On Tue, Jan 07, 2025 at 04:50:08PM +0100, Ilya Dryomov wrote: > From: Max Kellermann <max.kellermann@xxxxxxxxx> > > commit 550f7ca98ee028a606aa75705a7e77b1bd11720f upstream. > > If the full path to be built by ceph_mdsc_build_path() happens to be > longer than PATH_MAX, then this function will enter an endless (retry) > loop, effectively blocking the whole task. Most of the machine > becomes unusable, making this a very simple and effective DoS > vulnerability. > > I cannot imagine why this retry was ever implemented, but it seems > rather useless and harmful to me. Let's remove it and fail with > ENAMETOOLONG instead. > > Cc: stable@xxxxxxxxxxxxxxx > Reported-by: Dario Weißer <dario@xxxxxxxxx> > Signed-off-by: Max Kellermann <max.kellermann@xxxxxxxxx> > Reviewed-by: Alex Markuze <amarkuze@xxxxxxxxxx> > Signed-off-by: Ilya Dryomov <idryomov@xxxxxxxxx> > [idryomov@xxxxxxxxx: backport to 6.6: pr_warn() is still in use] > --- > fs/ceph/mds_client.c | 9 ++++----- > 1 file changed, 4 insertions(+), 5 deletions(-) Thank you, I've dropped the "large" ceph patches from 6.6.y now and added this one instead. greg k-h