--- /dev/null
+From 8c4bca10ceafc43b1ca0a9fab5fa27e13cbce99e Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Thu, 1 Jul 2021 23:53:47 -0700
+Subject: ext4: report correct st_size for encrypted symlinks
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 8c4bca10ceafc43b1ca0a9fab5fa27e13cbce99e upstream.
+
+The stat() family of syscalls report the wrong size for encrypted
+symlinks, which has caused breakage in several userspace programs.
+
+Fix this by calling fscrypt_symlink_getattr() after ext4_getattr() for
+encrypted symlinks. This function computes the correct size by reading
+and decrypting the symlink target (if it's not already cached).
+
+For more details, see the commit which added fscrypt_symlink_getattr().
+
+Fixes: f348c252320b ("ext4 crypto: add symlink encryption")
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20210702065350.209646-3-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ext4/symlink.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+--- a/fs/ext4/symlink.c
++++ b/fs/ext4/symlink.c
+@@ -52,10 +52,20 @@ static const char *ext4_encrypted_get_li
+ return paddr;
+ }
+
++static int ext4_encrypted_symlink_getattr(struct user_namespace *mnt_userns,
++ const struct path *path,
++ struct kstat *stat, u32 request_mask,
++ unsigned int query_flags)
++{
++ ext4_getattr(mnt_userns, path, stat, request_mask, query_flags);
++
++ return fscrypt_symlink_getattr(path, stat);
++}
++
+ const struct inode_operations ext4_encrypted_symlink_inode_operations = {
+ .get_link = ext4_encrypted_get_link,
+ .setattr = ext4_setattr,
+- .getattr = ext4_getattr,
++ .getattr = ext4_encrypted_symlink_getattr,
+ .listxattr = ext4_listxattr,
+ };
+
--- /dev/null
+From 461b43a8f92e68e96c4424b31e15f2b35f1bbfa9 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Thu, 1 Jul 2021 23:53:48 -0700
+Subject: f2fs: report correct st_size for encrypted symlinks
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 461b43a8f92e68e96c4424b31e15f2b35f1bbfa9 upstream.
+
+The stat() family of syscalls report the wrong size for encrypted
+symlinks, which has caused breakage in several userspace programs.
+
+Fix this by calling fscrypt_symlink_getattr() after f2fs_getattr() for
+encrypted symlinks. This function computes the correct size by reading
+and decrypting the symlink target (if it's not already cached).
+
+For more details, see the commit which added fscrypt_symlink_getattr().
+
+Fixes: cbaf042a3cc6 ("f2fs crypto: add symlink encryption")
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20210702065350.209646-4-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/f2fs/namei.c | 12 +++++++++++-
+ 1 file changed, 11 insertions(+), 1 deletion(-)
+
+--- a/fs/f2fs/namei.c
++++ b/fs/f2fs/namei.c
+@@ -1313,9 +1313,19 @@ static const char *f2fs_encrypted_get_li
+ return target;
+ }
+
++static int f2fs_encrypted_symlink_getattr(struct user_namespace *mnt_userns,
++ const struct path *path,
++ struct kstat *stat, u32 request_mask,
++ unsigned int query_flags)
++{
++ f2fs_getattr(mnt_userns, path, stat, request_mask, query_flags);
++
++ return fscrypt_symlink_getattr(path, stat);
++}
++
+ const struct inode_operations f2fs_encrypted_symlink_inode_operations = {
+ .get_link = f2fs_encrypted_get_link,
+- .getattr = f2fs_getattr,
++ .getattr = f2fs_encrypted_symlink_getattr,
+ .setattr = f2fs_setattr,
+ .listxattr = f2fs_listxattr,
+ };
--- /dev/null
+From d18760560593e5af921f51a8c9b64b6109d634c2 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Thu, 1 Jul 2021 23:53:46 -0700
+Subject: fscrypt: add fscrypt_symlink_getattr() for computing st_size
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit d18760560593e5af921f51a8c9b64b6109d634c2 upstream.
