drop oboslete ocfs2 patch

now upstreamed in a slightly different way Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
2021-11-29 12:06:00 +01:00 · 2021-11-29 12:06:00 +01:00 · fda70d3865
commit fda70d3865
parent 92e753f360
1 changed files with 0 additions and 68 deletions
--- a/patches/kernel/0008-ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
+++ b/patches/kernel/0008-ocfs2-mount-fails-with-buffer-overflow-in-strlen.patch
@ -1,68 +0,0 @@
 From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
 From: Valentin Vidic <vvidic@valentin-vidic.from.hr>
 Date: Mon, 27 Sep 2021 17:44:59 +0200
 Subject: [PATCH] ocfs2: mount fails with buffer overflow in strlen
 Starting with kernel v5.11 mouting an ocfs2 filesystem with either o2cb
 or pcmk cluster stack fails with the trace below. Problem seems to be
 that strings for cluster stack and cluster name are not guaranteed to be
 null terminated in the disk representation, while strlcpy assumes that
 the source string is always null terminated. This causes a read outside
 of the source string triggering the buffer overflow detection.
 detected buffer overflow in strlen
 ------------[ cut here ]------------
 kernel BUG at lib/string.c:1149!
 invalid opcode: 0000 [#1] SMP PTI
 CPU: 1 PID: 910 Comm: mount.ocfs2 Not tainted 5.14.0-1-amd64 #1
  Debian 5.14.6-2
 RIP: 0010:fortify_panic+0xf/0x11
 ...
 Call Trace:
 ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]
 ocfs2_fill_super+0x359/0x19b0 [ocfs2]
 mount_bdev+0x185/0x1b0
 ? ocfs2_remount+0x440/0x440 [ocfs2]
 legacy_get_tree+0x27/0x40
 vfs_get_tree+0x25/0xb0
 path_mount+0x454/0xa20
 __x64_sys_mount+0x103/0x140
 do_syscall_64+0x3b/0xc0
 entry_SYSCALL_64_after_hwframe+0x44/0xae
 Signed-off-by: Valentin Vidic <vvidic@valentin-vidic.from.hr>
 Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
 ---
 fs/ocfs2/super.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)
 diff --git a/fs/ocfs2/super.c b/fs/ocfs2/super.c
 index c86bd4e60e20..1dea535224df 100644
 --- a/fs/ocfs2/super.c
 +++ b/fs/ocfs2/super.c
@@ -2169,9 +2169,10 @@ static int ocfs2_initialize_super(struct super_block *sb,
 	if (ocfs2_clusterinfo_valid(osb)) {
 		osb->osb_stackflags =
 			OCFS2_RAW_SB(di)->s_cluster_info.ci_stackflags;
 -		strlcpy(osb->osb_cluster_stack,
 +		memcpy(osb->osb_cluster_stack,
 		       OCFS2_RAW_SB(di)->s_cluster_info.ci_stack,
 -		       OCFS2_STACK_LABEL_LEN + 1);
 +		       OCFS2_STACK_LABEL_LEN);
 +		osb->osb_cluster_stack[OCFS2_STACK_LABEL_LEN] = '\0';
 		if (strlen(osb->osb_cluster_stack) != OCFS2_STACK_LABEL_LEN) {
 			mlog(ML_ERROR,
 			     "couldn't mount because of an invalid "
@@ -2180,9 +2181,10 @@ static int ocfs2_initialize_super(struct super_block *sb,
 			status = -EINVAL;
 			goto bail;
 		}
 -		strlcpy(osb->osb_cluster_name,
 +		memcpy(osb->osb_cluster_name,
 			OCFS2_RAW_SB(di)->s_cluster_info.ci_cluster,
 -			OCFS2_CLUSTER_NAME_LEN + 1);
 +			OCFS2_CLUSTER_NAME_LEN);
 +		osb->osb_cluster_name[OCFS2_CLUSTER_NAME_LEN] = '\0';
 	} else {
 		/* The empty string is identical with classic tools that
 		 * don't know about s_cluster_info. */