git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Max Kellermann <max.kellermann@ionos.com>
	Mon, 18 Nov 2024 22:28:28 +0000 (23:28 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 17 Jan 2025 12:34:36 +0000 (13:34 +0100)
commit	e4b168c64da06954be5d520f6c16469b1cadc069
tree	e6f45be1001bf4be4e5b41efa9c4b2b416451535	tree
parent	c63962be84ef9c4f32e2a57404ceeda330ff3beb	commit \| diff

ceph: give up on paths longer than PATH_MAX

commit 550f7ca98ee028a606aa75705a7e77b1bd11720f upstream.

If the full path to be built by ceph_mdsc_build_path() happens to be
longer than PATH_MAX, then this function will enter an endless (retry)
loop, effectively blocking the whole task. Most of the machine
becomes unusable, making this a very simple and effective DoS
vulnerability.

I cannot imagine why this retry was ever implemented, but it seems
rather useless and harmful to me. Let's remove it and fail with
ENAMETOOLONG instead.

Cc: stable@vger.kernel.org
Reported-by: Dario Weißer <dario@cure53.de>
Signed-off-by: Max Kellermann <max.kellermann@ionos.com>
Reviewed-by: Alex Markuze <amarkuze@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
[idryomov@gmail.com: backport to 6.1: pr_warn() is still in use]
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>