zfs/include/sys
Prakash Surya 8f2503e0af Store copy of tqent_flags prior to servicing task
A preallocated taskq_ent_t's tqent_flags must be checked prior to
servicing the taskq_ent_t. Once a preallocated taskq entry is serviced,
the ownership of the entry is handed back to the caller of
taskq_dispatch, thus the entry's contents can potentially be mangled.

In particular, this is a problem in the case where a preallocated taskq
entry is serviced, and the caller clears it's tqent_flags field. Thus,
when the function returns and task_done is called, it looks as though
the entry is **not** a preallocated task (when in fact it **is** a
preallocated task).

In this situation, task_done will place the preallocated taskq_ent_t
structure onto the taskq_t's free list. This is a **huge** mistake. If
the taskq_ent_t is then freed by the caller of taskq_dispatch, the
taskq_t's free list will hold a pointer to garbage data. Even worse, if
nothing has over written the freed memory before the pointer is
dereferenced, it may still look as though it points to a valid list_head
belonging to a taskq_ent_t structure.

Thus, the task entry's flags are now copied prior to servicing the task.
This copy is then checked to see if it is a preallocated task, and
determine if the entry needs to be passed down to the task_done
function.

Signed-off-by: Prakash Surya <surya1@llnl.gov>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Closes #71
2011-12-16 16:54:00 -08:00
..
fm Public Release Prep 2010-05-17 15:18:00 -07:00
fs Public Release Prep 2010-05-17 15:18:00 -07:00
sysevent Public Release Prep 2010-05-17 15:18:00 -07:00
Makefile.in Build system and packaging (RPM support) 2009-03-09 15:56:55 -07:00
acl.h Add VSA_ACE_* and MAX_ACL_ENTRIES defines 2011-01-27 16:06:09 -08:00
acl_impl.h Public Release Prep 2010-05-17 15:18:00 -07:00
atomic.h atomic_*_*_nv() functions need to return the new value atomically. 2010-09-17 16:03:25 -07:00
attr.h Public Release Prep 2010-05-17 15:18:00 -07:00
bitmap.h Public Release Prep 2010-05-17 15:18:00 -07:00
bootconf.h Public Release Prep 2010-05-17 15:18:00 -07:00
bootprops.h Stub out additional missing headers 2010-06-11 15:57:25 -07:00
buf.h Public Release Prep 2010-05-17 15:18:00 -07:00
byteorder.h Public Release Prep 2010-05-17 15:18:00 -07:00
callb.h Public Release Prep 2010-05-17 15:18:00 -07:00
cmn_err.h Public Release Prep 2010-05-17 15:18:00 -07:00
compress.h Public Release Prep 2010-05-17 15:18:00 -07:00
condvar.h Block in cv_destroy() on all waiters 2011-02-04 14:09:08 -08:00
conf.h Public Release Prep 2010-05-17 15:18:00 -07:00
console.h Public Release Prep 2010-05-17 15:18:00 -07:00
cpupart.h Stub out additional missing headers 2010-06-11 15:57:25 -07:00
cpuvar.h Public Release Prep 2010-05-17 15:18:00 -07:00
crc32.h Public Release Prep 2010-05-17 15:18:00 -07:00
cred.h Add crgetfsuid()/crgetfsgid() helpers 2011-03-22 12:18:44 -07:00
ctype.h Public Release Prep 2010-05-17 15:18:00 -07:00
ddi.h Public Release Prep 2010-05-17 15:18:00 -07:00
debug.h Display DEBUG keyword during module load when --enable-debug is used. 2010-07-20 15:31:03 -07:00
dirent.h Public Release Prep 2010-05-17 15:18:00 -07:00
disp.h Public Release Prep 2010-05-17 15:18:00 -07:00
dkio.h Public Release Prep 2010-05-17 15:18:00 -07:00
dklabel.h Public Release Prep 2010-05-17 15:18:00 -07:00
dnlc.h Add dnlc_reduce_cache() support 2011-04-06 20:06:03 -07:00
dumphdr.h Public Release Prep 2010-05-17 15:18:00 -07:00
efi_partition.h Public Release Prep 2010-05-17 15:18:00 -07:00
errno.h Public Release Prep 2010-05-17 15:18:00 -07:00
extdirent.h Add missing headers 2011-01-27 16:06:09 -08:00
fcntl.h Use Linux flock struct 2011-02-23 14:32:15 -08:00
file.h Add FIGNORECASE define 2011-01-27 16:06:09 -08:00
idmap.h Add missing headers 2011-01-27 16:06:09 -08:00
int_limits.h Public Release Prep 2010-05-17 15:18:00 -07:00
