Multiple data corruption issues in zfs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
zfs-linux (Ubuntu) |
Fix Released
|
Undecided
|
Dimitri John Ledkov | ||
Xenial |
Confirmed
|
Low
|
Unassigned | ||
Bionic |
Confirmed
|
Medium
|
Unassigned | ||
Focal |
Fix Released
|
Medium
|
Dimitri John Ledkov | ||
Jammy |
Fix Released
|
High
|
Dimitri John Ledkov | ||
Lunar |
Won't Fix
|
Undecided
|
Unassigned | ||
Mantic |
Fix Released
|
High
|
Dimitri John Ledkov | ||
Noble |
Fix Released
|
Undecided
|
Dimitri John Ledkov |
Bug Description
[ Impact ]
* Multiple data corruption issues have been identified and fixed in ZFS. Some of them, at varying real-life reproducibility frequency have been deterimed to affect very old zfs releases. Recommendation is to upgrade to 2.2.2 or 2.1.14 or backport dnat patch alone. This is to ensure users get other potentially related fixes and runtime tunables to possibly mitigate other bugs that are related and are being fixed upstream for future releases.
* For jammy the 2.1.14 upgrade will bring HWE kernel support and also compatiblity/
* In the absence of the upgrade a cherry-pick will address this particular popular issue alone - without addressing other issues w.r.t. Redbleed / SLS, bugfixes around trim support, and other related improvements that were discovered and fixed around the same time as this popular issue.
[ Test Plan ]
* !!! Danger !!! use reproducer from https:/
* autopkgtest pass (from https:/
* adt-matrix pass (from https:/
* kernel regression zfs testsuite pass (from Kernel team RT test results summary, private)
* zsys integration test pass (upgrade of zsys installed systems for all releases)
* zsys install test pass (for daily images of LTS releases only that have such installer support, as per iso tracker test case)
* LXD (ping LXD team to upgrade vendored in tooling to 2.2.2 and 2.1.14, and test LXD on these updated kernels)
[ Where problems could occur ]
* Upgrade to 2.1.14 on jammy with SLS mitigations compatiblity will introduce slight slow down on amd64 (for hw accelerated assembly code-paths only in the encryption primitives)
* Uncertain of the perfomance impact of the extra checks in dnat patch fix itself. Possibly affecting speed of operation, at the benefit of correctness.
* The cherry-picked patch ("dnat"? dnode) changes the dirty data check, but
only makes it stronger and not weaker, thus if it were incorrect, likely
only performance would be impacted (and it is unlikely to be incorrect
given upstream reviews and attention to data corruption issues; also,
there are no additional changes to that function upstream)
[ Other Info ]
* https:/
Changed in zfs-linux (Ubuntu Mantic): | |
importance: | Undecided → High |
Changed in zfs-linux (Ubuntu Lunar): | |
importance: | Undecided → High |
Changed in zfs-linux (Ubuntu Jammy): | |
importance: | Undecided → High |
Changed in zfs-linux (Ubuntu Focal): | |
importance: | Undecided → Medium |
Changed in zfs-linux (Ubuntu Bionic): | |
importance: | Undecided → Medium |
Changed in zfs-linux (Ubuntu Xenial): | |
importance: | Undecided → Low |
Changed in zfs-linux (Ubuntu Lunar): | |
importance: | High → Medium |
description: | updated |
Changed in zfs-linux (Ubuntu Mantic): | |
status: | Confirmed → In Progress |
Changed in zfs-linux (Ubuntu Noble): | |
status: | Fix Committed → Fix Released |
Changed in zfs-linux (Ubuntu Lunar): | |
status: | Confirmed → Won't Fix |
description: | updated |
Changed in zfs-linux (Ubuntu Mantic): | |
status: | Incomplete → In Progress |
Changed in zfs-linux (Ubuntu Jammy): | |
status: | Confirmed → In Progress |
Changed in zfs-linux (Ubuntu Focal): | |
status: | Confirmed → In Progress |
Changed in zfs-linux (Ubuntu Lunar): | |
assignee: | Dimitri John Ledkov (xnox) → nobody |
Changed in zfs-linux (Ubuntu Focal): | |
assignee: | nobody → Dimitri John Ledkov (xnox) |
Changed in zfs-linux (Ubuntu Lunar): | |
importance: | Medium → Undecided |
description: | updated |
There is also a CVE that seems to be caused by the same bug: https:/ /nvd.nist. gov/vuln/ detail/ CVE-2023- 49298