On Mon, Jun 24, 2019 at 07:52:11AM +0300, Amir Goldstein wrote:
On Mon, Jun 24, 2019 at 3:34 AM Sasha Levin sashal@kernel.org wrote:
On Sun, Jun 23, 2019 at 10:29:16PM +0200, Greg KH wrote:
On Sat, Jun 22, 2019 at 09:03:45PM -0400, Sasha Levin wrote:
On Fri, Jun 21, 2019 at 11:15:47AM +0300, Amir Goldstein wrote:
On Thu, Jun 13, 2019 at 11:49 AM Amir Goldstein amir73il@gmail.com wrote:
On Sun, Jun 9, 2019 at 12:45 PM gregkh@linuxfoundation.org wrote: > > > The patch below does not apply to the 5.1-stable tree. > If someone wants it applied there, or to any other stable or longterm > tree, then please email the backport, including the original git commit > id to stable@vger.kernel.org. > > thanks, > > greg k-h >
FYI, the failure to apply this patch would be resolved after you picked up "ovl: check the capability before cred overridden" for stable, please hold off from taking this patch just yet, because it has a bug, whose fix wasn't picked upstream yet.
Greg,
Please apply these patches to stable 4.19. They fix a docker regression (project quotas feature).
b21d9c435f93 ovl: support the FS_IOC_FS[SG]ETXATTR ioctls 941d935ac763 ovl: fix wrong flags check in FS_IOC_FS[SG]ETXATTR ioctls
They apply cleanly and tested on v4.19.53.
I've queued these for 4.19.
While at it, I also tested that the following patches apply cleanly and solve relevant issues on v4.19.53, but they are not clear stable candidates.
- /proc/locks shows incorrect ino. Only reported by xfstests (so far):
6dde1e42f497 ovl: make i_ino consistent with st_ino in more cases
And this.
- Fix output of `modinfo overlay`:
253e74833911 ovl: fix typo in MODULE_PARM_DESC
But not this one. Maybe we should be including these in stable trees since the risk factor is low and it fixes something user-visible, but our current rules object this this kind of patches so I've left it out.
- Disallow bogus layer combinations.
syzbot has started to produce repros that create bogus layer combinations. So far it has only been able to reproduce a WARN_ON, which has already been fixed in stable, by acf3062a7e1c ("ovl: relax WARN_ON()..."), but other real bugs could be lurking if those setups are allowed. We decided to detect and error on these setups on mount, to stop syzbot (and attackers) from trying to attack overlayfs this way. To stop syzbot from mutating this class of repros on stable kernel you MAY apply these 3 patches, but in any case, I would wait a while to see if more bugs are reported on master. Although this solves a problem dating before 4.19, I have no plans of backporting these patches further back.
146d62e5a586 ovl: detect overlapping layers 9179c21dc6ed ovl: don't fail with disconnected lower NFS 1dac6f5b0ed2 ovl: fix bogus -Wmaybe-unitialized warning
I've queued these 3 for 4.19.
What about the ones that are needed for 5.1?
Ah yes, I haven't realized that the syzkaller ones are needed for 5.1. I'll queue them up.
I don't think syzkaller ones are more relevant to 5.1 then the rest of the patches applied to 4.19. If anything, its the other way around. According to syzbot dashboard, it is being run on LTS kernels, not on latest stable.
Please forgive me if my language caused confusion, when I said "please apply to 4.19" I meant 4.19+.
So is anything else needed to be done here, or are we all caught up and everything merged properly?
thanks,
greg k-h