HomeFreeBSD

FFS extattr: fix handling of the tail

Description

FFS extattr: fix handling of the tail

There are three issues with change that stopped truncating ea area before
write, and resulted in possible zero tail in the ea area:

  • Truncate to zero checked i_ea_len after the reference was dropped, making the last drop effectively truncate to zero length always.
  • Loop to fill uio for zeroing specified too large length, that triggered assert in normal situation.
  • Integrity check could trip over the tail, instead we must allow partial header or header with zero length, and clamp ea image in memory at it.

Reported by: arichardson
Tested by: arichardson, pho
Sponsored by: The FreeBSD Foundation
MFC after: 3 days
Fixup: 5e198e7646a27412c0541719f7bf1bbc0bd89223
Differential Revision: https://reviews.freebsd.org/D28999

Details

Provenance
kibAuthored on Mar 1 2021, 3:24 PM
Differential Revision
D28999: FFS extattr: fix handling of the tail
Parents
R10:a59e2982fe3e: Optimize out few extra memory accesses.
Branches
Unknown
Tags
Unknown