5.4-stable patches

added patches:
	f2fs-explicitly-null-terminate-the-xattr-list.patch
	series

diff --git a/queue-5.4/f2fs-explicitly-null-terminate-the-xattr-list.patch b/queue-5.4/f2fs-explicitly-null-terminate-the-xattr-list.patch
new file mode 100644 (file)
index 0000000..264b0b9
--- /dev/null
+++ b/queue-5.4/f2fs-explicitly-null-terminate-the-xattr-list.patch
@@ -0,0 +1,36 @@
+From e26b6d39270f5eab0087453d9b544189a38c8564 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 6 Nov 2023 20:44:34 -0800
+Subject: f2fs: explicitly null-terminate the xattr list
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit e26b6d39270f5eab0087453d9b544189a38c8564 upstream.
+
+When setting an xattr, explicitly null-terminate the xattr list.  This
+eliminates the fragile assumption that the unused xattr space is always
+zeroed.
+
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Reviewed-by: Chao Yu <chao@kernel.org>
+Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/f2fs/xattr.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/fs/f2fs/xattr.c
++++ b/fs/f2fs/xattr.c
+@@ -722,6 +722,12 @@ static int __f2fs_setxattr(struct inode
+               memcpy(pval, value, size);
+               last->e_value_size = cpu_to_le16(size);
+               new_hsize += newsize;
++              /*
++               * Explicitly add the null terminator.  The unused xattr space
++               * is supposed to always be zeroed, which would make this
++               * unnecessary, but don't depend on that.
++               */
++              *(u32 *)((u8 *)last + newsize) = 0;
+       }
+ 
+       error = write_all_xattrs(inode, new_hsize, base_addr, ipage);

diff --git a/queue-5.4/series b/queue-5.4/series
new file mode 100644 (file)
index 0000000..4c6ad7e
--- /dev/null
+++ b/queue-5.4/series
@@ -0,0 +1 @@
+f2fs-explicitly-null-terminate-the-xattr-list.patch