Date: Tue, 16 Dec 2025 23:42:59 +0000 From: Mark Johnston <markj@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: ff6b9c7c1c34 - releng/15.0 - zfs: Merge commit 86b064469dc9c2 from OpenZFS Message-ID: <6941ee83.2397e.32ee3da2@gitrepo.freebsd.org>
index | next in thread | raw e-mail
The branch releng/15.0 has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=ff6b9c7c1c3494f143879a98d645f5e682babf2c commit ff6b9c7c1c3494f143879a98d645f5e682babf2c Author: Mark Johnston <markj@FreeBSD.org> AuthorDate: 2025-12-14 17:20:38 +0000 Commit: Mark Johnston <markj@FreeBSD.org> CommitDate: 2025-12-16 16:01:07 +0000 zfs: Merge commit 86b064469dc9c2 from OpenZFS FreeBSD: Fix a potential null dereference in zfs_freebsd_fsync() In general it's possible for a vnode to not have an associated VM object. This happens in particular with named pipes, which have some distinct VOPs, defined in zfs_fifoops. Thus, this chunk of zfs_freebsd_fsync() needs to check for the FIFO case, like other vm_object_mightbedirty() callers do. (Note that vn_flush_cached_data() calls are predicated on zn_has_cached_data() returning true, and it checks for a NULL v_object pointer already.) Fixes: ef4058fcdc01838117dd93a654228bac7487a37c Reported-by: Collin Funk <collin.funk1@gmail.com> Reviewed-by: Sean Eric Fagan <sef@FreeBSD.org> Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Reviewed-by: Alexander Motin <alexander.motin@TrueNAS.com> Signed-off-by: Mark Johnston <markj@FreeBSD.org> Closes #18015 MFC after: 3 days Approved by: so Security: FreeBSD-EN-25:19.zfs (cherry picked from commit fa259d156d43966db95fe0f5cc15a0e6af206ff7) (cherry picked from commit d988a0c1fc4cf75d5c4c9820fd2a5619d59ac608) --- sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c index 8a9d23d0d554..05ac77741d4f 100644 --- a/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c +++ b/sys/contrib/openzfs/module/os/freebsd/zfs/zfs_vnops_os.c @@ -5275,7 +5275,7 @@ zfs_freebsd_fsync(struct vop_fsync_args *ap) * Push any dirty mmap()'d data out to the DMU and ZIL, ready for * zil_commit() to be called in zfs_fsync(). */ - if (vm_object_mightbedirty(vp->v_object)) { + if (vp->v_object != NULL && vm_object_mightbedirty(vp->v_object)) { zfs_vmobject_wlock(vp->v_object); if (!vm_object_page_clean(vp->v_object, 0, 0, 0)) err = SET_ERROR(EIO);help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6941ee83.2397e.32ee3da2>