+
+Add a helper function fscrypt_symlink_getattr() which will be called
+from the various filesystems' ->getattr() methods to read and decrypt
+the target of encrypted symlinks in order to report the correct st_size.
+
+Detailed explanation:
+
+As required by POSIX and as documented in various man pages, st_size for
+a symlink is supposed to be the length of the symlink target.
+Unfortunately, st_size has always been wrong for encrypted symlinks
+because st_size is populated from i_size from disk, which intentionally
+contains the length of the encrypted symlink target. That's slightly
+greater than the length of the decrypted symlink target (which is the
+symlink target that userspace usually sees), and usually won't match the
+length of the no-key encoded symlink target either.
+
+This hadn't been fixed yet because reporting the correct st_size would
+require reading the symlink target from disk and decrypting or encoding
+it, which historically has been considered too heavyweight to do in
+->getattr(). Also historically, the wrong st_size had only broken a
+test (LTP lstat03) and there were no known complaints from real users.
+(This is probably because the st_size of symlinks isn't used too often,
+and when it is, typically it's for a hint for what buffer size to pass
+to readlink() -- which a slightly-too-large size still works for.)
+
+However, a couple things have changed now. First, there have recently
+been complaints about the current behavior from real users:
+
+- Breakage in rpmbuild:
+ https://github.com/rpm-software-management/rpm/issues/1682
+ https://github.com/google/fscrypt/issues/305
+
+- Breakage in toybox cpio:
+ https://www.mail-archive.com/toybox@lists.landley.net/msg07193.html
+
+- Breakage in libgit2: https://issuetracker.google.com/issues/189629152
+ (on Android public issue tracker, requires login)
+
+Second, we now cache decrypted symlink targets in ->i_link. Therefore,
+taking the performance hit of reading and decrypting the symlink target
+in ->getattr() wouldn't be as big a deal as it used to be, since usually
+it will just save having to do the same thing later.
+
+Also note that eCryptfs ended up having to read and decrypt symlink
+targets in ->getattr() as well, to fix this same issue; see
+commit 3a60a1686f0d ("eCryptfs: Decrypt symlink target for stat size").
+
+So, let's just bite the bullet, and read and decrypt the symlink target
+in ->getattr() in order to report the correct st_size. Add a function
+fscrypt_symlink_getattr() which the filesystems will call to do this.
+
+(Alternatively, we could store the decrypted size of symlinks on-disk.
+But there isn't a great place to do so, and encryption is meant to hide
+the original size to some extent; that property would be lost.)
+
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20210702065350.209646-2-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/crypto/hooks.c | 44 ++++++++++++++++++++++++++++++++++++++++++++
+ include/linux/fscrypt.h | 7 +++++++
+ 2 files changed, 51 insertions(+)
+
+--- a/fs/crypto/hooks.c
++++ b/fs/crypto/hooks.c
+@@ -384,3 +384,47 @@ err_kfree:
+ return ERR_PTR(err);
+ }
+ EXPORT_SYMBOL_GPL(fscrypt_get_symlink);
++
++/**
++ * fscrypt_symlink_getattr() - set the correct st_size for encrypted symlinks
++ * @path: the path for the encrypted symlink being queried
++ * @stat: the struct being filled with the symlink's attributes
++ *
++ * Override st_size of encrypted symlinks to be the length of the decrypted
++ * symlink target (or the no-key encoded symlink target, if the key is
++ * unavailable) rather than the length of the encrypted symlink target. This is
++ * necessary for st_size to match the symlink target that userspace actually
++ * sees. POSIX requires this, and some userspace programs depend on it.
++ *
++ * This requires reading the symlink target from disk if needed, setting up the
++ * inode's encryption key if possible, and then decrypting or encoding the
++ * symlink target. This makes lstat() more heavyweight than is normally the
++ * case. However, decrypted symlink targets will be cached in ->i_link, so
++ * usually the symlink won't have to be read and decrypted again later if/when
++ * it is actually followed, readlink() is called, or lstat() is called again.
