From: Greg KH <gregkh@linuxfoundation.org>
To: "Jan Čermák" <sairon@sairon.cz>
Cc: Leonardo Brondani Schenkel <leonardo@schenkel.net>,
stable@vger.kernel.org, regressions@lists.linux.dev,
linux-cifs@vger.kernel.org, Paulo Alcantara <pc@manguebit.com>
Subject: Re: [REGRESSION 6.1.70] system calls with CIFS mounts failing with "Resource temporarily unavailable"
Date: Mon, 8 Jan 2024 15:13:10 +0100 [thread overview]
Message-ID: <2024010838-saddlebag-overspend-e027@gregkh> (raw)
In-Reply-To: <7425b05a-d9a1-4c06-89a2-575504e132c3@sairon.cz>
On Mon, Jan 08, 2024 at 12:18:26PM +0100, Jan Čermák wrote:
> Hi,
>
> I confirm Leonardo's findings about 6.1.70 introducing this regression, this
> issue manifested in Home Assistant OS [1] which was recently bumped to that
> version. I bisected the issue between 6.1.69 and 6.1.70 which pointed me to
> this bad commit:
>
> ----
> commit bef4315f19ba6f434054f58b958c0cf058c7a43f (refs/bisect/bad)
> Author: Paulo Alcantara <pc@manguebit.com>
> Date: Wed Dec 13 12:25:57 2023 -0300
>
> smb: client: fix OOB in SMB2_query_info_init()
>
> commit 33eae65c6f49770fec7a662935d4eb4a6406d24b upstream.
>
> A small CIFS buffer (448 bytes) isn't big enough to hold
> SMB2_QUERY_INFO request along with user's input data from
> CIFS_QUERY_INFO ioctl. That is, if the user passed an input buffer >
> 344 bytes, the client will memcpy() off the end of @req->Buffer in
> SMB2_query_info_init() thus causing the following KASAN splat:
>
> (snip...)
> ----
>
> Reverting this change on 6.1.y makes the error go away.
That's interesting, there's a different cifs report that says a
different commit was the issue:
https://lore.kernel.org/r/ZZhrpNJ3zxMR8wcU@eldamar.lan
is that the same as this one?
thanks,
greg k-h
next prev parent reply other threads:[~2024-01-08 14:13 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-08 10:44 [REGRESSION 6.1.70] system calls with CIFS mounts failing with "Resource temporarily unavailable" Leonardo Brondani Schenkel
2024-01-08 11:18 ` Jan Čermák
2024-01-08 14:13 ` Greg KH [this message]
2024-01-08 14:30 ` Jan Čermák
2024-01-08 14:34 ` Leonardo Brondani Schenkel
2024-01-08 14:52 ` Paulo Alcantara
2024-01-08 15:11 ` Greg Kroah-Hartman
2024-01-08 15:58 ` Paulo Alcantara
2024-01-30 22:43 ` Salvatore Bonaccorso
2024-01-30 22:49 ` Salvatore Bonaccorso
2024-02-20 20:27 ` Greg Kroah-Hartman
2024-02-20 21:25 ` Salvatore Bonaccorso
2024-02-21 11:09 ` Greg Kroah-Hartman
2024-02-22 23:00 ` Paulo Alcantara
2024-02-23 5:50 ` Salvatore Bonaccorso
-- strict thread matches above, loose matches on Subject: below --
2024-01-15 14:22 Mohamed Abuelfotoh, Hazem
2024-01-15 14:28 ` Mohamed Abuelfotoh, Hazem
2024-01-15 15:16 ` gregkh
2024-01-15 15:30 ` Mohamed Abuelfotoh, Hazem
2024-01-31 6:30 ` Salvatore Bonaccorso
2024-01-31 17:19 ` Paulo Alcantara
2024-02-01 12:58 ` Mohamed Abuelfotoh, Hazem
2024-02-03 15:39 ` Salvatore Bonaccorso
2024-02-06 7:46 ` Harshit Mogalapalli
2024-02-06 16:33 ` kovalev
2024-02-20 20:28 ` gregkh
2024-02-21 2:26 ` Harshit Mogalapalli
2024-02-21 11:09 ` gregkh
2024-01-16 10:23 ` Harshit Mogalapalli
2024-01-26 19:13 ` SeongJae Park
2024-02-23 6:14 ` Linux regression tracking #update (Thorsten Leemhuis)
2024-02-26 14:28 ` Mohamed Abuelfotoh, Hazem
2024-02-26 14:54 ` Linux regression tracking (Thorsten Leemhuis)
2024-02-26 14:55 ` gregkh
2024-02-26 22:54 ` Mohamed Abuelfotoh, Hazem
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2024010838-saddlebag-overspend-e027@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=leonardo@schenkel.net \
--cc=linux-cifs@vger.kernel.org \
--cc=pc@manguebit.com \
--cc=regressions@lists.linux.dev \
--cc=sairon@sairon.cz \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.