From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 9 Feb 2022 18:29:16 +0000 (+0100)
Subject: 5.16-stable patches
X-Git-Tag: v4.9.301~8
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=a1556e595c45d8e5f4fbf2e10f0bf94c1274c05c;p=thirdparty%2Fkernel%2Fstable-queue.git

5.16-stable patches

added patches:
	crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch
	ksmbd-fix-smb-3.11-posix-extension-mount-failure.patch
	kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
---

diff --git a/queue-5.16/crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch b/queue-5.16/crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch
new file mode 100644
index 00000000000..8a03926747c
--- /dev/null
+++ b/queue-5.16/crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch
@@ -0,0 +1,39 @@
+From c6ce9c5831cae515d375a01b97ae1778689acf19 Mon Sep 17 00:00:00 2001
+From: Herbert Xu <herbert@gondor.apana.org.au>
+Date: Wed, 2 Feb 2022 17:46:48 +1100
+Subject: crypto: api - Move cryptomgr soft dependency into algapi
+
+From: Herbert Xu <herbert@gondor.apana.org.au>
+
+commit c6ce9c5831cae515d375a01b97ae1778689acf19 upstream.
+
+The soft dependency on cryptomgr is only needed in algapi because
+if algapi isn't present then no algorithms can be loaded.  This
+also fixes the case where api is built-in but algapi is built as
+a module as the soft dependency would otherwise get lost.
+
+Fixes: 8ab23d547f65 ("crypto: api - Add softdep on cryptomgr")
+Reported-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Tested-by: Jan Beulich <jbeulich@suse.com>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ crypto/algapi.c |    1 +
+ crypto/api.c    |    1 -
+ 2 files changed, 1 insertion(+), 1 deletion(-)
+
+--- a/crypto/algapi.c
++++ b/crypto/algapi.c
+@@ -1324,3 +1324,4 @@ module_exit(crypto_algapi_exit);
+ 
+ MODULE_LICENSE("GPL");
+ MODULE_DESCRIPTION("Cryptographic algorithms API");
++MODULE_SOFTDEP("pre: cryptomgr");
+--- a/crypto/api.c
++++ b/crypto/api.c
+@@ -643,4 +643,3 @@ EXPORT_SYMBOL_GPL(crypto_req_done);
+ 
+ MODULE_DESCRIPTION("Cryptographic core API");
+ MODULE_LICENSE("GPL");
+-MODULE_SOFTDEP("pre: cryptomgr");
diff --git a/queue-5.16/ksmbd-fix-smb-3.11-posix-extension-mount-failure.patch b/queue-5.16/ksmbd-fix-smb-3.11-posix-extension-mount-failure.patch
new file mode 100644
index 00000000000..274e78b1481
--- /dev/null
+++ b/queue-5.16/ksmbd-fix-smb-3.11-posix-extension-mount-failure.patch
@@ -0,0 +1,36 @@
+From 9ca8581e79e51c57e60b3b8e3b89d816448f49fe Mon Sep 17 00:00:00 2001
+From: Namjae Jeon <linkinjeon@kernel.org>
+Date: Sat, 22 Jan 2022 10:47:22 +0900
+Subject: ksmbd: fix SMB 3.11 posix extension mount failure
+
+From: Namjae Jeon <linkinjeon@kernel.org>
+
+commit 9ca8581e79e51c57e60b3b8e3b89d816448f49fe upstream.
+
+cifs client set 4 to DataLength of create_posix context, which mean
+Mode variable of create_posix context is only available. So buffer
+validation of ksmbd should check only the size of Mode except for
+the size of Reserved variable.
+
+Fixes: 8f77150c15f8 ("ksmbd: add buffer validation for SMB2_CREATE_CONTEXT")
+Cc: stable@vger.kernel.org # v5.15+
+Reported-by: Steve French <smfrench@gmail.com>
+Tested-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Namjae Jeon <linkinjeon@kernel.org>
+Signed-off-by: Steve French <stfrench@microsoft.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ksmbd/smb2pdu.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/fs/ksmbd/smb2pdu.c
++++ b/fs/ksmbd/smb2pdu.c
+@@ -2688,7 +2688,7 @@ int smb2_open(struct ksmbd_work *work)
+ 					(struct create_posix *)context;
+ 				if (le16_to_cpu(context->DataOffset) +
+ 				    le32_to_cpu(context->DataLength) <
+-				    sizeof(struct create_posix)) {
++				    sizeof(struct create_posix) - 4) {
+ 					rc = -EINVAL;
+ 					goto err_out1;
+ 				}
diff --git a/queue-5.16/kvm-s390-return-error-on-sida-memop-on-normal-guest.patch b/queue-5.16/kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
new file mode 100644
index 00000000000..6ad27ccd706
--- /dev/null
+++ b/queue-5.16/kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
@@ -0,0 +1,33 @@
+From 2c212e1baedcd782b2535a3f86bc491977677c0e Mon Sep 17 00:00:00 2001
+From: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
+Date: Fri, 28 Jan 2022 15:06:43 +0100
+Subject: KVM: s390: Return error on SIDA memop on normal guest
+
+From: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
+
+commit 2c212e1baedcd782b2535a3f86bc491977677c0e upstream.
+
+Refuse SIDA memops on guests which are not protected.
+For normal guests, the secure instruction data address designation,
+which determines the location we access, is not under control of KVM.
+
+Fixes: 19e122776886 (KVM: S390: protvirt: Introduce instruction data area bounce buffer)
+Signed-off-by: Janis Schoetterl-Glausch <scgl@linux.ibm.com>
+Cc: stable@vger.kernel.org
+Signed-off-by: Christian Borntraeger <borntraeger@linux.ibm.com>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/s390/kvm/kvm-s390.c |    2 ++
+ 1 file changed, 2 insertions(+)
+
+--- a/arch/s390/kvm/kvm-s390.c
++++ b/arch/s390/kvm/kvm-s390.c
+@@ -4711,6 +4711,8 @@ static long kvm_s390_guest_sida_op(struc
+ 		return -EINVAL;
+ 	if (mop->size + mop->sida_offset > sida_size(vcpu->arch.sie_block))
+ 		return -E2BIG;
++	if (!kvm_s390_pv_cpu_is_protected(vcpu))
++		return -EINVAL;
+ 
+ 	switch (mop->op) {
+ 	case KVM_S390_MEMOP_SIDA_READ:
diff --git a/queue-5.16/series b/queue-5.16/series
index 187684a416f..4eca183f02d 100644
--- a/queue-5.16/series
+++ b/queue-5.16/series
@@ -1,2 +1,5 @@
 ata-libata-core-fix-ata_dev_config_cpr.patch
 moxart-fix-potential-use-after-free-on-remove-path.patch
+kvm-s390-return-error-on-sida-memop-on-normal-guest.patch
+ksmbd-fix-smb-3.11-posix-extension-mount-failure.patch
+crypto-api-move-cryptomgr-soft-dependency-into-algapi.patch