From: Sasha Levin <sashal@kernel.org>
To: stable@vger.kernel.org
Cc: Larry Bassel <larry.bassel@oracle.com>, Sasha Levin <sashal@kernel.org>
Subject: Re: [PATCH 5.4.y] NFSD: Fix ia_size underflow
Date: Wed, 11 Jun 2025 22:22:27 -0400 [thread overview]
Message-ID: <20250611095438-6568922294ccce73@stable.kernel.org> (raw)
In-Reply-To: <20250610235321.3021295-1-larry.bassel@oracle.com>
[ Sasha's backport helper bot ]
Hi,
✅ All tests passed successfully. No issues detected.
No action required from the submitter.
The upstream commit SHA1 provided is correct: e6faac3f58c7c4176b66f63def17a34232a17b0e
WARNING: Author mismatch between patch and upstream commit:
Backport author: Larry Bassel<larry.bassel@oracle.com>
Commit author: Chuck Lever<chuck.lever@oracle.com>
Status in newer kernel trees:
6.15.y | Present (exact SHA1)
6.14.y | Present (exact SHA1)
6.12.y | Present (exact SHA1)
6.6.y | Present (exact SHA1)
6.1.y | Present (exact SHA1)
5.15.y | Present (different SHA1: 8e0ecaf7a7e5)
5.10.y | Present (different SHA1: 38d02ba22e43)
Note: The patch differs from the upstream commit:
---
1: e6faac3f58c7c ! 1: 6dd1d223c9523 NFSD: Fix ia_size underflow
@@ Metadata
## Commit message ##
NFSD: Fix ia_size underflow
+ [ Upstream commit e6faac3f58c7c4176b66f63def17a34232a17b0e ]
+
iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 and
NFSv4 both define file size as an unsigned 64-bit type. Thus there
is a range of valid file size values an NFS client can send that is
@@ Commit message
Cc: stable@vger.kernel.org
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
+ (cherry picked from commit e6faac3f58c7c4176b66f63def17a34232a17b0e)
+ [Larry: backport to 5.4.y. Minor conflict resolved due to missing commit 2f221d6f7b88
+ attr: handle idmapped mounts]
+ Signed-off-by: Larry Bassel <larry.bassel@oracle.com>
## fs/nfsd/vfs.c ##
@@ fs/nfsd/vfs.c: nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct iattr *iap,
@@ fs/nfsd/vfs.c: nfsd_setattr(struct svc_rqst *rqstp, struct svc_fh *fhp, struct i
+ if (iap->ia_size < 0)
+ goto out_unlock;
+
- host_err = notify_change(&init_user_ns, dentry, &size_attr, NULL);
+ host_err = notify_change(dentry, &size_attr, NULL);
if (host_err)
goto out_unlock;
---
Results of testing on various branches:
| Branch | Patch Apply | Build Test |
|---------------------------|-------------|------------|
| stable/linux-5.4.y | Success | Success |
prev parent reply other threads:[~2025-06-12 2:22 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-10 23:53 [PATCH 5.4.y] NFSD: Fix ia_size underflow Larry Bassel
2025-06-12 2:22 ` Sasha Levin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250611095438-6568922294ccce73@stable.kernel.org \
--to=sashal@kernel.org \
--cc=larry.bassel@oracle.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox