
-		mutex_enter(&l2arc_free_on_write_mtx);

53
-		list_insert_head(l2arc_free_on_write, df);

54
-		mutex_exit(&l2arc_free_on_write_mtx);

55
+		arc_buf_free_on_write(buf->b_data, hdr->b_size, free_func);

56
 		ARCSTAT_BUMP(arcstat_l2_free_on_write);

57
 	} else {

58
 		free_func(buf->b_data, hdr->b_size);

59
@@ -1658,6 +1668,23 @@ arc_buf_data_free(arc_buf_t *buf, void (*free_func

60
  * arc_buf_t off of the the arc_buf_hdr_t's list and free it.

61
  */

62
 static void

63
+arc_buf_l2_cdata_free(arc_buf_hdr_t *hdr)

64
+{

65
+	l2arc_buf_hdr_t *l2hdr = hdr->b_l2hdr;

66
+

67
+	ASSERT(MUTEX_HELD(&l2arc_buflist_mtx));

68
+

69
+	if (l2hdr->b_tmp_cdata == NULL)

70
+		return;

71
+

72
+	ASSERT(HDR_L2_WRITING(hdr));

73
+	arc_buf_free_on_write(l2hdr->b_tmp_cdata, hdr->b_size,

74
+	    zio_data_buf_free);

75
+	ARCSTAT_BUMP(arcstat_l2_cdata_free_on_write);

76
+	l2hdr->b_tmp_cdata = NULL;

77
+}

78
+

79
+static void

80
 arc_buf_destroy(arc_buf_t *buf, boolean_t recycle, boolean_t remove)

81
 {

82
 	arc_buf_t **bufp;

83
@@ -1756,6 +1783,7 @@ arc_hdr_destroy(arc_buf_hdr_t *hdr)

84
 			trim_map_free(l2hdr->b_dev->l2ad_vdev, l2hdr->b_daddr,

85
 			    hdr->b_size, 0);

86
 			list_remove(l2hdr->b_dev->l2ad_buflist, hdr);

87
+			arc_buf_l2_cdata_free(hdr);

88
 			ARCSTAT_INCR(arcstat_l2_size, -hdr->b_size);

89
 			ARCSTAT_INCR(arcstat_l2_asize, -l2hdr->b_asize);

90
 			vdev_space_update(l2hdr->b_dev->l2ad_vdev,

91
@@ -3605,6 +3633,7 @@ arc_release(arc_buf_t *buf, void *tag)

92
 	l2hdr = hdr->b_l2hdr;

93
 	if (l2hdr) {

94
 		mutex_enter(&l2arc_buflist_mtx);

95
+		arc_buf_l2_cdata_free(hdr);

96
 		hdr->b_l2hdr = NULL;

97
 		list_remove(l2hdr->b_dev->l2ad_buflist, hdr);

98
 	}

99
@@ -4895,6 +4924,11 @@ top:

100
 				ARCSTAT_INCR(arcstat_l2_asize, -abl2->b_asize);

101
 				bytes_evicted += abl2->b_asize;

102
 				ab->b_l2hdr = NULL;

103
+				/*

104
+				 * We are destroying l2hdr, so ensure that

105
+				 * its compressed buffer, if any, is not leaked.

106
+				 */

107
+				ASSERT(abl2->b_tmp_cdata == NULL);

108
 				kmem_free(abl2, sizeof (l2arc_buf_hdr_t));

109
 				ARCSTAT_INCR(arcstat_l2_size, -ab->b_size);

110
 			}

111
@@ -5133,6 +5167,14 @@ l2arc_write_buffers(spa_t *spa, l2arc_dev_t *dev,

112
 		buf_data = l2hdr->b_tmp_cdata;

113
 		buf_sz = l2hdr->b_asize;

114
 

115
+		/*

116
+		 * If the data has not been compressed, then clear b_tmp_cdata

117
+		 * to make sure that it points only to a temporary compression

118
+		 * buffer.

119
+		 */

120
+		if (!L2ARC_IS_VALID_COMPRESS(l2hdr->b_compress))

121
+			l2hdr->b_tmp_cdata = NULL;

122
+

123
 		/* Compression may have squashed the buffer to zero length. */

124
 		if (buf_sz != 0) {

125
 			uint64_t buf_p_sz;

126
@@ -5323,7 +5365,8 @@ l2arc_release_cdata_buf(arc_buf_hdr_t *ab)

127
 {

128
 	l2arc_buf_hdr_t *l2hdr = ab->b_l2hdr;

129
 

130
-	if (l2hdr->b_compress == ZIO_COMPRESS_LZ4) {

131
+	ASSERT(L2ARC_IS_VALID_COMPRESS(l2hdr->b_compress));

132
+	if (l2hdr->b_compress != ZIO_COMPRESS_EMPTY) {

133
 		/*

134
 		 * If the data was compressed, then we've allocated a

135
 		 * temporary buffer for it, so now we need to release it.

