mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-09 01:59:41 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/nfs
History
Nikola Livic 1fbea60ea6 pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() 
[ Upstream commit ed34695e15 ]

We (adam zabrocki, alexander matrosov, alexander tereshkin, maksym
bazalii) observed the check:

	if (fh->size > sizeof(struct nfs_fh))

should not use the size of the nfs_fh struct which includes an extra two
bytes from the size field.

struct nfs_fh {
	unsigned short         size;
	unsigned char          data[NFS_MAXFHSIZE];
}

but should determine the size from data[NFS_MAXFHSIZE] so the memcpy
will not write 2 bytes beyond destination.  The proposed fix is to
compare against the NFS_MAXFHSIZE directly, as is done elsewhere in fs
code base.

Fixes: d67ae825a5 ("pnfs/flexfiles: Add the FlexFile Layout Driver")
Signed-off-by: Nikola Livic <nlivic@gmail.com>
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Trond Myklebust <trond.myklebust@hammerspace.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2021-05-19 10:13:03 +02:00
..
blocklayout treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
filelayout treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
flexfilelayout pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() 2021-05-19 10:13:03 +02:00
cache_lib.c
cache_lib.h
callback.c SUNRPC: Cache the process user cred in the RPC server listener 2019-04-24 09:46:35 -04:00
callback.h NFSv4: Add support for CB_RECALL_ANY for flexfiles layouts 2020-03-16 08:34:30 -04:00
callback_proc.c NFSv4: Add support for CB_RECALL_ANY for flexfiles layouts 2020-03-16 08:34:30 -04:00
callback_xdr.c NFS4: Report callback authentication errors 2020-01-15 10:54:31 -05:00
client.c NFSv4.2: query the server for extended attribute support 2020-07-13 17:52:45 -04:00
delegation.c NFS: nfs_delegation_find_inode_server must first reference the superblock 2021-01-19 18:27:31 +01:00
delegation.h NFSv4: Ensure the delegation is pinned in nfs_do_return_delegation() 2020-02-13 16:18:50 -05:00
dir.c NFS: Don't gratuitously clear the inode cache when lookup failed 2021-03-17 17:06:33 +01:00
direct.c NFS client updates for Linux 5.9 2020-08-15 08:26:55 -07:00
dns_resolve.c NFS: remove duplicate headers 2020-05-27 10:10:12 -04:00
dns_resolve.h
export.c NFS: Add a tracepoint in nfs_fh_to_dentry() 2019-11-03 21:28:46 -05:00
file.c NFS client updates for Linux 5.9 2020-08-15 08:26:55 -07:00
fs_context.c NFS: fs_context: validate UDP retrans to prevent shift out-of-bounds 2021-05-11 14:47:34 +02:00
fscache-index.c nfs: fscache: use timespec64 in inode auxdata 2020-01-15 10:54:30 -05:00
fscache.c NFSv4: Fix fscache cookie aux_data to ensure change_attr is included 2020-05-08 22:20:24 +01:00
fscache.h nfs: fscache: use timespec64 in inode auxdata 2020-01-15 10:54:30 -05:00
getroot.c NFS: Ensure security label is set for root inode 2020-03-30 19:56:50 -04:00
inode.c NFS: Deal correctly with attribute generation counter overflow 2021-05-19 10:13:02 +02:00
internal.h NFS: nfs_igrab_and_active must first reference the superblock 2021-01-19 18:27:31 +01:00
io.c NFS: Fix up documentation warnings 2019-02-20 15:14:21 -05:00
iostat.h
Kconfig nfs: fix PNFS_FLEXFILE_LAYOUT Kconfig default 2021-03-30 14:31:49 +02:00
Makefile NFSv4.2: add client side xattr caching. 2020-07-13 17:52:46 -04:00
mount_clnt.c NFSv3: fix rpc receive buffer size for MOUNT call 2020-05-14 18:42:44 -04:00
namespace.c NFS: fix nfs_path in case of a rename retry 2020-10-06 10:21:18 -04:00
netns.h NFS: Add sysfs support for per-container identifier 2019-07-06 14:54:49 -04:00
nfs.h
nfs2super.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nfs2xdr.c nfs: remove timespec from xdr_encode_nfstime 2020-01-15 10:54:30 -05:00
