Zero pad bytes when allocating a ZIL record
When allocating a record, we round up the allocation size to a multiple of 8. In this case, any padding bytes should be zeroed, otherwise the contents of uninitialized memory are written to the ZIL. This was found using KMSAN. Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <mav@FreeBSD.org> Signed-off-by: Mark Johnston <markj@FreeBSD.org> Closes #12383
This commit is contained in:
parent
900a444107
commit
d6dc79eabc
|
@ -1783,18 +1783,19 @@ cont:
|
||||||
}
|
}
|
||||||
|
|
||||||
itx_t *
|
itx_t *
|
||||||
zil_itx_create(uint64_t txtype, size_t lrsize)
|
zil_itx_create(uint64_t txtype, size_t olrsize)
|
||||||
{
|
{
|
||||||
size_t itxsize;
|
size_t itxsize, lrsize;
|
||||||
itx_t *itx;
|
itx_t *itx;
|
||||||
|
|
||||||
lrsize = P2ROUNDUP_TYPED(lrsize, sizeof (uint64_t), size_t);
|
lrsize = P2ROUNDUP_TYPED(olrsize, sizeof (uint64_t), size_t);
|
||||||
itxsize = offsetof(itx_t, itx_lr) + lrsize;
|
itxsize = offsetof(itx_t, itx_lr) + lrsize;
|
||||||
|
|
||||||
itx = zio_data_buf_alloc(itxsize);
|
itx = zio_data_buf_alloc(itxsize);
|
||||||
itx->itx_lr.lrc_txtype = txtype;
|
itx->itx_lr.lrc_txtype = txtype;
|
||||||
itx->itx_lr.lrc_reclen = lrsize;
|
itx->itx_lr.lrc_reclen = lrsize;
|
||||||
itx->itx_lr.lrc_seq = 0; /* defensive */
|
itx->itx_lr.lrc_seq = 0; /* defensive */
|
||||||
|
bzero((char *)&itx->itx_lr + olrsize, lrsize - olrsize);
|
||||||
itx->itx_sync = B_TRUE; /* default is synchronous */
|
itx->itx_sync = B_TRUE; /* default is synchronous */
|
||||||
itx->itx_callback = NULL;
|
itx->itx_callback = NULL;
|
||||||
itx->itx_callback_data = NULL;
|
itx->itx_callback_data = NULL;
|
||||||
|
|
Loading…
Reference in New Issue