++ *
++ * Return: 0 on success, -errno on failure
++ */
++int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat)
++{
++ struct dentry *dentry = path->dentry;
++ struct inode *inode = d_inode(dentry);
++ const char *link;
++ DEFINE_DELAYED_CALL(done);
++
++ /*
++ * To get the symlink target that userspace will see (whether it's the
++ * decrypted target or the no-key encoded target), we can just get it in
++ * the same way the VFS does during path resolution and readlink().
++ */
++ link = READ_ONCE(inode->i_link);
++ if (!link) {
++ link = inode->i_op->get_link(dentry, inode, &done);
++ if (IS_ERR(link))
++ return PTR_ERR(link);
++ }
++ stat->size = strlen(link);
++ do_delayed_call(&done);
++ return 0;
++}
++EXPORT_SYMBOL_GPL(fscrypt_symlink_getattr);
+--- a/include/linux/fscrypt.h
++++ b/include/linux/fscrypt.h
+@@ -253,6 +253,7 @@ int __fscrypt_encrypt_symlink(struct ino
+ const char *fscrypt_get_symlink(struct inode *inode, const void *caddr,
+ unsigned int max_size,
+ struct delayed_call *done);
++int fscrypt_symlink_getattr(const struct path *path, struct kstat *stat);
+ static inline void fscrypt_set_ops(struct super_block *sb,
+ const struct fscrypt_operations *s_cop)
+ {
+@@ -583,6 +584,12 @@ static inline const char *fscrypt_get_sy
+ return ERR_PTR(-EOPNOTSUPP);
+ }
+
++static inline int fscrypt_symlink_getattr(const struct path *path,
++ struct kstat *stat)
++{
++ return -EOPNOTSUPP;
++}
++
+ static inline void fscrypt_set_ops(struct super_block *sb,
+ const struct fscrypt_operations *s_cop)
+ {
--- /dev/null
+From d0efb16294d145d157432feda83877ae9d7cdf37 Mon Sep 17 00:00:00 2001
+From: Peter Collingbourne <pcc@google.com>
+Date: Thu, 26 Aug 2021 12:46:01 -0700
+Subject: net: don't unconditionally copy_from_user a struct ifreq for socket ioctls
+
+From: Peter Collingbourne <pcc@google.com>
+
+commit d0efb16294d145d157432feda83877ae9d7cdf37 upstream.
+
+A common implementation of isatty(3) involves calling a ioctl passing
+a dummy struct argument and checking whether the syscall failed --
+bionic and glibc use TCGETS (passing a struct termios), and musl uses
+TIOCGWINSZ (passing a struct winsize). If the FD is a socket, we will
+copy sizeof(struct ifreq) bytes of data from the argument and return
+-EFAULT if that fails. The result is that the isatty implementations
+may return a non-POSIX-compliant value in errno in the case where part
+of the dummy struct argument is inaccessible, as both struct termios
+and struct winsize are smaller than struct ifreq (at least on arm64).
+
+Although there is usually enough stack space following the argument
+on the stack that this did not present a practical problem up to now,
+with MTE stack instrumentation it's more likely for the copy to fail,
+as the memory following the struct may have a different tag.
+
+Fix the problem by adding an early check for whether the ioctl is a
+valid socket ioctl, and return -ENOTTY if it isn't.
