svn commit: r361238 - head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs
Kyle Evans
kevans at FreeBSD.org
Tue May 19 02:41:05 UTC 2020
Author: kevans
Date: Tue May 19 02:41:05 2020
New Revision: 361238
URL: https://svnweb.freebsd.org/changeset/base/361238
Log:
zfs: reject read(2) of a dirfd with EISDIR
This is independent of the recently-discussed global change, which is still
in review/discussion stage.
This is effectively a measure for consistency in the ZFS world, where
FreeBSD was the only platform (as far as I could find) that allowed this.
What ZFS exposes is decidedly not useful for any real purposes, to
paraphrase (hopefully faithfully) jhb's findings when exploring this:
The size of a directory in ZFS is the number of directory entries within.
When reading a directory, you would instead get the leading part of its raw
contents; the amount you get being dictated by the "size," i.e. number of
directory entries. There's decidedly (luckily) no stack disclosure happening
here, though the behavior is bizarre and almost certainly a historical
accident.
This change has already been upstreamed to OpenZFS.
MFC after: 1 week
Modified:
head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
Modified: head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c
==============================================================================
--- head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Tue May 19 02:07:08 2020 (r361237)
+++ head/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_vnops.c Tue May 19 02:41:05 2020 (r361238)
@@ -646,6 +646,12 @@ zfs_read(vnode_t *vp, uio_t *uio, int ioflag, cred_t *
ZFS_ENTER(zfsvfs);
ZFS_VERIFY_ZP(zp);
+ /* We don't copy out anything useful for directories. */
+ if (vp->v_type == VDIR) {
+ ZFS_EXIT(zfsvfs);
+ return (SET_ERROR(EISDIR));
+ }
+
if (zp->z_pflags & ZFS_AV_QUARANTINED) {
ZFS_EXIT(zfsvfs);
return (SET_ERROR(EACCES));
More information about the svn-src-head
mailing list