Linux Kernel Btrfs Subvolume Relocation Vulnerability

A vulnerability in the Linux kernel's Btrfs file system allows for the improper relocation of subvolumes that are only partially deleted. This issue can lead to transaction errors during balance operations, as the file system encounters missing backreferences for certain data extents. The problem arises because Btrfs does not correctly handle the cleanup of orphaned subvolumes, particularly those that were dropped before a read-write mount. As a result, 'zombie' subvolumes can persist, causing confusion and errors during file system operations.

Impact

The vulnerability can cause transaction aborts during Btrfs balance operations, leading to disruptions in file system management and potential data handling issues.

Reproduction

The vulnerability can be reproduced by creating multiple subvolumes and then partially dropping some of them. Afterward, a Btrfs balance operation can be initiated, which will trigger the transaction abort error related to the missing backreferences for the dropped subvolumes. This issue can also be observed by running 'btrfs check' on the file system, which will not report any errors, despite the underlying problem with the subvolume references.

Remediation

Users can upgrade to a patched version of the Linux kernel that includes the Btrfs subvolume relocation fix. Instructions for downloading the latest kernel version can be found on the official Linux kernel website.