Fix integer overflow of ZTOI(zp)->i_generation

The ZFS on-disk format stores each inode's generation ID as a 64
bit number on disk and in-core. However, the Linux kernel's inode
is only a 32 bit number. In most places, the code handles this
correctly, but the cast is missing in zfs_rezget(). For many pools,
this isn't an issue since the generation ID is computed as the
current txg when the inode is created and many pools don't have
more than 2^32 txgs.

For the pools that have more txgs, this issue causes any inode with
a high enough generation number to report IO errors after a call to
"zfs rollback" while holding the file or directory open. This patch
simply adds the missing cast.

Reviewed-by: Alek Pinchuk <apinchuk@datto.com>
Reviewed-by: George Melikov <mail@gmelikov.ru>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Tom Caputi <tcaputi@datto.com>
Closes #8858
This commit is contained in:
Tom Caputi 2019-06-06 15:59:39 -04:00 committed by Brian Behlendorf
parent 8e91c5ba6a
commit 3ce85b5e60
1 changed files with 1 additions and 1 deletions

View File

@ -1253,7 +1253,7 @@ zfs_rezget(znode_t *zp)
ZFS_TIME_DECODE(&ZTOI(zp)->i_mtime, mtime); ZFS_TIME_DECODE(&ZTOI(zp)->i_mtime, mtime);
ZFS_TIME_DECODE(&ZTOI(zp)->i_ctime, ctime); ZFS_TIME_DECODE(&ZTOI(zp)->i_ctime, ctime);
if (gen != ZTOI(zp)->i_generation) { if ((uint32_t)gen != ZTOI(zp)->i_generation) {
zfs_znode_dmu_fini(zp); zfs_znode_dmu_fini(zp);
zfs_znode_hold_exit(zfsvfs, zh); zfs_znode_hold_exit(zfsvfs, zh);
return (SET_ERROR(EIO)); return (SET_ERROR(EIO));