+
+Fixes: 44c02a2c3dc5 ("dev_ioctl(): move copyin/copyout to callers")
+Link: https://linux-review.googlesource.com/id/I869da6cf6daabc3e4b7b82ac979683ba05e27d4d
+Signed-off-by: Peter Collingbourne <pcc@google.com>
+Cc: <stable@vger.kernel.org> # 4.19
+Signed-off-by: David S. Miller <davem@davemloft.net>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ include/linux/netdevice.h | 4 ++++
+ net/socket.c | 6 +++++-
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+--- a/include/linux/netdevice.h
++++ b/include/linux/netdevice.h
+@@ -4012,6 +4012,10 @@ int netdev_rx_handler_register(struct ne
+ void netdev_rx_handler_unregister(struct net_device *dev);
+
+ bool dev_valid_name(const char *name);
++static inline bool is_socket_ioctl_cmd(unsigned int cmd)
++{
++ return _IOC_TYPE(cmd) == SOCK_IOC_TYPE;
++}
+ int dev_ioctl(struct net *net, unsigned int cmd, struct ifreq *ifr,
+ bool *need_copyout);
+ int dev_ifconf(struct net *net, struct ifconf *, int);
+--- a/net/socket.c
++++ b/net/socket.c
+@@ -1054,7 +1054,7 @@ static long sock_do_ioctl(struct net *ne
+ rtnl_unlock();
+ if (!err && copy_to_user(argp, &ifc, sizeof(struct ifconf)))
+ err = -EFAULT;
+- } else {
++ } else if (is_socket_ioctl_cmd(cmd)) {
+ struct ifreq ifr;
+ bool need_copyout;
+ if (copy_from_user(&ifr, argp, sizeof(struct ifreq)))
+@@ -1063,6 +1063,8 @@ static long sock_do_ioctl(struct net *ne
+ if (!err && need_copyout)
+ if (copy_to_user(argp, &ifr, sizeof(struct ifreq)))
+ return -EFAULT;
++ } else {
++ err = -ENOTTY;
+ }
+ return err;
+ }
+@@ -3251,6 +3253,8 @@ static int compat_ifr_data_ioctl(struct
+ struct ifreq ifreq;
+ u32 data32;
+
++ if (!is_socket_ioctl_cmd(cmd))
++ return -ENOTTY;
+ if (copy_from_user(ifreq.ifr_name, u_ifreq32->ifr_name, IFNAMSIZ))
+ return -EFAULT;
+ if (get_user(data32, &u_ifreq32->ifr_data))
--- /dev/null
+From f6a3308d6feb351d9854eb8b3f6289a1ac163125 Mon Sep 17 00:00:00 2001
+From: Helge Deller <deller@gmx.de>
+Date: Fri, 27 Aug 2021 20:42:57 +0200
+Subject: Revert "parisc: Add assembly implementations for memset, strlen, strcpy, strncpy and strcat"
+
+From: Helge Deller <deller@gmx.de>
+
+commit f6a3308d6feb351d9854eb8b3f6289a1ac163125 upstream.
+
+This reverts commit 83af58f8068ea3f7b3c537c37a30887bfa585069.
+
+It turns out that at least the assembly implementation for strncpy() was
+buggy. Revert the whole commit and return back to the default coding.
+
+Signed-off-by: Helge Deller <deller@gmx.de>
+Cc: <stable@vger.kernel.org> # v5.4+
+Cc: Rasmus Villemoes <linux@rasmusvillemoes.dk>
+Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/parisc/include/asm/string.h | 15 ----
+ arch/parisc/kernel/parisc_ksyms.c | 4 -
+ arch/parisc/lib/Makefile | 4 -
+ arch/parisc/lib/memset.c | 72 ++++++++++++++++++++
+ arch/parisc/lib/string.S | 136 --------------------------------------
