git: 7e4c6b2163fb - main - msdosfs: zero partially valid extended cluster
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 11 Jul 2023 00:49:49 UTC
The branch main has been updated by kib:
URL: https://cgit.FreeBSD.org/src/commit/?id=7e4c6b2163fbed6be92b1e19f0eec4da973cfaec
commit 7e4c6b2163fbed6be92b1e19f0eec4da973cfaec
Author: Konstantin Belousov <kib@FreeBSD.org>
AuthorDate: 2023-07-06 01:51:07 +0000
Commit: Konstantin Belousov <kib@FreeBSD.org>
CommitDate: 2023-07-11 00:49:09 +0000
msdosfs: zero partially valid extended cluster
It contains arbitrary garbage, which is not cleared by vfs_bio_clrbuf()
which only zeroes invalid portions of the pages.
Reported by: Maxim Suhanov <dfirblog@gmail.com>
Discussed with: so
Tested by: pho
Sponsored by: The FreeBSD Foundation
MFC after: 1 week
---
sys/fs/msdosfs/msdosfs_denode.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/sys/fs/msdosfs/msdosfs_denode.c b/sys/fs/msdosfs/msdosfs_denode.c
index 7acd90c8e713..ce7058b3ae60 100644
--- a/sys/fs/msdosfs/msdosfs_denode.c
+++ b/sys/fs/msdosfs/msdosfs_denode.c
@@ -498,6 +498,7 @@ deextend(struct denode *dep, u_long length, struct ucred *cred)
struct msdosfsmount *pmp = dep->de_pmp;
struct vnode *vp = DETOV(dep);
struct buf *bp;
+ off_t eof_clusteroff;
u_long count;
int error;
@@ -536,13 +537,19 @@ deextend(struct denode *dep, u_long length, struct ucred *cred)
* B_CACHE | B_DELWRI but with invalid pages, and cannot be
* neither written out nor validated.
*
- * Fix it by proactively clearing extended pages.
+ * Fix it by proactively clearing extended pages. Need to do
+ * both vfs_bio_clrbuf() to mark pages valid, and to zero
+ * actual buffer content which might exist in the tail of the
+ * already valid cluster.
*/
error = bread(vp, de_cluster(pmp, dep->de_FileSize), pmp->pm_bpcluster,
NOCRED, &bp);
if (error != 0)
goto rewind;
vfs_bio_clrbuf(bp);
+ eof_clusteroff = de_cn2off(pmp, de_cluster(pmp, dep->de_FileSize));
+ vfs_bio_bzero_buf(bp, dep->de_FileSize - eof_clusteroff,
+ pmp->pm_bpcluster - dep->de_FileSize + eof_clusteroff);
if (!DOINGASYNC(vp))
(void)bwrite(bp);
else if (vm_page_count_severe() || buf_dirty_count_severe())