From c4d36720ed250179376374636f3e9e697421fe5a Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Thu, 9 Feb 2023 11:24:58 +0100
Subject: [PATCH] drop udf patch from 5.4 and 5.10

not needed.
---
 queue-5.10/series                             |  1 -
 ...udf-avoid-using-stale-lengthofimpuse.patch | 61 -------------------
 queue-5.4/series                              |  1 -
 ...udf-avoid-using-stale-lengthofimpuse.patch | 61 -------------------
 4 files changed, 124 deletions(-)
 delete mode 100644 queue-5.10/udf-avoid-using-stale-lengthofimpuse.patch
 delete mode 100644 queue-5.4/udf-avoid-using-stale-lengthofimpuse.patch

diff --git a/queue-5.10/series b/queue-5.10/series
index d704de422cf..6b9633424f2 100644
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -81,7 +81,6 @@ squashfs-fix-handling-and-sanity-checking-of-xattr_ids-count.patch
 drm-i915-fix-potential-bit_17-double-free.patch
 nvmem-core-initialise-nvmem-id-early.patch
 nvmem-core-fix-cell-removal-on-error.patch
-udf-avoid-using-stale-lengthofimpuse.patch
 serial-8250_dma-fix-dma-rx-completion-race.patch
 serial-8250_dma-fix-dma-rx-rearm-race.patch
 fbdev-smscufx-fix-error-handling-code-in-ufx_usb_probe.patch
diff --git a/queue-5.10/udf-avoid-using-stale-lengthofimpuse.patch b/queue-5.10/udf-avoid-using-stale-lengthofimpuse.patch
deleted file mode 100644
index 3e006f899e2..00000000000
--- a/queue-5.10/udf-avoid-using-stale-lengthofimpuse.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From c1ad35dd0548ce947d97aaf92f7f2f9a202951cf Mon Sep 17 00:00:00 2001
-From: Jan Kara <jack@suse.cz>
-Date: Tue, 10 May 2022 12:36:04 +0200
-Subject: udf: Avoid using stale lengthOfImpUse
-
-From: Jan Kara <jack@suse.cz>
-
-commit c1ad35dd0548ce947d97aaf92f7f2f9a202951cf upstream.
-
-udf_write_fi() uses lengthOfImpUse of the entry it is writing to.
-However this field has not yet been initialized so it either contains
-completely bogus value or value from last directory entry at that place.
-In either case this is wrong and can lead to filesystem corruption or
-kernel crashes.
-
-Reported-by: butt3rflyh4ck <butterflyhuangxx@gmail.com>
-CC: stable@vger.kernel.org
-Fixes: 979a6e28dd96 ("udf: Get rid of 0-length arrays in struct fileIdentDesc")
-Signed-off-by: Jan Kara <jack@suse.cz>
-[ This patch deviates from the original upstream patch because in the
-original upstream patch, udf_get_fi_ident(sfi) was being used instead of
-(uint8_t *)sfi->fileIdent + liu as the first arg to memcpy at line 77
-and line 81. Those subsequent lines have been replaced with what the
-upstream patch passes in to memcpy. ]
-Signed-off-by: Nobel Barakat <nobelbarakat@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/udf/namei.c |    9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
---- a/fs/udf/namei.c
-+++ b/fs/udf/namei.c
-@@ -75,12 +75,11 @@ int udf_write_fi(struct inode *inode, st
- 
- 	if (fileident) {
- 		if (adinicb || (offset + lfi < 0)) {
--			memcpy((uint8_t *)sfi->fileIdent + liu, fileident, lfi);
-+			memcpy(sfi->impUse + liu, fileident, lfi);
- 		} else if (offset >= 0) {
- 			memcpy(fibh->ebh->b_data + offset, fileident, lfi);
- 		} else {
--			memcpy((uint8_t *)sfi->fileIdent + liu, fileident,
--				-offset);
-+			memcpy(sfi->impUse + liu, fileident, -offset);
- 			memcpy(fibh->ebh->b_data, fileident - offset,
- 				lfi + offset);
- 		}
-@@ -89,11 +88,11 @@ int udf_write_fi(struct inode *inode, st
- 	offset += lfi;
- 
- 	if (adinicb || (offset + padlen < 0)) {
--		memset((uint8_t *)sfi->padding + liu + lfi, 0x00, padlen);
-+		memset(sfi->impUse + liu + lfi, 0x00, padlen);
