From nobody Sat Aug 13 20:51:44 2022
X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4M4t4w6DVkz4Z7j5;
	Sat, 13 Aug 2022 20:51:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4M4t4w5hQyz47mM;
	Sat, 13 Aug 2022 20:51:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1660423904;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=F4nPKysiByHB644kbKtxqaGWy71cb/PeL2zRHkmCMsE=;
	b=jZOlH9Zm0Zo7e9b30+oZ6Q3uOKkReEjz342EWEEM1DCinaFn91fZ7QX0xAGY8COnELoK68
	l+BmRkD+7LexTrUdIORB1AqZFvt9mTSMg0dTOtkAxoY5L8Z/RodzNv793SuP/mqG+g4lVG
	kR1b6Pks5jW5bSJ/IZ6Rq7DaAkR5RWpyBmm3tQsQaqWKWqrXR6ThmpKEo90qKvz8+NAIQG
	zhQTsElBm7X5axCBAWqxAtXevd+0gxTnoASSBxixf5SBYYc6lZc5NClcEEVhm+Ff+K5xqG
	T3FItPanUGujAf+juXRIxrMKP+5vHHFsytesX5I0TvF+uFXCfu+ktANGsfYKAA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4M4t4w4lSHzQ3B;
	Sat, 13 Aug 2022 20:51:44 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 27DKpika038784;
	Sat, 13 Aug 2022 20:51:44 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 27DKpiIN038783;
	Sat, 13 Aug 2022 20:51:44 GMT
	(envelope-from git)
Date: Sat, 13 Aug 2022 20:51:44 GMT
Message-Id: <202208132051.27DKpiIN038783@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-main@FreeBSD.org
From: Kirk McKusick <mckusick@FreeBSD.org>
Subject: git: 6b9d4fbb7fe5 - main - Explicitly initialize rather than reading newly allocated UFS inodes.
List-Id: Commit messages for the main branch of the src repository <dev-commits-src-main.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main
List-Help: <mailto:dev-commits-src-main+help@freebsd.org>
List-Post: <mailto:dev-commits-src-main@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-main+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-main+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-main@freebsd.org
X-BeenThere: dev-commits-src-main@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: mckusick
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 6b9d4fbb7fe550788d82168e7beeabcd5ad238ce
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1660423904;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=F4nPKysiByHB644kbKtxqaGWy71cb/PeL2zRHkmCMsE=;
	b=Fywg5q5QzM01tzCT1A05TUXvLDh5J2abgWrV+OHdjw8UD0WlhWWxQKWcKp4EnJmRak5tQs
	Uf3vSO49EMk8EAKpVeoUxl3imWos5yE0vxntjvX0Dh06U/nJtB7Qfid/oTLgbmpJxMXHwu
	cWt8t/RZpfNLjkHWgUvOYLOxUlQseZSacKMBwNUqZVIk7Uza9ltdWt8xsAsCjBM/8xVHN3
	h+eLSqYwpFNdlCUG6eIK5SzZFRpeINWOHB6tDEkE7h+AvXrHvoakjfjLt4Q46AvBkAQyJq
	r9ooM8Aa8oYRosrrcKoy2+ySPC4t4AfR5CmcALRsSNyMIo8O8s3glzGGk6Lz6A==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1660423904; a=rsa-sha256; cv=none;
	b=QQ3q+d2dJYGSYs6G8dyjxpkappUJnzdZJOLMQp4E+yCElsv31bUNAXR1xzOv+e5+3Uak2/
	5Cthd/gBgTal9FvpI0HgD6ZXQJUUPP6cQou+EFb9oKHX4pzBeWODYtxK8xGJDMMBiQbQDT
	cQg9zlQyUOpeym+Terikmqfd1zBcQfRAqv4P9cXED4+QSlwHLlwyN7y8qc+yIshQBjwnPk
	4V/8VgqvjHMQPwfrvbh67TlxreG88wK+Mf/Gl/laYadS6oYE9uIqCeR3UimIev8Uxek7Ww
	gz0DJHirSDi4k76TPJJFvsathgLlWqvYO1dQXhsPJsxVzJFzlkEU0j0POa2crQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch main has been updated by mckusick:

URL: https://cgit.FreeBSD.org/src/commit/?id=6b9d4fbb7fe550788d82168e7beeabcd5ad238ce

commit 6b9d4fbb7fe550788d82168e7beeabcd5ad238ce
Author:     Kirk McKusick <mckusick@FreeBSD.org>
AuthorDate: 2022-08-13 20:50:08 +0000
Commit:     Kirk McKusick <mckusick@FreeBSD.org>
CommitDate: 2022-08-13 20:51:25 +0000

    Explicitly initialize rather than reading newly allocated UFS inodes.
    
    The function ffs_vgetf() is used to find or load UFS inodes into a
    vnode. It first looks up the inode and if found in the cache its
    vnode is returned. If it is not already in the cache, a new vnode
    is allocated and its associated inode read in from the disk. The
    read is done even for inodes that are being initially created.
    The contents for the inode on the disk are assumed to be empty. If
    the on-disk contents had been corrupted either due to a hardware
    glitch or an agent deliberately trying to exploit the system, the
    UFS code could panic from the unexpected partially-allocated inode.
    
