Module Name: src Committed By: bouyer Date: Mon Apr 21 10:17:49 UTC 2014
Modified Files: src/external/cddl/osnet/dist/uts/common/fs/zfs [netbsd-6-1]: zfs_vfsops.c src/sys/coda [netbsd-6-1]: coda_vfsops.c src/sys/fs/adosfs [netbsd-6-1]: advfsops.c src/sys/fs/cd9660 [netbsd-6-1]: cd9660_vfsops.c src/sys/fs/efs [netbsd-6-1]: efs_vfsops.c src/sys/fs/filecorefs [netbsd-6-1]: filecore_vfsops.c src/sys/fs/hfs [netbsd-6-1]: hfs_vfsops.c src/sys/fs/msdosfs [netbsd-6-1]: msdosfs_vfsops.c src/sys/fs/nilfs [netbsd-6-1]: nilfs_vfsops.c src/sys/fs/ntfs [netbsd-6-1]: ntfs_vfsops.c src/sys/fs/ptyfs [netbsd-6-1]: ptyfs_vfsops.c src/sys/fs/puffs [netbsd-6-1]: puffs_vfsops.c src/sys/fs/smbfs [netbsd-6-1]: smbfs_vfsops.c src/sys/fs/sysvbfs [netbsd-6-1]: sysvbfs_vfsops.c src/sys/fs/tmpfs [netbsd-6-1]: tmpfs_vfsops.c src/sys/fs/udf [netbsd-6-1]: udf_vfsops.c src/sys/fs/union [netbsd-6-1]: union_vfsops.c src/sys/fs/unionfs [netbsd-6-1]: unionfs_vfsops.c src/sys/fs/v7fs [netbsd-6-1]: v7fs_vfsops.c src/sys/kern [netbsd-6-1]: vfs_syscalls.c src/sys/miscfs/nullfs [netbsd-6-1]: null_vfsops.c src/sys/miscfs/overlay [netbsd-6-1]: overlay_vfsops.c src/sys/miscfs/procfs [netbsd-6-1]: procfs_vfsops.c src/sys/miscfs/umapfs [netbsd-6-1]: umap_vfsops.c src/sys/nfs [netbsd-6-1]: nfs_vfsops.c src/sys/ufs/chfs [netbsd-6-1]: chfs_vfsops.c src/sys/ufs/ext2fs [netbsd-6-1]: ext2fs_vfsops.c src/sys/ufs/ffs [netbsd-6-1]: ffs_vfsops.c src/sys/ufs/lfs [netbsd-6-1]: lfs_vfsops.c src/sys/ufs/mfs [netbsd-6-1]: mfs_vfsops.c Log Message: Pull up following revision(s) (requested by maxv in ticket #1050): sys/ufs/chfs/chfs_vfsops.c: revision 1.11 sys/fs/unionfs/unionfs_vfsops.c: revision 1.13 sys/fs/nilfs/nilfs_vfsops.c: revision 1.16 sys/ufs/mfs/mfs_vfsops.c: revision 1.107 sys/fs/sysvbfs/sysvbfs_vfsops.c: revision 1.43 sys/ufs/ffs/ffs_vfsops.c: revision 1.297 sys/kern/vfs_syscalls.c: revision 1.478 sys/kern/vfs_syscalls.c: revision 1.479 sys/fs/puffs/puffs_vfsops.c: revision 1.110 sys/fs/cd9660/cd9660_vfsops.c: revision 1.84 sys/nfs/nfs_vfsops.c: revision 1.227 sys/fs/v7fs/v7fs_vfsops.c: revision 1.10 sys/ufs/ext2fs/ext2fs_vfsops.c: revision 1.180 sys/miscfs/umapfs/umap_vfsops.c: revision 1.92 sys/fs/filecorefs/filecore_vfsops.c: revision 1.76 sys/miscfs/nullfs/null_vfsops.c: revision 1.88 sys/fs/ptyfs/ptyfs_vfsops.c: revision 1.50 sys/coda/coda_vfsops.c: revision 1.81 sys/ufs/lfs/lfs_vfsops.c: revision 1.321 sys/fs/tmpfs/tmpfs_vfsops.c: revision 1.59 sys/fs/hfs/hfs_vfsops.c: revision 1.31 sys/miscfs/overlay/overlay_vfsops.c: revision 1.61 sys/fs/union/union_vfsops.c: revision 1.72 sys/fs/ntfs/ntfs_vfsops.c: revision 1.94 sys/kern/vfs_syscalls.c: revision 1.480 sys/fs/efs/efs_vfsops.c: revision 1.25 sys/kern/vfs_syscalls.c: revision 1.482 sys/fs/msdosfs/msdosfs_vfsops.c: revision 1.107 external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vfsops.c: revision 1.12 sys/miscfs/procfs/procfs_vfsops.c: revision 1.91 sys/fs/smbfs/smbfs_vfsops.c: revision 1.100 