Allow negative aio_offset only for the read and write LIO ops on device nodes.
ClosedPublic
Actions

Authored by kib on Jun 18 2017, 8:27 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Fri, Nov 21, 5:42 AM

	Unknown Object (File)
	Fri, Nov 21, 5:41 AM

	Unknown Object (File)
	Fri, Nov 21, 5:38 AM

	Unknown Object (File)
	Fri, Nov 21, 5:37 AM

	Unknown Object (File)
	Tue, Nov 18, 7:25 AM

	Unknown Object (File)
	Fri, Nov 7, 6:11 AM

	Unknown Object (File)
	Fri, Nov 7, 6:11 AM

	Unknown Object (File)
	Fri, Nov 7, 1:33 AM

View All 75 Files

Subscribers

imp

pho

Details

Reviewers

jhb

Commits

rS320108: Allow negative aio_offset only for the read and write LIO ops on

Summary

Otherwise, the current check of aio_offset == -1LL makes it possible to pass negative file offsets down to the filesystems. This trips assertions and is even unsafe for e.g. FFS which keeps metadata at negative offsets.

Test Plan

Peter Holm found this with fuzzing and confirmed that the issue is fixed. He also run AIO regression tests.

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Skipped

Unit

Tests Skipped

Build Status

Buildable 9972

Event Timeline

kib created this revision.Jun 18 2017, 8:27 PM

Herald added a subscriber: imp. · View Herald TranscriptJun 18 2017, 8:27 PM

jhb accepted this revision.Jun 19 2017, 2:23 PM

This revision is now accepted and ready to land.Jun 19 2017, 2:23 PM

Closed by commit rS320108: Allow negative aio_offset only for the read and write LIO ops on (authored by kib). · Explain WhyJun 19 2017, 3:17 PM

This revision was automatically updated to reflect the committed changes.

Revision Contents
Changeset List

Path

Size

sys/

kern/

vfs_aio.c

4 lines

Diff 29798

View Options

Allow negative aio_offset only for the read and write LIO ops on device nodes.ClosedPublicActions