The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x ce61b605a00502c59311d0a4b1f58d62b48272d0 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2024082604-depose-iphone-7d55@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
ce61b605a005 ("ksmbd: the buffer of smb2 query dir response has at least 1 byte") e2b76ab8b5c9 ("ksmbd: add support for read compound") e202a1e8634b ("ksmbd: no response from compound read") 7b7d709ef7cf ("ksmbd: add missing compound request handing in some commands") 81a94b27847f ("ksmbd: use kvzalloc instead of kvmalloc") 38c8a9a52082 ("smb: move client and server files to common directory fs/smb") 30210947a343 ("ksmbd: fix racy issue under cocurrent smb2 tree disconnect") abcc506a9a71 ("ksmbd: fix racy issue from smb2 close and logoff with multichannel") ea174a918939 ("ksmbd: destroy expired sessions") f5c779b7ddbd ("ksmbd: fix racy issue from session setup and logoff") 74d7970febf7 ("ksmbd: fix racy issue from using ->d_parent and ->d_name") 34e8ccf9ce24 ("ksmbd: set NegotiateContextCount once instead of every inc") 42bc6793e452 ("Merge tag 'pull-lock_rename_child' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs into ksmbd-for-next")
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ce61b605a00502c59311d0a4b1f58d62b48272d0 Mon Sep 17 00:00:00 2001 From: Namjae Jeon linkinjeon@kernel.org Date: Tue, 20 Aug 2024 22:07:38 +0900 Subject: [PATCH] ksmbd: the buffer of smb2 query dir response has at least 1 byte
When STATUS_NO_MORE_FILES status is set to smb2 query dir response, ->StructureSize is set to 9, which mean buffer has 1 byte. This issue occurs because ->Buffer[1] in smb2_query_directory_rsp to flex-array.
Fixes: eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays") Cc: stable@vger.kernel.org # v6.1+ Signed-off-by: Namjae Jeon linkinjeon@kernel.org Signed-off-by: Steve French stfrench@microsoft.com
diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index 0bc9edf22ba4..e9204180919e 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -4409,7 +4409,8 @@ int smb2_query_dir(struct ksmbd_work *work) rsp->OutputBufferLength = cpu_to_le32(0); rsp->Buffer[0] = 0; rc = ksmbd_iov_pin_rsp(work, (void *)rsp, - sizeof(struct smb2_query_directory_rsp)); + offsetof(struct smb2_query_directory_rsp, Buffer) + + 1); if (rc) goto err_out; } else {
On Mon, Aug 26, 2024 at 8:38 PM gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
As follows, I have marked stable tag(v6.1+) in patch to apply to 6.1 kernel versions or later.
Cc: stable@vger.kernel.org # v6.1+
This patch does not need to be applied to 5.15 or 5.10.
Thanks!
To reproduce the conflict and resubmit, you may use the following commands:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/ linux-5.15.y git checkout FETCH_HEAD git cherry-pick -x ce61b605a00502c59311d0a4b1f58d62b48272d0 # <resolve conflicts, build, test, etc.> git commit -s git send-email --to 'stable@vger.kernel.org' --in-reply-to '2024082604-depose-iphone-7d55@gregkh' --subject-prefix 'PATCH 5.15.y' HEAD^..
Possible dependencies:
ce61b605a005 ("ksmbd: the buffer of smb2 query dir response has at least 1 byte") e2b76ab8b5c9 ("ksmbd: add support for read compound") e202a1e8634b ("ksmbd: no response from compound read") 7b7d709ef7cf ("ksmbd: add missing compound request handing in some commands") 81a94b27847f ("ksmbd: use kvzalloc instead of kvmalloc") 38c8a9a52082 ("smb: move client and server files to common directory fs/smb") 30210947a343 ("ksmbd: fix racy issue under cocurrent smb2 tree disconnect") abcc506a9a71 ("ksmbd: fix racy issue from smb2 close and logoff with multichannel") ea174a918939 ("ksmbd: destroy expired sessions") f5c779b7ddbd ("ksmbd: fix racy issue from session setup and logoff") 74d7970febf7 ("ksmbd: fix racy issue from using ->d_parent and ->d_name") 34e8ccf9ce24 ("ksmbd: set NegotiateContextCount once instead of every inc") 42bc6793e452 ("Merge tag 'pull-lock_rename_child' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs into ksmbd-for-next")
thanks,
greg k-h
------------------ original commit in Linus's tree ------------------
From ce61b605a00502c59311d0a4b1f58d62b48272d0 Mon Sep 17 00:00:00 2001 From: Namjae Jeon linkinjeon@kernel.org Date: Tue, 20 Aug 2024 22:07:38 +0900 Subject: [PATCH] ksmbd: the buffer of smb2 query dir response has at least 1 byte
When STATUS_NO_MORE_FILES status is set to smb2 query dir response, ->StructureSize is set to 9, which mean buffer has 1 byte. This issue occurs because ->Buffer[1] in smb2_query_directory_rsp to flex-array.
