4.14-stable patches

added patches:
	kobject_uevent-remove-warning-in-init_uevent_argv.patch

diff --git a/queue-4.14/kobject_uevent-remove-warning-in-init_uevent_argv.patch b/queue-4.14/kobject_uevent-remove-warning-in-init_uevent_argv.patch
new file mode 100644 (file)
index 0000000..b4c4feb
--- /dev/null
+++ b/queue-4.14/kobject_uevent-remove-warning-in-init_uevent_argv.patch
@@ -0,0 +1,45 @@
+From b4104180a2efb85f55e1ba1407885c9421970338 Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Mon, 5 Apr 2021 11:48:52 +0200
+Subject: kobject_uevent: remove warning in init_uevent_argv()
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+commit b4104180a2efb85f55e1ba1407885c9421970338 upstream.
+
+syzbot can trigger the WARN() in init_uevent_argv() which isn't the
+nicest as the code does properly recover and handle the error.  So
+change the WARN() call to pr_warn() and provide some more information on
+what the buffer size that was needed.
+
+Link: https://lore.kernel.org/r/20201107082206.GA19079@kroah.com
+Cc: "Rafael J. Wysocki" <rafael@kernel.org>
+Cc: linux-kernel@vger.kernel.org
+Reported-by: syzbot+92340f7b2b4789907fdb@syzkaller.appspotmail.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Link: https://lore.kernel.org/r/20210405094852.1348499-1-gregkh@linuxfoundation.org
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ lib/kobject_uevent.c |    9 +++++----
+ 1 file changed, 5 insertions(+), 4 deletions(-)
+
+--- a/lib/kobject_uevent.c
++++ b/lib/kobject_uevent.c
+@@ -271,12 +271,13 @@ static int kobj_usermode_filter(struct k
+ 
+ static int init_uevent_argv(struct kobj_uevent_env *env, const char *subsystem)
+ {
++      int buffer_size = sizeof(env->buf) - env->buflen;
+       int len;
+ 
+-      len = strlcpy(&env->buf[env->buflen], subsystem,
+-                    sizeof(env->buf) - env->buflen);
+-      if (len >= (sizeof(env->buf) - env->buflen)) {
+-              WARN(1, KERN_ERR "init_uevent_argv: buffer size too small\n");
++      len = strlcpy(&env->buf[env->buflen], subsystem, buffer_size);
++      if (len >= buffer_size) {
++              pr_warn("init_uevent_argv: buffer size of %d too small, needed %d\n",
++                      buffer_size, len);
+               return -ENOMEM;
+       }
+ 

diff --git a/queue-4.14/series b/queue-4.14/series
index 4b1bb4354722bf42c423a9fd6801c3bec5a07423..d33d3f6b21a00dfed02f85239ea1f8f699af729c 100644 (file)
--- a/queue-4.14/series
+++ b/queue-4.14/series
@@ -296,3 +296,4 @@ mips-avoid-divu-in-__div64_32-is-result-would-be-zero.patch
 mips-avoid-handcoded-divu-in-__div64_32-altogether.patch
 thermal-core-fair-share-lock-the-thermal-zone-while-looping-over-instances.patch
 rdma-i40iw-avoid-panic-when-reading-back-the-irq-affinity-hint.patch
+kobject_uevent-remove-warning-in-init_uevent_argv.patch