From cfa8c66712d92e7fdaad97a339341a7716fe626d Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 15 Jan 2024 19:37:28 +0100
Subject: [PATCH] 5.15-stable patches

added patches:
	f2fs-explicitly-null-terminate-the-xattr-list.patch
	series
---
 ...icitly-null-terminate-the-xattr-list.patch | 36 +++++++++++++++++++
 queue-5.15/series                             |  1 +
 2 files changed, 37 insertions(+)
 create mode 100644 queue-5.15/f2fs-explicitly-null-terminate-the-xattr-list.patch
 create mode 100644 queue-5.15/series

diff --git a/queue-5.15/f2fs-explicitly-null-terminate-the-xattr-list.patch b/queue-5.15/f2fs-explicitly-null-terminate-the-xattr-list.patch
new file mode 100644
index 00000000000..c6e8637b5c6
--- /dev/null
+++ b/queue-5.15/f2fs-explicitly-null-terminate-the-xattr-list.patch
@@ -0,0 +1,36 @@
+From e26b6d39270f5eab0087453d9b544189a38c8564 Mon Sep 17 00:00:00 2001
+From: Eric Biggers <ebiggers@google.com>
+Date: Mon, 6 Nov 2023 20:44:34 -0800
+Subject: f2fs: explicitly null-terminate the xattr list
+
+From: Eric Biggers <ebiggers@google.com>
+
+commit e26b6d39270f5eab0087453d9b544189a38c8564 upstream.
+
+When setting an xattr, explicitly null-terminate the xattr list.  This
+eliminates the fragile assumption that the unused xattr space is always
+zeroed.
+
+Signed-off-by: Eric Biggers <ebiggers@google.com>
+Reviewed-by: Chao Yu <chao@kernel.org>
+Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/f2fs/xattr.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/fs/f2fs/xattr.c
++++ b/fs/f2fs/xattr.c
+@@ -745,6 +745,12 @@ static int __f2fs_setxattr(struct inode
+ 		memcpy(pval, value, size);
+ 		last->e_value_size = cpu_to_le16(size);
+ 		new_hsize += newsize;
++		/*
++		 * Explicitly add the null terminator.  The unused xattr space
++		 * is supposed to always be zeroed, which would make this
++		 * unnecessary, but don't depend on that.
++		 */
++		*(u32 *)((u8 *)last + newsize) = 0;
+ 	}
+ 
+ 	error = write_all_xattrs(inode, new_hsize, base_addr, ipage);
diff --git a/queue-5.15/series b/queue-5.15/series
new file mode 100644
index 00000000000..4c6ad7e1923
--- /dev/null
+++ b/queue-5.15/series
@@ -0,0 +1 @@
+f2fs-explicitly-null-terminate-the-xattr-list.patch
-- 
2.47.3