sys/fs/adosfs/advfsops.c: revision 1.70 sys/fs/udf/udf_vfsops.c: revision 1.67 Limit check for 'data_len'. Otherwise a (un)privileged user can easily panic the system by passing a huge size. ok christos@ An (un)privileged user can easily make the kernel dereference a NULL pointer. The kernel allows 'data' to be NULL; it's the fs's responsibility to ensure that it isn't NULL (if the fs actually needs data). ok christos@ Some fs's - like kernfs - set their vfs_min_mount_data to zero. Add a check to prevent an (un)privileged user from requesting a zero-sized allocation (and thus a panic). This thing is totally buggy: 'data_len' is modified by the fs, so calling kmem_free with it while its value has changed since the kmem_alloc is far from being a good idea. If the kernel figures out that something mismatches, it will panic (typically with kernfs). To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.7.10.1 \ src/external/cddl/osnet/dist/uts/common/fs/zfs/zfs_vfsops.c cvs rdiff -u -r1.70 -r1.70.14.1 src/sys/coda/coda_vfsops.c cvs rdiff -u -r1.63 -r1.63.12.1 src/sys/fs/adosfs/advfsops.c cvs rdiff -u -r1.74 -r1.74.12.1 src/sys/fs/cd9660/cd9660_vfsops.c cvs rdiff -u -r1.22 -r1.22.14.1 src/sys/fs/efs/efs_vfsops.c cvs rdiff -u -r1.68 -r1.68.12.1 src/sys/fs/filecorefs/filecore_vfsops.c cvs rdiff -u -r1.27.8.1 -r1.27.8.1.6.1 src/sys/fs/hfs/hfs_vfsops.c cvs rdiff -u -r1.93.6.1 -r1.93.6.1.6.1 src/sys/fs/msdosfs/msdosfs_vfsops.c cvs rdiff -u -r1.8 -r1.8.12.1 src/sys/fs/nilfs/nilfs_vfsops.c cvs rdiff -u -r1.87 -r1.87.20.1 src/sys/fs/ntfs/ntfs_vfsops.c cvs rdiff -u -r1.42.18.1 -r1.42.18.1.4.1 src/sys/fs/ptyfs/ptyfs_vfsops.c cvs rdiff -u -r1.100.8.2 -r1.100.8.2.6.1 src/sys/fs/puffs/puffs_vfsops.c cvs rdiff -u -r1.95 -r1.95.22.1 src/sys/fs/smbfs/smbfs_vfsops.c cvs rdiff -u -r1.38.6.1 -r1.38.6.1.6.1 src/sys/fs/sysvbfs/sysvbfs_vfsops.c cvs rdiff -u -r1.52 -r1.52.22.1 src/sys/fs/tmpfs/tmpfs_vfsops.c cvs rdiff -u -r1.62 -r1.62.12.1 src/sys/fs/udf/udf_vfsops.c cvs rdiff -u -r1.67 -r1.67.8.1 src/sys/fs/union/union_vfsops.c cvs rdiff -u -r1.9 -r1.9.18.1 src/sys/fs/unionfs/unionfs_vfsops.c cvs rdiff -u -r1.5.6.1 -r1.5.6.1.6.1 src/sys/fs/v7fs/v7fs_vfsops.c cvs rdiff -u -r1.449.2.2 -r1.449.2.2.6.1 src/sys/kern/vfs_syscalls.c cvs rdiff -u -r1.83 -r1.83.20.1 src/sys/miscfs/nullfs/null_vfsops.c cvs rdiff -u -r1.56 -r1.56.20.1 src/sys/miscfs/overlay/overlay_vfsops.c cvs rdiff -u -r1.86 -r1.86.14.1 src/sys/miscfs/procfs/procfs_vfsops.c cvs rdiff -u -r1.86 -r1.86.20.1 src/sys/miscfs/umapfs/umap_vfsops.c cvs rdiff -u -r1.220 -r1.220.16.1 src/sys/nfs/nfs_vfsops.c cvs rdiff -u -r1.2 -r1.2.10.1 src/sys/ufs/chfs/chfs_vfsops.c cvs rdiff -u -r1.162 -r1.162.12.1 src/sys/ufs/ext2fs/ext2fs_vfsops.c cvs rdiff -u -r1.275.2.2 -r1.275.2.2.4.1 src/sys/ufs/ffs/ffs_vfsops.c cvs rdiff -u -r1.293.2.1 -r1.293.2.1.6.1 src/sys/ufs/lfs/lfs_vfsops.c cvs rdiff -u -r1.103 -r1.103.22.1 src/sys/ufs/mfs/mfs_vfsops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.