+ 5 files changed, 74 insertions(+), 157 deletions(-)
+ create mode 100644 arch/parisc/lib/memset.c
+ delete mode 100644 arch/parisc/lib/string.S
+
+--- a/arch/parisc/include/asm/string.h
++++ b/arch/parisc/include/asm/string.h
+@@ -8,19 +8,4 @@ extern void * memset(void *, int, size_t
+ #define __HAVE_ARCH_MEMCPY
+ void * memcpy(void * dest,const void *src,size_t count);
+
+-#define __HAVE_ARCH_STRLEN
+-extern size_t strlen(const char *s);
+-
+-#define __HAVE_ARCH_STRCPY
+-extern char *strcpy(char *dest, const char *src);
+-
+-#define __HAVE_ARCH_STRNCPY
+-extern char *strncpy(char *dest, const char *src, size_t count);
+-
+-#define __HAVE_ARCH_STRCAT
+-extern char *strcat(char *dest, const char *src);
+-
+-#define __HAVE_ARCH_MEMSET
+-extern void *memset(void *, int, size_t);
+-
+ #endif
+--- a/arch/parisc/kernel/parisc_ksyms.c
++++ b/arch/parisc/kernel/parisc_ksyms.c
+@@ -17,10 +17,6 @@
+
+ #include <linux/string.h>
+ EXPORT_SYMBOL(memset);
+-EXPORT_SYMBOL(strlen);
+-EXPORT_SYMBOL(strcpy);
+-EXPORT_SYMBOL(strncpy);
+-EXPORT_SYMBOL(strcat);
+
+ #include <linux/atomic.h>
+ EXPORT_SYMBOL(__xchg8);
+--- a/arch/parisc/lib/Makefile
++++ b/arch/parisc/lib/Makefile
+@@ -3,7 +3,7 @@
+ # Makefile for parisc-specific library files
+ #
+
+-lib-y := lusercopy.o bitops.o checksum.o io.o memcpy.o \
+- ucmpdi2.o delay.o string.o
++lib-y := lusercopy.o bitops.o checksum.o io.o memset.o memcpy.o \
++ ucmpdi2.o delay.o
+
+ obj-y := iomap.o
+--- /dev/null
++++ b/arch/parisc/lib/memset.c
+@@ -0,0 +1,72 @@
++/* SPDX-License-Identifier: GPL-2.0-or-later */
++#include <linux/types.h>
++#include <asm/string.h>
++
++#define OPSIZ (BITS_PER_LONG/8)
++typedef unsigned long op_t;
++
++void *
++memset (void *dstpp, int sc, size_t len)
++{
++ unsigned int c = sc;
++ long int dstp = (long int) dstpp;
++
++ if (len >= 8)
++ {
++ size_t xlen;
++ op_t cccc;
++
++ cccc = (unsigned char) c;
++ cccc |= cccc << 8;
++ cccc |= cccc << 16;
++ if (OPSIZ > 4)
++ /* Do the shift in two steps to avoid warning if long has 32 bits. */
++ cccc |= (cccc << 16) << 16;
++
++ /* There are at least some bytes to set.
++ No need to test for LEN == 0 in this alignment loop. */
++ while (dstp % OPSIZ != 0)
++ {
++ ((unsigned char *) dstp)[0] = c;
++ dstp += 1;
++ len -= 1;
++ }
++
++ /* Write 8 `op_t' per iteration until less than 8 `op_t' remain. */
++ xlen = len / (OPSIZ * 8);
++ while (xlen > 0)
++ {
++ ((op_t *) dstp)[0] = cccc;
++ ((op_t *) dstp)[1] = cccc;
++ ((op_t *) dstp)[2] = cccc;
++ ((op_t *) dstp)[3] = cccc;
++ ((op_t *) dstp)[4] = cccc;
++ ((op_t *) dstp)[5] = cccc;
++ ((op_t *) dstp)[6] = cccc;
++ ((op_t *) dstp)[7] = cccc;
++ dstp += 8 * OPSIZ;
++ xlen -= 1;
++ }
++ len %= OPSIZ * 8;
++
++ /* Write 1 `op_t' per iteration until less than OPSIZ bytes remain. */
++ xlen = len / OPSIZ;
++ while (xlen > 0)
++ {
++ ((op_t *) dstp)[0] = cccc;
++ dstp += OPSIZ;
