Go to file
Matthew Ahrens 169ab07cc8 OpenZFS 7263 - deeply nested nvlist can overflow stack
nvlist_pack() and nvlist_unpack are implemented recursively, which can
cause the stack to overflow with a deeply nested nvlist; i.e. an nvlist
which contains an nvlist, which contains an nvlist, which...

Unprivileged users can pass an nvlist to the kernel via certain ioctls
on /dev/zfs, which the kernel will unpack without additional permission
checking or validation. Therefore, an unprivileged user can cause the
kernel's stack to overflow and panic.

Ideally, these functions would be implemented non-recursively. As a
quick fix, this patch limits the depth of the recursion and returns an
error when attempting to pack and unpack a deeply-nested nvlist.

Signed-off-by: Adam Leventhal <ahl@delphix.com>
Signed-off-by: George Wilson <george.wilson@delphix.com>
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Ported-by: Prakash Surya <prakash.surya@delphix.com>

OpenZFS-issue: https://www.illumos.org/issues/7263
OpenZFS-commit: https://github.com/openzfs/openzfs/commit/0511d6d

-
2016-08-11 15:58:03 -07:00
cmd Fix infinite loop when zdb -R with d flag 2016-08-11 15:21:32 -07:00
config Use file_dentry and file_inode wrappers 2016-08-11 12:06:37 -07:00
contrib Set proper dependency for string replacement targets 2016-08-02 10:28:29 -07:00
etc Set proper dependency for string replacement targets 2016-08-02 10:28:29 -07:00
include Use file_dentry and file_inode wrappers 2016-08-11 12:06:37 -07:00
lib Fix indefinite article 2016-08-11 11:23:49 -07:00
man Limit the amount of dnode metadata in the ARC 2016-07-25 15:26:38 -07:00
module OpenZFS 7263 - deeply nested nvlist can overflow stack 2016-08-11 15:58:03 -07:00
rpm Add missing RPM BuildRequires 2016-05-23 10:33:42 -07:00
scripts zloop: print backtrace from core files 2016-07-25 11:47:21 -07:00
tests Enable history test cases 2016-07-27 13:38:46 -07:00
udev Set proper dependency for string replacement targets 2016-08-02 10:28:29 -07:00
.gitignore Illumos Crypto Port module added to enable native encryption in zfs 2016-07-20 10:43:30 -07:00
.gitmodules Add zimport.sh compatibility test script 2014-02-21 12:10:31 -08:00
AUTHORS Add a missing > to AUTHORS 2014-09-02 14:18:53 -07:00
autogen.sh build: do not call boilerplate ourself 2013-04-02 10:55:20 -07:00
configure.ac Illumos Crypto Port module added to enable native encryption in zfs 2016-07-20 10:43:30 -07:00
copy-builtin Illumos Crypto Port module added to enable native encryption in zfs 2016-07-20 10:43:30 -07:00
COPYRIGHT Update ZED copyright boilerplate 2015-05-11 15:07:00 -07:00
DISCLAIMER Fix minor typos and update marketing copy. 2013-03-21 12:51:06 -07:00
Makefile.am Add make lint target 2016-08-02 09:25:43 -07:00
META Tag zfs-0.6.5 2015-09-11 11:16:38 -07:00
OPENSOLARIS.LICENSE Add CDDL license file 2008-12-01 14:49:34 -08:00
README.markdown Fix minor typos and update marketing copy. 2013-03-21 12:51:06 -07:00
TEST Add the ZFS Test Suite 2016-03-16 13:46:16 -07:00
zfs-script-config.sh.in Illumos Crypto Port module added to enable native encryption in zfs 2016-07-20 10:43:30 -07:00
zfs.release.in Move zfs.release generation to configure step 2012-07-12 12:22:51 -07:00

Native ZFS for Linux!

ZFS is an advanced file system and volume manager which was originally developed for Solaris and is now maintained by the Illumos community.

ZFS on Linux, which is also known as ZoL, is currently feature complete. It includes fully functional and stable SPA, DMU, ZVOL, and ZPL layers.

Full documentation for installing ZoL on your favorite Linux distribution can be found at: http://zfsonlinux.org