]> git.ipfire.org Git - thirdparty/kernel/stable-queue.git/commitdiff
projects / thirdparty / kernel / stable-queue.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e556cf4)
4.14-stable patches
authorGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 26 Jul 2018 10:22:55 +0000 (12:22 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 26 Jul 2018 10:22:55 +0000 (12:22 +0200)
added patches:
revert-cifs-fix-slab-out-of-bounds-in-send_set_info-on.patch

queue-4.14/revert-cifs-fix-slab-out-of-bounds-in-send_set_info-on.patch [new file with mode: 0644] patch | blob
queue-4.14/series [new file with mode: 0644] patch | blob
queue-4.17/series [new file with mode: 0644] patch | blob

diff --git a/queue-4.14/revert-cifs-fix-slab-out-of-bounds-in-send_set_info-on.patch b/queue-4.14/revert-cifs-fix-slab-out-of-bounds-in-send_set_info-on.patch
new file mode 100644 (file)
index 0000000..e2bafbf
--- /dev/null
+++ b/queue-4.14/revert-cifs-fix-slab-out-of-bounds-in-send_set_info-on.patch
@@ -0,0 +1,53 @@
+From 5422bc44f6aca94ac667a0e076fceeaac863e496 Mon Sep 17 00:00:00 2001
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Date: Thu, 26 Jul 2018 12:19:48 +0200
+Subject: Revert "cifs: Fix slab-out-of-bounds in send_set_info() on SMB2 ACE setting"
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+This reverts commit 748144f35514aef14c4fdef5bcaa0db99cb9367a which is
+commit f46ecbd97f508e68a7806291a139499794874f3d upstream.
+
+Philip reports:
+       seems adding "cifs: Fix slab-out-of-bounds in send_set_info() on SMB2
+       ACE setting" (commit 748144f) [1] created a regression within linux
+       v4.14 kernel series. Writing to a mounted cifs either freezes on writing
+       or crashes the PC. A more detailed explanation you may find in our
+       forums [2]. Reverting the patch, seems to "fix" it. Thoughts?
+
+Reported-by: Philip Müller <philm@manjaro.org>
+Cc: Jianhong Yin <jiyin@redhat.com>
+Cc: Stefano Brivio <sbrivio@redhat.com>
+Cc: Aurelien Aptel <aaptel@suse.com>
+Cc: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/cifs/smb2pdu.c |    7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+
+--- a/fs/cifs/smb2pdu.c
++++ b/fs/cifs/smb2pdu.c
+@@ -338,10 +338,7 @@ smb2_plain_req_init(__le16 smb2_command,
+               return rc;
+       /* BB eventually switch this to SMB2 specific small buf size */
+-      if (smb2_command == SMB2_SET_INFO)
+-              *request_buf = cifs_buf_get();
+-      else
+-              *request_buf = cifs_small_buf_get();
++      *request_buf = cifs_small_buf_get();
+       if (*request_buf == NULL) {
+               /* BB should we add a retry in here if not a writepage? */
+               return -ENOMEM;
+@@ -3171,7 +3168,7 @@ send_set_info(const unsigned int xid, st
+       }
+       rc = SendReceive2(xid, ses, iov, num, &resp_buftype, flags, &rsp_iov);
+-      cifs_buf_release(req);
++      cifs_small_buf_release(req);
+       rsp = (struct smb2_set_info_rsp *)rsp_iov.iov_base;
+       if (rc != 0)
diff --git a/queue-4.14/series b/queue-4.14/series
new file mode 100644 (file)
index 0000000..4b2b0c9
--- /dev/null
+++ b/queue-4.14/series
@@ -0,0 +1 @@
+revert-cifs-fix-slab-out-of-bounds-in-send_set_info-on.patch
diff --git a/queue-4.17/series b/queue-4.17/series
new file mode 100644 (file)
index 0000000..82e2d4a
--- /dev/null
+++ b/queue-4.17/series
@@ -0,0 +1 @@
+kvm-vmx-support-msr_ia32_arch_capabilities-as-a-feature-msr.patch
Mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/stable-queue.git