++ xlen -= 1;
++ }
++ len %= OPSIZ;
++ }
++
++ /* Write the last few bytes. */
++ while (len > 0)
++ {
++ ((unsigned char *) dstp)[0] = c;
++ dstp += 1;
++ len -= 1;
++ }
++
++ return dstpp;
++}
+--- a/arch/parisc/lib/string.S
++++ /dev/null
+@@ -1,136 +0,0 @@
+-// SPDX-License-Identifier: GPL-2.0
+-/*
+- * PA-RISC assembly string functions
+- *
+- * Copyright (C) 2019 Helge Deller <deller@gmx.de>
+- */
+-
+-#include <asm/assembly.h>
+-#include <linux/linkage.h>
+-
+- .section .text.hot
+- .level PA_ASM_LEVEL
+-
+- t0 = r20
+- t1 = r21
+- t2 = r22
+-
+-ENTRY_CFI(strlen, frame=0,no_calls)
+- or,COND(<>) arg0,r0,ret0
+- b,l,n .Lstrlen_null_ptr,r0
+- depwi 0,31,2,ret0
+- cmpb,COND(<>) arg0,ret0,.Lstrlen_not_aligned
+- ldw,ma 4(ret0),t0
+- cmpib,tr 0,r0,.Lstrlen_loop
+- uxor,nbz r0,t0,r0
+-.Lstrlen_not_aligned:
+- uaddcm arg0,ret0,t1
+- shladd t1,3,r0,t1
+- mtsar t1
+- depwi -1,%sar,32,t0
+- uxor,nbz r0,t0,r0
+-.Lstrlen_loop:
+- b,l,n .Lstrlen_end_loop,r0
+- ldw,ma 4(ret0),t0
+- cmpib,tr 0,r0,.Lstrlen_loop
+- uxor,nbz r0,t0,r0
+-.Lstrlen_end_loop:
+- extrw,u,<> t0,7,8,r0
+- addib,tr,n -3,ret0,.Lstrlen_out
+- extrw,u,<> t0,15,8,r0
+- addib,tr,n -2,ret0,.Lstrlen_out
+- extrw,u,<> t0,23,8,r0
+- addi -1,ret0,ret0
+-.Lstrlen_out:
+- bv r0(rp)
+- uaddcm ret0,arg0,ret0
+-.Lstrlen_null_ptr:
+- bv,n r0(rp)
+-ENDPROC_CFI(strlen)
+-
+-
+-ENTRY_CFI(strcpy, frame=0,no_calls)
+- ldb 0(arg1),t0
+- stb t0,0(arg0)
+- ldo 0(arg0),ret0
+- ldo 1(arg1),t1
+- cmpb,= r0,t0,2f
+- ldo 1(arg0),t2
+-1: ldb 0(t1),arg1
+- stb arg1,0(t2)
+- ldo 1(t1),t1
+- cmpb,<> r0,arg1,1b
+- ldo 1(t2),t2
+-2: bv,n r0(rp)
+-ENDPROC_CFI(strcpy)
+-
+-
+-ENTRY_CFI(strncpy, frame=0,no_calls)
+- ldb 0(arg1),t0
+- stb t0,0(arg0)
+- ldo 1(arg1),t1
+- ldo 0(arg0),ret0
+- cmpb,= r0,t0,2f
+- ldo 1(arg0),arg1
+-1: ldo -1(arg2),arg2
+- cmpb,COND(=),n r0,arg2,2f
+- ldb 0(t1),arg0
+- stb arg0,0(arg1)
+- ldo 1(t1),t1
+- cmpb,<> r0,arg0,1b
+- ldo 1(arg1),arg1
+-2: bv,n r0(rp)
+-ENDPROC_CFI(strncpy)
+-
+-
+-ENTRY_CFI(strcat, frame=0,no_calls)
+- ldb 0(arg0),t0
+- cmpb,= t0,r0,2f
+- ldo 0(arg0),ret0
+- ldo 1(arg0),arg0
+-1: ldb 0(arg0),t1
+- cmpb,<>,n r0,t1,1b
+- ldo 1(arg0),arg0
+-2: ldb 0(arg1),t2
+- stb t2,0(arg0)
+- ldo 1(arg0),arg0
+- ldb 0(arg1),t0
+- cmpb,<> r0,t0,2b
+- ldo 1(arg1),arg1
+- bv,n r0(rp)
+-ENDPROC_CFI(strcat)
+-
+-
+-ENTRY_CFI(memset, frame=0,no_calls)
+- copy arg0,ret0
+- cmpb,COND(=) r0,arg0,4f
+- copy arg0,t2
+- cmpb,COND(=) r0,arg2,4f
+- ldo -1(arg2),arg3
+- subi -1,arg3,t0
+- subi 0,t0,t1
+- cmpiclr,COND(>=) 0,t1,arg2
+- ldo -1(t1),arg2
+- extru arg2,31,2,arg0
+-2: stb arg1,0(t2)
+- ldo 1(t2),t2
+- addib,>= -1,arg0,2b
+- ldo -1(arg3),arg3
+- cmpiclr,COND(<=) 4,arg2,r0
+- b,l,n 4f,r0
+-#ifdef CONFIG_64BIT
+- depd,* r0,63,2,arg2
+-#else
+- depw r0,31,2,arg2
+-#endif
+- ldo 1(t2),t2
+-3: stb arg1,-1(t2)
+- stb arg1,0(t2)
