mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,094,203 Commits 103 Branches 5,012 Tags 5.5 GiB
C 97.6%
Assembly 1%
Shell 0.5%
Python 0.3%
Makefile 0.3%
Go to file
Tyler Hicks 579c292b34 net/9p: Initialize the iounit field during fid creation 
[ Upstream commit aa7aeee169 ]

Ensure that the fid's iounit field is set to zero when a new fid is
created. Certain 9P operations, such as OPEN and CREATE, allow the
server to reply with an iounit size which the client code assigns to the
p9_fid struct shortly after the fid is created by p9_fid_create(). On
the other hand, an XATTRWALK operation doesn't allow for the server to
specify an iounit value. The iounit field of the newly allocated p9_fid
struct remained uninitialized in that case. Depending on allocation
patterns, the iounit value could have been something reasonable that was
carried over from previously freed fids or, in the worst case, could
have been arbitrary values from non-fid related usages of the memory
location.

The bug was detected in the Windows Subsystem for Linux 2 (WSL2) kernel
after the uninitialized iounit field resulted in the typical sequence of
two getxattr(2) syscalls, one to get the size of an xattr and another
after allocating a sufficiently sized buffer to fit the xattr value, to
hit an unexpected ERANGE error in the second call to getxattr(2). An
uninitialized iounit field would sometimes force rsize to be smaller
than the xattr value size in p9_client_read_once() and the 9P server in
WSL refused to chunk up the READ on the attr_fid and, instead, returned
ERANGE to the client. The virtfs server in QEMU seems happy to chunk up
the READ and this problem goes undetected there.

Link: https://lkml.kernel.org/r/20220710141402.803295-1-tyhicks@linux.microsoft.com
Fixes: ebf46264a0 ("fs/9p: Add support user. xattr")
Cc: stable@vger.kernel.org
Signed-off-by: Tyler Hicks <tyhicks@linux.microsoft.com>
Reviewed-by: Christian Schoenebeck <linux_oss@crudebyte.com>
Signed-off-by: Dominique Martinet <asmadeus@codewreck.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2022-08-17 14:42:24 +02:00
Documentation serial: 8250: Add proper clock handling for OxSemi PCIe devices 2022-08-17 14:42:23 +02:00
LICENSES LICENSES/LGPL-2.1: Add LGPL-2.1-or-later as valid identifiers 2021-12-16 14:33:10 +01:00
arch kexec, KEYS, s390: Make use of built-in and secondary keyring for signature verification 2022-08-17 14:42:23 +02:00
block block: ensure iov_iter advances for added pages 2022-08-17 14:41:57 +02:00
certs certs/blacklist_hashes.c: fix const confusion in certs blacklist 2022-06-22 14:28:03 +02:00
crypto crypto: blake2s - remove shash module 2022-08-17 14:42:20 +02:00
drivers dm thin: fix use-after-free crash in dm_sm_register_threshold_callback 2022-08-17 14:42:24 +02:00
fs __follow_mount_rcu(): verify that mount_lock remains unchanged 2022-08-17 14:42:20 +02:00
include tracing/events: Add __vstring() and __assign_vstr() helper macros 2022-08-17 14:42:23 +02:00
init stack: Declare {randomize_,}kstack_offset to fix Sparse warnings 2022-08-17 14:40:36 +02:00
io_uring io_uring: Don't require reinitable percpu_ref 2022-08-17 14:40:42 +02:00
ipc ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() 2022-06-09 10:30:30 +02:00
kernel kexec: clean up arch_kexec_kernel_verify_sig 2022-08-17 14:42:23 +02:00
lib crypto: blake2s - remove shash module 2022-08-17 14:42:20 +02:00
mm mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region 2022-08-17 14:41:55 +02:00
net net/9p: Initialize the iounit field during fid creation 2022-08-17 14:42:24 +02:00
samples samples/landlock: Format with clang-format 2022-06-09 10:30:46 +02:00
scripts scripts/faddr2line: Fix vmlinux detection on arm64 2022-08-17 14:42:15 +02:00
security selinux: Add boundary check in put_entry() 2022-08-17 14:40:26 +02:00
sound ASoC: mchp-spdifrx: disable end of block interrupt on failures 2022-08-17 14:42:10 +02:00
tools tools/thermal: Fix possible path truncations 2022-08-17 14:42:15 +02:00
usr Kbuild updates for v5.18 2022-03-31 11:59:03 -07:00
virt KVM: Don't set Accessed/Dirty bits for ZERO_PAGE 2022-08-17 14:41:37 +02:00
.clang-format genirq/msi: Make interrupt allocation less convoluted 2021-12-16 22:22:20 +01:00
.cocciconfig
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl 2019-05-16 10:53:40 -07:00
.gitattributes .gitattributes: use 'dts' diff driver for dts files 2019-12-04 19:44:11 -08:00
.gitignore .gitignore: ignore only top-level modules.builtin 2021-05-02 00:43:35 +09:00
.mailmap hotfixes for 5.18-rc7 2022-05-13 10:22:37 -07:00
COPYING COPYING: state that all contributions really are covered by this file 2020-02-10 13:32:20 -08:00
CREDITS MAINTAINERS: replace a Microchip AT91 maintainer 2022-02-09 11:30:01 +01:00
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y 2020-02-04 01:53:07 +09:00
Kconfig kbuild: ensure full rebuild when the compiler is updated 2020-05-12 13:28:33 +09:00
MAINTAINERS io_uring: move to separate directory 2022-08-17 14:40:41 +02:00
Makefile io_uring: move to separate directory 2022-08-17 14:40:41 +02:00
README Drop all 00-INDEX files from Documentation/ 2018-09-09 15:08:58 -06:00

README 

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.