- 	} else if (offset >= 0) {
- 		memset(fibh->ebh->b_data + offset, 0x00, padlen);
- 	} else {
--		memset((uint8_t *)sfi->padding + liu + lfi, 0x00, -offset);
-+		memset(sfi->impUse + liu + lfi, 0x00, -offset);
- 		memset(fibh->ebh->b_data, 0x00, padlen + offset);
- 	}
- 
diff --git a/queue-5.4/series b/queue-5.4/series
index ba989f2df73..7b55fe48ac0 100644
--- a/queue-5.4/series
+++ b/queue-5.4/series
@@ -50,7 +50,6 @@ squashfs-fix-handling-and-sanity-checking-of-xattr_ids-count.patch
 nvmem-core-fix-cell-removal-on-error.patch
 mm-swap-properly-update-readahead-statistics-in-unuse_pte_range.patch
 xprtrdma-fix-regbuf-data-not-freed-in-rpcrdma_req_create.patch
-udf-avoid-using-stale-lengthofimpuse.patch
 serial-8250_dma-fix-dma-rx-completion-race.patch
 serial-8250_dma-fix-dma-rx-rearm-race.patch
 powerpc-imc-pmu-revert-nest_init_lock-to-being-a-mutex.patch
diff --git a/queue-5.4/udf-avoid-using-stale-lengthofimpuse.patch b/queue-5.4/udf-avoid-using-stale-lengthofimpuse.patch
deleted file mode 100644
index 3e006f899e2..00000000000
--- a/queue-5.4/udf-avoid-using-stale-lengthofimpuse.patch
+++ /dev/null
@@ -1,61 +0,0 @@
-From c1ad35dd0548ce947d97aaf92f7f2f9a202951cf Mon Sep 17 00:00:00 2001
-From: Jan Kara <jack@suse.cz>
-Date: Tue, 10 May 2022 12:36:04 +0200
-Subject: udf: Avoid using stale lengthOfImpUse
-
-From: Jan Kara <jack@suse.cz>
-
-commit c1ad35dd0548ce947d97aaf92f7f2f9a202951cf upstream.
-
-udf_write_fi() uses lengthOfImpUse of the entry it is writing to.
-However this field has not yet been initialized so it either contains
-completely bogus value or value from last directory entry at that place.
-In either case this is wrong and can lead to filesystem corruption or
-kernel crashes.
-
-Reported-by: butt3rflyh4ck <butterflyhuangxx@gmail.com>
-CC: stable@vger.kernel.org
-Fixes: 979a6e28dd96 ("udf: Get rid of 0-length arrays in struct fileIdentDesc")
-Signed-off-by: Jan Kara <jack@suse.cz>
-[ This patch deviates from the original upstream patch because in the
-original upstream patch, udf_get_fi_ident(sfi) was being used instead of
-(uint8_t *)sfi->fileIdent + liu as the first arg to memcpy at line 77
-and line 81. Those subsequent lines have been replaced with what the
-upstream patch passes in to memcpy. ]
-Signed-off-by: Nobel Barakat <nobelbarakat@google.com>
-Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
----
- fs/udf/namei.c |    9 ++++-----
- 1 file changed, 4 insertions(+), 5 deletions(-)
-
---- a/fs/udf/namei.c
-+++ b/fs/udf/namei.c
-@@ -75,12 +75,11 @@ int udf_write_fi(struct inode *inode, st
- 
- 	if (fileident) {
- 		if (adinicb || (offset + lfi < 0)) {
--			memcpy((uint8_t *)sfi->fileIdent + liu, fileident, lfi);
-+			memcpy(sfi->impUse + liu, fileident, lfi);
- 		} else if (offset >= 0) {
- 			memcpy(fibh->ebh->b_data + offset, fileident, lfi);
- 		} else {
--			memcpy((uint8_t *)sfi->fileIdent + liu, fileident,
--				-offset);
-+			memcpy(sfi->impUse + liu, fileident, -offset);
- 			memcpy(fibh->ebh->b_data, fileident - offset,
- 				lfi + offset);
- 		}
-@@ -89,11 +88,11 @@ int udf_write_fi(struct inode *inode, st
- 	offset += lfi;
- 
- 	if (adinicb || (offset + padlen < 0)) {
--		memset((uint8_t *)sfi->padding + liu + lfi, 0x00, padlen);
-+		memset(sfi->impUse + liu + lfi, 0x00, padlen);
- 	} else if (offset >= 0) {
- 		memset(fibh->ebh->b_data + offset, 0x00, padlen);
- 	} else {
--		memset((uint8_t *)sfi->padding + liu + lfi, 0x00, -offset);
-+		memset(sfi->impUse + liu + lfi, 0x00, -offset);
- 		memset(fibh->ebh->b_data, 0x00, padlen + offset);
- 	}
- 
-- 
2.47.3