Re: [PATCH] cifs: Convert struct fealist away from 1-element array

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Greg,

On Sun, Feb 18, 2024 at 10:31:29AM +0100, Greg Kroah-Hartman wrote:
> On Sun, Feb 18, 2024 at 12:50:16AM +0300, Vitaly Chikunov wrote:
> > 
> > On Sat, Feb 10, 2024 at 01:21:45PM +0300, Vitaly Chikunov wrote:
> > > On Sat, Feb 10, 2024 at 10:19:46AM +0000, Greg Kroah-Hartman wrote:
> > > > On Sat, Feb 10, 2024 at 03:33:14AM +0300, Vitaly Chikunov wrote:
> > > > > 
> > > > > Can you please backport this commit (below) to a stable 6.1.y tree, it's
> > > > > confirmed be Kees this could cause kernel panic due to false positive
> > > > > strncpy fortify, and this is already happened for some users.
> > > > 
> > > > What is the git commit id?
> > > 
> > > 398d5843c03261a2b68730f2f00643826bcec6ba
> > 
> > Can you please apply this to the next 6.1.y release?
> > 
> > There is still non-theoretical crash as reported in
> >   https://lore.kernel.org/all/qjyfz2xftsbch6aozgplxyjfyqnuhn7j44udrucls4pqa5ey35@adxvvrdtagqf/
> > 
> > If commit hash was not enough:
> > 
> >   commit 398d5843c03261a2b68730f2f00643826bcec6ba
> >   Author:     Kees Cook <keescook@xxxxxxxxxxxx>
> >   AuthorDate: Tue Feb 14 16:08:39 2023 -0800
> > 
> >       cifs: Convert struct fealist away from 1-element array
> > 
> > The commit is in mainline and is applying well to linux-6.1.y:
> > 
> >   (linux-6.1.y)$ git cherry-pick 398d5843c03261a2b68730f2f00643826bcec6ba
> >   Auto-merging fs/smb/client/cifspdu.h
> >   Auto-merging fs/smb/client/cifssmb.c
> >   [linux-6.1.y 4a80b516f202] cifs: Convert struct fealist away from 1-element array
> >    Author: Kees Cook <keescook@xxxxxxxxxxxx>
> >    Date: Tue Feb 14 16:08:39 2023 -0800
> >    2 files changed, 10 insertions(+), 10 deletions(-)
> 
> It does not apply cleanly due to renames, can you provide a backported,
> and tested, patch please?

I cannot test it solves the bug since I don't use software that triggers
the crash. But crash logic is obvious - sizeof of first element of char
array is 1 byte and fortify code for strncpy issues panic. The patch is
obviously missed.

I can send that patch that is result of my git applying cleanly 398d5843c03261a2b68730f2f00643826bcec6ba.
And I will try to build kernel and ensure it compiles well.
Will this be enough?

Thanks,

> 
> thanks,
> 
> greg k-h




[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux