diff options
author | Tom Caputi <[email protected]> | 2019-06-06 15:59:39 -0400 |
---|---|---|
committer | Brian Behlendorf <[email protected]> | 2019-06-06 12:59:39 -0700 |
commit | 3ce85b5e604e92c421a7975f9f64607cc98131fc (patch) | |
tree | f93cb33a00bf608fda66af4969a0de1563dcd2f4 | |
parent | 8e91c5ba6a1b2c607a1ed4a0a42b2d07eca13091 (diff) |
Fix integer overflow of ZTOI(zp)->i_generation
The ZFS on-disk format stores each inode's generation ID as a 64
bit number on disk and in-core. However, the Linux kernel's inode
is only a 32 bit number. In most places, the code handles this
correctly, but the cast is missing in zfs_rezget(). For many pools,
this isn't an issue since the generation ID is computed as the
current txg when the inode is created and many pools don't have
more than 2^32 txgs.
For the pools that have more txgs, this issue causes any inode with
a high enough generation number to report IO errors after a call to
"zfs rollback" while holding the file or directory open. This patch
simply adds the missing cast.
Reviewed-by: Alek Pinchuk <[email protected]>
Reviewed-by: George Melikov <[email protected]>
Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Tom Caputi <[email protected]>
Closes #8858
-rw-r--r-- | module/zfs/zfs_znode.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/module/zfs/zfs_znode.c b/module/zfs/zfs_znode.c index f334caf19..3dd299942 100644 --- a/module/zfs/zfs_znode.c +++ b/module/zfs/zfs_znode.c @@ -1253,7 +1253,7 @@ zfs_rezget(znode_t *zp) ZFS_TIME_DECODE(&ZTOI(zp)->i_mtime, mtime); ZFS_TIME_DECODE(&ZTOI(zp)->i_ctime, ctime); - if (gen != ZTOI(zp)->i_generation) { + if ((uint32_t)gen != ZTOI(zp)->i_generation) { zfs_znode_dmu_fini(zp); zfs_znode_hold_exit(zfsvfs, zh); return (SET_ERROR(EIO)); |