Fixes: eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays") Cc: stable@vger.kernel.org # v6.1+ Signed-off-by: Namjae Jeon linkinjeon@kernel.org Signed-off-by: Steve French stfrench@microsoft.com
diff --git a/fs/smb/server/smb2pdu.c b/fs/smb/server/smb2pdu.c index 0bc9edf22ba4..e9204180919e 100644 --- a/fs/smb/server/smb2pdu.c +++ b/fs/smb/server/smb2pdu.c @@ -4409,7 +4409,8 @@ int smb2_query_dir(struct ksmbd_work *work) rsp->OutputBufferLength = cpu_to_le32(0); rsp->Buffer[0] = 0; rc = ksmbd_iov_pin_rsp(work, (void *)rsp,
sizeof(struct smb2_query_directory_rsp));
offsetof(struct smb2_query_directory_rsp, Buffer)
+ 1); if (rc) goto err_out; } else {
On Tue, Aug 27, 2024 at 11:54:56AM +0900, Namjae Jeon wrote:
On Mon, Aug 26, 2024 at 8:38 PM gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
As follows, I have marked stable tag(v6.1+) in patch to apply to 6.1 kernel versions or later.
Cc: stable@vger.kernel.org # v6.1+
Yes, but you also say:
Fixes: eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays")
Which has been backported to the 5.10.y and 5.15.y kernel trees, so this is why the FAILED email was triggered.
This patch does not need to be applied to 5.15 or 5.10.
Are you sure? If so, why is that the Fixes: tag?
thanks,
greg k-h
On Tue, Aug 27, 2024 at 2:14 PM Greg KH gregkh@linuxfoundation.org wrote:
On Tue, Aug 27, 2024 at 11:54:56AM +0900, Namjae Jeon wrote:
On Mon, Aug 26, 2024 at 8:38 PM gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
As follows, I have marked stable tag(v6.1+) in patch to apply to 6.1 kernel versions or later.
Cc: stable@vger.kernel.org # v6.1+
Yes, but you also say:
Fixes: eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays")
Which has been backported to the 5.10.y and 5.15.y kernel trees, so this is why the FAILED email was triggered.
This patch does not need to be applied to 5.15 or 5.10.
Are you sure?
Yes, I have checked it. 5.10 : ksmbd is not here because it was merged into the 5.15 kernel. 5.15: smb client developer backported eb3e28c1e89b commit for only smb client's header. So it doesn't affect the ksmbd server.
If so, why is that the Fixes: tag?
checkpatch.pl guide to add Fixes tag if there is a stable tag in the patch.
WARNING: The commit message has 'stable@', perhaps it also needs a 'Fixes:' tag?
In this case, I should not add fixes: tag...? I didn't know that.
Thanks.
thanks,
greg k-h
On Tue, Aug 27, 2024 at 03:45:40PM +0900, Namjae Jeon wrote:
On Tue, Aug 27, 2024 at 2:14 PM Greg KH gregkh@linuxfoundation.org wrote:
On Tue, Aug 27, 2024 at 11:54:56AM +0900, Namjae Jeon wrote:
On Mon, Aug 26, 2024 at 8:38 PM gregkh@linuxfoundation.org wrote:
The patch below does not apply to the 5.15-stable tree. If someone wants it applied there, or to any other stable or longterm tree, then please email the backport, including the original git commit id to stable@vger.kernel.org.
As follows, I have marked stable tag(v6.1+) in patch to apply to 6.1 kernel versions or later.
Cc: stable@vger.kernel.org # v6.1+
Yes, but you also say:
Fixes: eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays")
Which has been backported to the 5.10.y and 5.15.y kernel trees, so this is why the FAILED email was triggered.
This patch does not need to be applied to 5.15 or 5.10.
Are you sure?
Yes, I have checked it. 5.10 : ksmbd is not here because it was merged into the 5.15 kernel. 5.15: smb client developer backported eb3e28c1e89b commit for only smb client's header. So it doesn't affect the ksmbd server.
Ok, thanks for looking into this.
If so, why is that the Fixes: tag?
checkpatch.pl guide to add Fixes tag if there is a stable tag in the patch.
WARNING: The commit message has 'stable@', perhaps it also needs a 'Fixes:' tag?
In this case, I should not add fixes: tag...? I didn't know that.
No, it is correct to do so, smb is a bit odd in how things have been backported recently to different kernel trees, so all is good.
Thanks!
greg k-h
linux-stable-mirror@lists.linaro.org