136
@@ -5330,8 +5373,10 @@ l2arc_release_cdata_buf(arc_buf_hdr_t *ab)

137
 		 */

138
 		ASSERT(l2hdr->b_tmp_cdata != NULL);

139
 		zio_data_buf_free(l2hdr->b_tmp_cdata, ab->b_size);

140
+		l2hdr->b_tmp_cdata = NULL;

141
+	} else {

142
+		ASSERT(l2hdr->b_tmp_cdata == NULL);

143
 	}

144
-	l2hdr->b_tmp_cdata = NULL;

145
 }

146
 

147
 /*

148
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c

149
===================================================================

150
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c	(revision 284174)

151
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/trim_map.c	(working copy)

152
@@ -155,11 +155,9 @@ trim_map_create(vdev_t *vd)

153
 {

154
 	trim_map_t *tm;

155
 

156
-	ASSERT(vd->vdev_ops->vdev_op_leaf);

157
+	ASSERT(zfs_trim_enabled && !vd->vdev_notrim &&

158
+		vd->vdev_ops->vdev_op_leaf);

159
 

160
-	if (!zfs_trim_enabled)

161
-		return;

162
-

163
 	tm = kmem_zalloc(sizeof (*tm), KM_SLEEP);

164
 	mutex_init(&tm->tm_lock, NULL, MUTEX_DEFAULT, NULL);

165
 	list_create(&tm->tm_head, sizeof (trim_seg_t),

166
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c

167
===================================================================

168
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c	(revision 284174)

169
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev.c	(working copy)

170
@@ -1214,6 +1214,7 @@ vdev_open(vdev_t *vd)

171
 	vd->vdev_stat.vs_aux = VDEV_AUX_NONE;

172
 	vd->vdev_cant_read = B_FALSE;

173
 	vd->vdev_cant_write = B_FALSE;

174
+	vd->vdev_notrim = B_FALSE;

175
 	vd->vdev_min_asize = vdev_get_min_asize(vd);

176
 

177
 	/*

178
@@ -1283,10 +1284,8 @@ vdev_open(vdev_t *vd)

179
 	if (vd->vdev_ishole || vd->vdev_ops == &vdev_missing_ops)

180
 		return (0);

181
 

182
-	if (vd->vdev_ops->vdev_op_leaf) {

183
-		vd->vdev_notrim = B_FALSE;

184
+	if (zfs_trim_enabled && !vd->vdev_notrim && vd->vdev_ops->vdev_op_leaf)

185
 		trim_map_create(vd);

186
-	}

187
 

188
 	for (int c = 0; c < vd->vdev_children; c++) {

189
 		if (vd->vdev_child[c]->vdev_state != VDEV_STATE_HEALTHY) {

190
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_disk.c

191
===================================================================

192
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_disk.c	(revision 284174)

193
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_disk.c	(working copy)

194
@@ -796,6 +796,8 @@ vdev_disk_io_start(zio_t *zio)

195
 		return (ZIO_PIPELINE_STOP);

196
 	}

197
 

198
+	ASSERT(zio->io_type == ZIO_TYPE_READ || zio->io_type == ZIO_TYPE_WRITE);

199
+

200
 	vb = kmem_alloc(sizeof (vdev_buf_t), KM_SLEEP);

201
 

202
 	vb->vb_io = zio;

203
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_file.c

204
===================================================================

205
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_file.c	(revision 284174)

206
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_file.c	(working copy)

207
@@ -129,6 +129,8 @@ skip_open:

208
 		return (error);

209
 	}

210
 

211
+	vd->vdev_notrim = B_TRUE;

212
+

213
 	*max_psize = *psize = vattr.va_size;

214
 	*logical_ashift = SPA_MINBLOCKSHIFT;

215
 	*physical_ashift = SPA_MINBLOCKSHIFT;

216
@@ -185,6 +187,8 @@ vdev_file_io_start(zio_t *zio)

217
 		return (ZIO_PIPELINE_STOP);

218
 	}

219
 

220
+	ASSERT(zio->io_type == ZIO_TYPE_READ || zio->io_type == ZIO_TYPE_WRITE);

221
+

222
 	zio->io_error = vn_rdwr(zio->io_type == ZIO_TYPE_READ ?

223
 	    UIO_READ : UIO_WRITE, vp, zio->io_data, zio->io_size,

224
 	    zio->io_offset, UIO_SYSSPACE, 0, RLIM64_INFINITY, kcred, &resid);

225
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c

226
===================================================================

227
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c	(revision 284174)

228
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_geom.c	(working copy)

229
@@ -832,6 +832,11 @@ vdev_geom_io_start(zio_t *zio)

230
 		return (ZIO_PIPELINE_STOP);

231
 	}

232
 sendreq:

233
+	ASSERT(zio->io_type == ZIO_TYPE_READ ||

234
+	    zio->io_type == ZIO_TYPE_WRITE ||

235
+	    zio->io_type == ZIO_TYPE_FREE ||

236
+	    zio->io_type == ZIO_TYPE_IOCTL);

237
+

238
 	cp = vd->vdev_tsd;

239
 	if (cp == NULL) {

240
 		zio->io_error = SET_ERROR(ENXIO);

241
Index: sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_label.c

242
===================================================================

243
--- sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_label.c	(revision 284174)

244
+++ sys/cddl/contrib/opensolaris/uts/common/fs/zfs/vdev_label.c	(working copy)

245
@@ -713,8 +713,9 @@ vdev_label_init(vdev_t *vd, uint64_t crtxg, vdev_l

246
 	 * Don't TRIM if removing so that we don't interfere with zpool

247
 	 * disaster recovery.

248
 	 */

249
-	if (zfs_trim_enabled && vdev_trim_on_init && (reason == VDEV_LABEL_CREATE ||

250
-	    reason == VDEV_LABEL_SPARE || reason == VDEV_LABEL_L2CACHE))

251
+	if (zfs_trim_enabled && vdev_trim_on_init && !vd->vdev_notrim && 

252
+	    (reason == VDEV_LABEL_CREATE || reason == VDEV_LABEL_SPARE ||

253
+	    reason == VDEV_LABEL_L2CACHE))

254
 		zio_wait(zio_trim(NULL, spa, vd, 0, vd->vdev_psize));

255
 

256
 	/*

257


258