int_types.h Public Release Prep 2010-05-17 15:18:00 -07:00
inttypes.h Public Release Prep 2010-05-17 15:18:00 -07:00
isa_defs.h Public Release Prep 2010-05-17 15:18:00 -07:00
kidmap.h Add missing headers 2011-01-27 16:06:09 -08:00
kmem.h Decrease target objects per slab 2011-04-06 20:06:03 -07:00
kobj.h Public Release Prep 2010-05-17 15:18:00 -07:00
kstat.h Prepend spl_ to all init/fini functions 2011-11-11 09:18:28 -08:00
list.h Add list_link_replace() function 2010-08-27 14:23:48 -07:00
mkdev.h Public Release Prep 2010-05-17 15:18:00 -07:00
mntent.h Public Release Prep 2010-05-17 15:18:00 -07:00
modctl.h Public Release Prep 2010-05-17 15:18:00 -07:00
mode.h Add vn_mode_to_vtype/vn_vtype to_mode helpers 2011-01-12 11:38:04 -08:00
mount.h Public Release Prep 2010-05-17 15:18:00 -07:00
mutex.h Fix usage of MUTEX macro in mutex_enter_nested 2011-12-13 11:04:21 -08:00
note.h Public Release Prep 2010-05-17 15:18:00 -07:00
open.h Public Release Prep 2010-05-17 15:18:00 -07:00
param.h Correct MAXUID 2011-04-29 13:58:45 -07:00
pathname.h Public Release Prep 2010-05-17 15:18:00 -07:00
policy.h Minor policy interface 2011-01-27 16:06:09 -08:00
pool.h Stub out additional missing headers 2010-06-11 15:57:25 -07:00
priv_impl.h Stub out additional missing headers 2010-06-11 15:57:25 -07:00
proc.h Cleanly split Linux proc.h (fs) from conflicting Solaris proc.h (process) 2010-06-11 15:57:25 -07:00
processor.h Public Release Prep 2010-05-17 15:18:00 -07:00
pset.h Stub out additional missing headers 2010-06-11 15:57:25 -07:00
random.h Public Release Prep 2010-05-17 15:18:00 -07:00
refstr.h Public Release Prep 2010-05-17 15:18:00 -07:00
resource.h Public Release Prep 2010-05-17 15:18:00 -07:00
rwlock.h Correctly handle rwsem_is_locked() behavior 2010-08-10 16:43:00 -07:00
sdt.h Public Release Prep 2010-05-17 15:18:00 -07:00
sid.h Add ksid_index_t and ksid_t types 2011-01-27 16:06:09 -08:00
signal.h Split <sys/debug.h> header 2010-07-20 13:29:35 -07:00
stat.h Public Release Prep 2010-05-17 15:18:00 -07:00
stropts.h Public Release Prep 2010-05-17 15:18:00 -07:00
sunddi.h Split <sys/debug.h> header 2010-07-20 13:29:35 -07:00
sunldi.h Public Release Prep 2010-05-17 15:18:00 -07:00
sysdc.h Stub out additional missing headers 2010-06-11 15:57:25 -07:00
sysevent.h Public Release Prep 2010-05-17 15:18:00 -07:00
sysmacros.h Fix 32-bit MAXOFFSET_T definition 2011-04-22 16:17:13 -07:00
systeminfo.h Read the /etc/hostid file directly. 2011-06-24 09:58:03 -07:00
systm.h Public Release Prep 2010-05-17 15:18:00 -07:00
t_lock.h Public Release Prep 2010-05-17 15:18:00 -07:00
taskq.h Store copy of tqent_flags prior to servicing task 2011-12-16 16:54:00 -08:00
thread.h Add Thread Specific Data (TSD) Implementation 2010-12-07 10:02:32 -08:00
time.h Allow 64-bit timestamps to be set on 64-bit kernels 2011-12-12 11:06:03 -08:00
timer.h Minor cleanup and Solaris API additions. 2010-06-11 15:57:25 -07:00
tsd.h Prepend spl_ to all init/fini functions 2011-11-11 09:18:28 -08:00
types.h Linux 2.6.39 compat, zlib_deflate_workspacesize() 2011-04-20 14:39:15 -07:00
types32.h Public Release Prep 2010-05-17 15:18:00 -07:00
u8_textprep.h Public Release Prep 2010-05-17 15:18:00 -07:00
uio.h Add xuio_* structures and typedefs. 2010-06-11 15:57:25 -07:00
unistd.h Public Release Prep 2010-05-17 15:18:00 -07:00
utsname.h Public Release Prep 2010-05-17 15:18:00 -07:00
va_list.h Public Release Prep 2010-05-17 15:18:00 -07:00
varargs.h Public Release Prep 2010-05-17 15:18:00 -07:00
vfs.h Renamed 'struct fid' for NFS 2011-04-29 12:10:54 -07:00
vfs_opreg.h Public Release Prep 2010-05-17 15:18:00 -07:00
vmsystm.h Public Release Prep 2010-05-17 15:18:00 -07:00
vnode.h Linux 3.1 compat, kern_path_parent() 2011-11-09 16:51:25 -08:00
zmod.h Prepend spl_ to all init/fini functions 2011-11-11 09:18:28 -08:00
zone.h Public Release Prep 2010-05-17 15:18:00 -07:00