CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Konstantin Belousov <kib@FreeBSD.org>
	Mon, 11 Dec 2023 22:57:28 +0000 (00:57 +0200)
committer	Konstantin Belousov <kib@FreeBSD.org>
	Fri, 15 Dec 2023 22:06:10 +0000 (00:06 +0200)
commit	ca39f23347e1416a28dde13279bfe5841ad9a746
tree	fedf547a7bb186919b7c2d202d231d0734514eee	tree \| snapshot
parent	863975b6840b2833b0f772648ba2532806ffece8	commit \| diff

ufs: do not leave around empty buffers shadowing disk content

If the ffs_write() operation specified to overwrite the whole buffer,
ffs tries to save the read by not validating allocated buffer. Then
uiommove() might fail with EFAULT, in which case pages are left zeroed
and marked valid but not read from the disk. Then vn_io_fault() logic
retries the write after holding the user pages to avoid EFAULTs. In
erronous case of really faulty buffer, or in contrived case of writing
from file to itself, we are left with zeroed buffer instead of valid
content written back to disk.

Handle the situation by releasing non-cached buffer on fault, instead
of clearing it. Note that buffers with alive dependencies cannot be
released, but also either they cannot have valid content on the disk
because dependency on data buffer means that it was not yet written, or
they were reallocated by fragment extension or ffs_reallocbks(), and are
already fully valid.

Reported by: kevans
Discussed with: mav
In collaboration with: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week