Hello Eric,
On Wed, Oct 01, 2025 at 09:54:55AM -0700, Eric Biggers wrote:
On Wed, Oct 01, 2025 at 09:45:07AM -0700, Breno Leitao wrote:
Hello Eric,
On Wed, Oct 01, 2025 at 09:23:05AM -0700, Eric Biggers wrote:
This looks fine, but technically 'unsigned int' would be more appropriate here, given the context. If we look at the whole function in 6.12, we can see that it took an 'unsigned int' length:
Ack. Do you want me to send a v2 with `unsigned int` instead?
Sure. Could you also make it clear which kernel version(s) you are expecting the patch to be applied to? Is it everything 5.4 through 6.15? It looks like this bug actually got exposed by f4da7afe07523f ("kexec_file: increase maximum file size to 4G") in 6.0.
Good point. I've put my wanna-be-hacker hat and try to crash the host before commit f4da7afe07523f ("kexec_file: increase maximum file size to 4G"), but no luck at all.
So, I would say we want to limit the backport from v6.0 to 6.16. In this case, it seems the easiest thing for stable maintainers is to "Fixes: f4da7afe07523f ("kexec_file: increase maximum file size to 4G")", which will limit the backport into only affected kernels.
Let me send a v2 and we can catch-up there.
Thanks for finding f4da7afe07523f! --breno