+- stb arg1,1(t2)
+- stb arg1,2(t2)
+- addib,COND(>) -4,arg2,3b
+- ldo 4(t2),t2
+-4: bv,n r0(rp)
+-ENDPROC_CFI(memset)
+-
+- .end
arm64-dts-qcom-msm8994-angler-fix-gpio-reserved-ranges-85-88.patch
btrfs-fix-null-pointer-dereference-when-deleting-device-by-invalid-id.patch
revert-floppy-reintroduce-o_ndelay-fix.patch
+fscrypt-add-fscrypt_symlink_getattr-for-computing-st_size.patch
+ext4-report-correct-st_size-for-encrypted-symlinks.patch
+f2fs-report-correct-st_size-for-encrypted-symlinks.patch
+ubifs-report-correct-st_size-for-encrypted-symlinks.patch
+revert-parisc-add-assembly-implementations-for-memset-strlen-strcpy-strncpy-and-strcat.patch
+net-don-t-unconditionally-copy_from_user-a-struct-ifreq-for-socket-ioctls.patch
--- /dev/null
+From 064c734986011390b4d111f1a99372b7f26c3850 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Thu, 1 Jul 2021 23:53:49 -0700
+Subject: ubifs: report correct st_size for encrypted symlinks
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit 064c734986011390b4d111f1a99372b7f26c3850 upstream.
+
+The stat() family of syscalls report the wrong size for encrypted
+symlinks, which has caused breakage in several userspace programs.
+
+Fix this by calling fscrypt_symlink_getattr() after ubifs_getattr() for
+encrypted symlinks. This function computes the correct size by reading
+and decrypting the symlink target (if it's not already cached).
+
+For more details, see the commit which added fscrypt_symlink_getattr().
+
+Fixes: ca7f85be8d6c ("ubifs: Add support for encrypted symlinks")
+Cc: stable@vger.kernel.org
+Link: https://lore.kernel.org/r/20210702065350.209646-5-ebiggers@kernel.org
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ubifs/file.c | 13 ++++++++++++-
+ 1 file changed, 12 insertions(+), 1 deletion(-)
+
+--- a/fs/ubifs/file.c
++++ b/fs/ubifs/file.c
+@@ -1630,6 +1630,17 @@ static const char *ubifs_get_link(struct
+ return fscrypt_get_symlink(inode, ui->data, ui->data_len, done);
+ }
+
++static int ubifs_symlink_getattr(struct user_namespace *mnt_userns,
++ const struct path *path, struct kstat *stat,
++ u32 request_mask, unsigned int query_flags)
++{
++ ubifs_getattr(mnt_userns, path, stat, request_mask, query_flags);
++
++ if (IS_ENCRYPTED(d_inode(path->dentry)))
++ return fscrypt_symlink_getattr(path, stat);
++ return 0;
++}
++
+ const struct address_space_operations ubifs_file_address_operations = {
+ .readpage = ubifs_readpage,
+ .writepage = ubifs_writepage,
+@@ -1655,7 +1666,7 @@ const struct inode_operations ubifs_file
+ const struct inode_operations ubifs_symlink_inode_operations = {
+ .get_link = ubifs_get_link,
+ .setattr = ubifs_setattr,
+- .getattr = ubifs_getattr,
++ .getattr = ubifs_symlink_getattr,
+ .listxattr = ubifs_listxattr,
+ .update_time = ubifs_update_time,
+ };
projects / thirdparty / kernel / stable-queue.git / commitdiff
