On Fri, Jul 18, 2025 at 4:42 PM Konstantin Belousov <kostik...@gmail.com> wrote:
> On Fri, Jul 18, 2025 at 10:06:56AM -0600, Alan Somers wrote: > > Should we move this logic up into kern_getdirentries? msdosfs is not the > > only file system vulnerable to this problem. > It is relatively hard to do in kern_getdirentries(), and perhaps would > cause a severe performance hit for filesystems that do not need it. > > The issue is that uio might be for UIO_USERSPACE (and less likely > UIO_NOCOPY). > So we must allocate the transient buffer, then call VOP_READDIR() for that > buffer, then do the validation, and then copyout to the final uio. > > Another thing, there are more VOP_READDIR() uses than only > kern_getdirents(). > Worst part, we do trust UFS and ZFS which are the most perf-sensitive. > > I did looked at generic checker, might be guided by some MNTK_-level flag, > but decided to just patch msdosfs. > > That explanation makes sense. I guess I need to patch fusefs, too. We definitely don't want to trust that one.
