git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Max Kellermann <max.kellermann@ionos.com>
	Mon, 18 Nov 2024 22:28:28 +0000 (23:28 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 27 Dec 2024 13:02:19 +0000 (14:02 +0100)
commit	99a37ab76a315c8307eb5b0dc095d8ad9d8efeaa
tree	2d656cd141cb5d29827aeca4a9231bdabe9e8f09	tree
parent	adc4b70fb659a80a78ff3f41e88070ed195df5ba	commit \| diff

ceph: give up on paths longer than PATH_MAX

commit 550f7ca98ee028a606aa75705a7e77b1bd11720f upstream.

If the full path to be built by ceph_mdsc_build_path() happens to be
longer than PATH_MAX, then this function will enter an endless (retry)
loop, effectively blocking the whole task. Most of the machine
becomes unusable, making this a very simple and effective DoS
vulnerability.

I cannot imagine why this retry was ever implemented, but it seems
rather useless and harmful to me. Let's remove it and fail with
ENAMETOOLONG instead.

Cc: stable@vger.kernel.org
Reported-by: Dario Weißer <dario@cure53.de>
Signed-off-by: Max Kellermann <max.kellermann@ionos.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>