nfs3_fs.h NFS: Additional refactoring for fs_context conversion 2020-01-15 10:15:17 -05:00
nfs3acl.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
nfs3client.c NFS: Additional refactoring for fs_context conversion 2020-01-15 10:15:17 -05:00
nfs3proc.c NFS: move dprintk after nfs_alloc_fattr in nfs3_proc_lookup 2020-05-27 10:08:26 -04:00
nfs3super.c treewide: Add SPDX license identifier for more missed files 2019-05-21 10:50:45 +02:00
nfs3xdr.c NFS: Correct size calculation for create reply length 2021-03-30 14:31:49 +02:00
nfs4_fs.h NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE 2020-10-02 08:43:09 -04:00
nfs4client.c NFS: Add READ_PLUS data segment support 2020-10-07 14:28:39 -04:00
nfs4file.c NFSv4.2: Fix 5 seconds delay when doing inter server copy 2020-12-10 16:48:03 -05:00
nfs4getroot.c
nfs4idmap.c NFS: Only reference user namespace from nfs4idmap struct instead of cred 2020-10-13 15:56:54 -04:00
nfs4idmap.h
nfs4namespace.c nfs: Fix memory leak of export_path 2020-06-26 08:43:14 -04:00
nfs4proc.c NFS: nfs4_bitmask_adjust() must not change the server global bitmasks 2021-05-19 10:13:02 +02:00
nfs4renewd.c NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals 2020-02-04 12:27:55 -05:00
nfs4session.c treewide: Add SPDX license identifier for missed files 2019-05-21 10:50:45 +02:00
nfs4session.h NFSv4.1: Bump the default callback session slot count to 16 2019-03-02 16:25:26 -05:00
nfs4state.c treewide: Use fallthrough pseudo-keyword 2020-08-23 17:36:59 -05:00
nfs4super.c NFS: Adjust fs_context error logging 2021-01-19 18:27:30 +01:00
nfs4sysctl.c
nfs4trace.c pNFS/flexfiles: Add tracing for layout errors 2020-01-15 10:54:33 -05:00
nfs4trace.h NFSv4: Wait for stateid updates after CLOSE/OPEN_DOWNGRADE 2020-10-02 08:43:09 -04:00
nfs4xdr.c NFSv4: Fix the alignment of page data in the getdeviceinfo reply 2020-12-30 11:53:30 +01:00
nfs42.h NFSv4.2: add the extended attribute proc functions. 2020-07-13 17:52:45 -04:00
nfs42proc.c NFSv4.2: Always flush out writes in nfs42_proc_fallocate() 2021-05-19 10:13:02 +02:00
nfs42xattr.c NFSv4.2: fix failure to unregister shrinker 2020-11-12 10:40:02 -05:00
nfs42xdr.c NFSv4.2: Don't error when exiting early on a READ_PLUS buffer overflow 2021-01-06 14:56:55 +01:00
nfsroot.c nfsroot: Default mount option should ask for built-in NFS version 2020-11-02 10:29:03 -05:00
nfstrace.c
nfstrace.h nfs: define and use the NFS_INO_INVALID_XATTR flag 2020-07-13 17:52:45 -04:00
pagelist.c pNFS/flexfiles: Fix array overflow when flexfiles mirroring is enabled 2020-11-30 10:52:22 -05:00
pnfs.c NFSv4: Don't discard segments marked for return in _pnfs_return_layout() 2021-05-11 14:47:34 +02:00
pnfs.h pNFS: We want return-on-close to complete when evicting the inode 2021-01-19 18:27:30 +01:00
pnfs_dev.c NFS/flexfiles: Speed up read failover when DSes are down 2019-03-01 22:37:38 -05:00
pnfs_nfs.c NFS/pNFS: Don't leak DS commits in pnfs_generic_retry_commit() 2021-01-19 18:27:31 +01:00
proc.c NFS: Add softreval behaviour to nfs_lookup_revalidate() 2020-01-24 16:51:13 -05:00
read.c NFS: Trace short NFS READs 2020-06-11 13:33:48 -04:00
super.c The one new feature this time, from Anna Schumaker, is READ_PLUS, which 2020-10-22 09:44:27 -07:00
symlink.c nfs: pass the correct prototype to read_cache_page 2019-05-09 16:26:57 -04:00
sysctl.c
sysfs.c NFSv4: Fix up RCU annotations for struct nfs_netns_client 2020-10-15 13:31:08 -04:00
sysfs.h NFSv4: Fix up RCU annotations for struct nfs_netns_client 2020-10-15 13:31:08 -04:00
unlink.c NFS: Avoid referencing the cred twice in async rename/unlink 2020-03-16 08:34:29 -04:00
write.c mm/writeback: discard NR_UNSTABLE_NFS, use NR_WRITEBACK instead 2020-06-02 10:59:08 -07:00