Fixes for 5.10

Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/queue-5.10/afs-fix-the-maximum-cell-name-length.patch b/queue-5.10/afs-fix-the-maximum-cell-name-length.patch
new file mode 100644 (file)
index 0000000..2ee65a7
--- /dev/null
+++ b/queue-5.10/afs-fix-the-maximum-cell-name-length.patch
@@ -0,0 +1,112 @@
+From 660d79146f00831e7329a5a96349820c3b52ffe6 Mon Sep 17 00:00:00 2001
+From: Sasha Levin <sashal@kernel.org>
+Date: Mon, 6 Jan 2025 16:21:00 +0000
+Subject: afs: Fix the maximum cell name length
+
+From: David Howells <dhowells@redhat.com>
+
+[ Upstream commit 8fd56ad6e7c90ac2bddb0741c6b248c8c5d56ac8 ]
+
+The kafs filesystem limits the maximum length of a cell to 256 bytes, but a
+problem occurs if someone actually does that: kafs tries to create a
+directory under /proc/net/afs/ with the name of the cell, but that fails
+with a warning:
+
+        WARNING: CPU: 0 PID: 9 at fs/proc/generic.c:405
+
+because procfs limits the maximum filename length to 255.
+
+However, the DNS limits the maximum lookup length and, by extension, the
+maximum cell name, to 255 less two (length count and trailing NUL).
+
+Fix this by limiting the maximum acceptable cellname length to 253.  This
+also allows us to be sure we can create the "/afs/.<cell>/" mountpoint too.
+
+Further, split the YFS VL record cell name maximum to be the 256 allowed by
+the protocol and ignore the record retrieved by YFSVL.GetCellName if it
+exceeds 253.
+
+Fixes: c3e9f888263b ("afs: Implement client support for the YFSVL.GetCellName RPC op")
+Reported-by: syzbot+7848fee1f1e5c53f912b@syzkaller.appspotmail.com
+Closes: https://lore.kernel.org/r/6776d25d.050a0220.3a8527.0048.GAE@google.com/
+Signed-off-by: David Howells <dhowells@redhat.com>
+Link: https://lore.kernel.org/r/376236.1736180460@warthog.procyon.org.uk
+Tested-by: syzbot+7848fee1f1e5c53f912b@syzkaller.appspotmail.com
+cc: Marc Dionne <marc.dionne@auristor.com>
+cc: linux-afs@lists.infradead.org
+Signed-off-by: Christian Brauner <brauner@kernel.org>
+Signed-off-by: Sasha Levin <sashal@kernel.org>
+---
+ fs/afs/afs.h      | 2 +-
+ fs/afs/afs_vl.h   | 1 +
+ fs/afs/vl_alias.c | 8 ++++++--
+ fs/afs/vlclient.c | 2 +-
+ 4 files changed, 9 insertions(+), 4 deletions(-)
+
+diff --git a/fs/afs/afs.h b/fs/afs/afs.h
+index 432cb4b23961..3ea5f3e3c922 100644
+--- a/fs/afs/afs.h
++++ b/fs/afs/afs.h
+@@ -10,7 +10,7 @@
+ 
+ #include <linux/in.h>
+ 
+-#define AFS_MAXCELLNAME               256     /* Maximum length of a cell name */
++#define AFS_MAXCELLNAME               253     /* Maximum length of a cell name (DNS limited) */
+ #define AFS_MAXVOLNAME                64      /* Maximum length of a volume name */
+ #define AFS_MAXNSERVERS               8       /* Maximum servers in a basic volume record */
+ #define AFS_NMAXNSERVERS      13      /* Maximum servers in a N/U-class volume record */
+diff --git a/fs/afs/afs_vl.h b/fs/afs/afs_vl.h
+index 9c65ffb8a523..8da0899fbc08 100644
+--- a/fs/afs/afs_vl.h
++++ b/fs/afs/afs_vl.h
+@@ -13,6 +13,7 @@
+ #define AFS_VL_PORT           7003    /* volume location service port */
+ #define VL_SERVICE            52      /* RxRPC service ID for the Volume Location service */
+ #define YFS_VL_SERVICE                2503    /* Service ID for AuriStor upgraded VL service */
++#define YFS_VL_MAXCELLNAME    256     /* Maximum length of a cell name in YFS protocol */
+ 
+ enum AFSVL_Operations {
+       VLGETENTRYBYID          = 503,  /* AFS Get VLDB entry by ID */
+diff --git a/fs/afs/vl_alias.c b/fs/afs/vl_alias.c
+index f04a80e4f5c3..83cf1bfbe343 100644
+--- a/fs/afs/vl_alias.c
++++ b/fs/afs/vl_alias.c
+@@ -302,6 +302,7 @@ static char *afs_vl_get_cell_name(struct afs_cell *cell, struct key *key)
+ static int yfs_check_canonical_cell_name(struct afs_cell *cell, struct key *key)
+ {
+       struct afs_cell *master;
++      size_t name_len;
+       char *cell_name;
+ 
+       cell_name = afs_vl_get_cell_name(cell, key);
+@@ -313,8 +314,11 @@ static int yfs_check_canonical_cell_name(struct afs_cell *cell, struct key *key)
+               return 0;
+       }
+ 
+-      master = afs_lookup_cell(cell->net, cell_name, strlen(cell_name),
+-                               NULL, false);
++      name_len = strlen(cell_name);
++      if (!name_len || name_len > AFS_MAXCELLNAME)
++              master = ERR_PTR(-EOPNOTSUPP);
++      else
++              master = afs_lookup_cell(cell->net, cell_name, name_len, NULL, false);
+       kfree(cell_name);
+       if (IS_ERR(master))
+               return PTR_ERR(master);
+diff --git a/fs/afs/vlclient.c b/fs/afs/vlclient.c
+index dc9327332f06..882f0727c3cd 100644
+--- a/fs/afs/vlclient.c
++++ b/fs/afs/vlclient.c
+@@ -670,7 +670,7 @@ static int afs_deliver_yfsvl_get_cell_name(struct afs_call *call)
+                       return ret;
+ 
+               namesz = ntohl(call->tmp);
+-              if (namesz > AFS_MAXCELLNAME)
++              if (namesz > YFS_VL_MAXCELLNAME)
+                       return afs_protocol_error(call, afs_eproto_cellname_len);
+               paddedsz = (namesz + 3) & ~3;
+               call->count = namesz;
+-- 
+2.39.5
+

diff --git a/queue-5.10/series b/queue-5.10/series
index 4840611b8c108e3d3008402fdb89e3213ea9de26..2ed7b06c425aad341592851e8ef24dc487f7a99d 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -16,3 +16,4 @@ tls-fix-tls_sw_sendmsg-error-handling.patch
 net-hns3-initialize-reset_timer-before-hclgevf_misc_.patch
 netfilter-nf_tables-imbalance-in-flowtable-binding.patch
 netfilter-conntrack-clamp-maximum-hashtable-size-to-.patch
+afs-fix-the-maximum-cell-name-length.patch