Robert Watson be80264279 Properly bounds check ioctl/pioctl data arguments for Coda:
1. Use unsigned rather than signed lengths
2. Bound messages to/from Venus to VC_MAXMSGSIZE
3. Bound messages to/from general user processes to VC_MAXDATASIZE
4. Update comment regarding data limits for pioctl

Without (1) and (3), it may be possible for unprivileged user processes to
read sensitive portions of kernel memory.  This issue is only present if
the Coda kernel module is loaded and venus (the userspace Coda daemon) is
running and has /coda mounted.

As Coda is considered experimental and production use is warned against in
the coda(4) man page, and because Coda must be explicitly configured for a
configuration to be vulnerable, we won't be issuing a security advisory.
However, if you are using Coda, then you are advised to apply these fixes.

Reported by:	Dan J. Rosenberg <drosenberg at vsecurity.com>
Obtained from:	NetBSD (Christos Zoulas)
Security:	Kernel memory disclosure; no advisory as feature experimental
MFC after:	3 days
2010-08-07 08:08:14 +00:00
..

$FreeBSD$

                Announcing the Availability of the
                        Coda Distributed
                           Filesystem
                              for
                         BSD Unix Systems

        Coda is a distributed filesystem like NFS and AFS.  It is
freely available, like NFS.  But it functions much like AFS in being a
"stateful" filesystem.  Coda and AFS cache files on your local
machine to improve performance.  But Coda goes a step further than AFS
by letting you access the cached files when there is no available
network, viz. disconnected laptops and network outages.  In Coda, both
the client and server are outside the kernel which makes them easier
to experiment with.

To get more information on Coda, I would like to refer people to
        http://www.coda.cs.cmu.edu
There is a wealth of documents, papers, and theses there.  There is
also a good introduction to the Coda File System in
        http://www.coda.cs.cmu.edu/ljpaper/lj.html

Coda was originally developed as an academic prototype/testbed.  It is
being polished and rewritten where necessary.  Coda is a work in
progress and does have bugs.  It is, though, very usable.  Our
interest is in making Coda available to as many people as possible and
to have Coda evolve and flourish.

The bulk of the Coda filesystem code supports the Coda client
program, the Coda server program and the utilities needed by both.
All these programs are unix programs and can run equally well on any
Unix platform.  Our main development thrust is improving these
programs.  There is a small part of Coda that deals with the kernel to
filesystem interface.  This code is OS specific (but should not be
platform specific).

Coda is currently available for several OS's and platforms:
        Freebsd-2.2.5: i386
        Freebsd-2.2.6: i386
	Freebsd -current: i386
        linux 2.0: i386 & sparc
        linux 2.1: i386 & sparc
        NetBSD 1.3: i386
	NetBSD -current: i386
The relevant sources, binaries, and docs can be found in
        ftp://ftp.coda.cs.cmu.edu/pub/coda/

We intend to come out with new Coda releases often, not daily.  We
don't want to slight any OS/platform not mentioned above.  We are just
limited in our resources as to what we can support internally.  We
will be happy to integrate OpenBSD support as well as other OS
support.  Also, adding platform support should be relatively easy and
we can discuss this.  The only difficulty is that Coda has a light weight
process package.  It does some manipulations in assembler which would
have to be redone for a different platform.

There are several mailing lists @coda.cs.cmu.edu that discuss coda:
coda-announce and linux-coda.  We are going to revise linux-coda to be
OS neutral, since it is mainly Coda we want to discuss.  We appreciate
comments, feedback, bug reports, bug fixes, enhancements, etc.