    Rather then having fsck_ffs(8) verify that all unallocated inodes
    are properly empty, it is easier and quicker to add a flag to
    ffs_vgetf() to indicate that the request is for a newly allocated
    inode. When set, the disk read is skipped and the inode is set to
    its expected empty (zero'ed out) initial state. As a side benefit,
    an unneeded disk I/O is avoided.
    
    Reported by:  Peter Holm
    Sponsored by: The FreeBSD Foundation
---
 sys/ufs/ffs/ffs_alloc.c  |  2 +-
 sys/ufs/ffs/ffs_extern.h |  1 +
 sys/ufs/ffs/ffs_vfsops.c | 54 +++++++++++++++++++++++++++---------------------
 3 files changed, 33 insertions(+), 24 deletions(-)

diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c
index 6eaec9edf17b..4b0c7b108cb6 100644
--- a/sys/ufs/ffs/ffs_alloc.c
+++ b/sys/ufs/ffs/ffs_alloc.c
@@ -1159,7 +1159,7 @@ retry:
 	 * return the error.
 	 */
 	if ((error = ffs_vgetf(pvp->v_mount, ino, LK_EXCLUSIVE, vpp,
-	    FFSV_FORCEINSMQ | FFSV_REPLACE)) != 0) {
+	    FFSV_FORCEINSMQ | FFSV_REPLACE | FFSV_NEWINODE)) != 0) {
 		ffs_vfree(pvp, ino, mode);
 		return (error);
 	}
diff --git a/sys/ufs/ffs/ffs_extern.h b/sys/ufs/ffs/ffs_extern.h
index 4f17b71dd20f..5bfc88aa5d19 100644
--- a/sys/ufs/ffs/ffs_extern.h
+++ b/sys/ufs/ffs/ffs_extern.h
@@ -132,6 +132,7 @@ int	ffs_breadz(struct ufsmount *, struct vnode *, daddr_t, daddr_t, int,
 					   doomed */
 #define	FFSV_FORCEINODEDEP	0x0008	/* Force allocation of inodedep, ignore
 					   MNT_SOFTDEP */
+#define	FFSV_NEWINODE		0x0010	/* Newly allocated inode */
 
 /*
  * Flags to ffs_reload
diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c
index 38d5be895318..4768d610b287 100644
--- a/sys/ufs/ffs/ffs_vfsops.c
+++ b/sys/ufs/ffs/ffs_vfsops.c
@@ -1928,40 +1928,48 @@ ffs_vgetf(struct mount *mp,
 		MPASS((ffs_flags & FFSV_REPLACE) == 0);
 		return (0);
 	}
-
-	/* Read in the disk contents for the inode, copy into the inode. */
-	dbn = fsbtodb(fs, ino_to_fsba(fs, ino));
-	error = ffs_breadz(ump, ump->um_devvp, dbn, dbn, (int)fs->fs_bsize,
-	    NULL, NULL, 0, NOCRED, 0, NULL, &bp);
-	if (error != 0) {
-		/*
-		 * The inode does not contain anything useful, so it would
-		 * be misleading to leave it on its hash chain. With mode
-		 * still zero, it will be unlinked and returned to the free
-		 * list by vput().
-		 */
-		vgone(vp);
-		vput(vp);
-		*vpp = NULL;
-		return (error);
-	}
 	if (I_IS_UFS1(ip))
 		ip->i_din1 = uma_zalloc(uma_ufs1, M_WAITOK);
 	else
 		ip->i_din2 = uma_zalloc(uma_ufs2, M_WAITOK);
-	if ((error = ffs_load_inode(bp, ip, fs, ino)) != 0) {
+
+	if ((ffs_flags & FFSV_NEWINODE) != 0) {
+		/* New inode, just zero out its contents. */
+		if (I_IS_UFS1(ip))
+			memset(ip->i_din1, 0, sizeof(struct ufs1_dinode));
+		else
+			memset(ip->i_din2, 0, sizeof(struct ufs2_dinode));
+	} else {
+		/* Read the disk contents for the inode, copy into the inode. */
+		dbn = fsbtodb(fs, ino_to_fsba(fs, ino));
+		error = ffs_breadz(ump, ump->um_devvp, dbn, dbn,
+		    (int)fs->fs_bsize, NULL, NULL, 0, NOCRED, 0, NULL, &bp);
+		if (error != 0) {
+			/*
+			 * The inode does not contain anything useful, so it
+			 * would be misleading to leave it on its hash chain.
+			 * With mode still zero, it will be unlinked and
+			 * returned to the free list by vput().
+			 */
+			vgone(vp);
+			vput(vp);
+			*vpp = NULL;
+			return (error);
+		}
+		if ((error = ffs_load_inode(bp, ip, fs, ino)) != 0) {
+			bqrelse(bp);
+			vgone(vp);
+			vput(vp);
+			*vpp = NULL;
+			return (error);
+		}
 		bqrelse(bp);
-		vgone(vp);
-		vput(vp);
-		*vpp = NULL;
-		return (error);
 	}
 	if (DOINGSOFTDEP(vp) && (!fs->fs_ronly ||
 	    (ffs_flags & FFSV_FORCEINODEDEP) != 0))
 		softdep_load_inodeblock(ip);
 	else
 		ip->i_effnlink = ip->i_nlink;
-	bqrelse(bp);
 
 	/*
 	 * Initialize the vnode from the inode, check for aliases.