[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y32sfX54JJbldBIt@codewreck.org>
Date: Wed, 23 Nov 2022 14:15:41 +0900
From: Dominique Martinet <asmadeus@...ewreck.org>
To: Linus Torvalds <torvalds@...ux-foundation.org>
Cc: Christian Schoenebeck <linux_oss@...debyte.com>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
v9fs-developer@...ts.sourceforge.net
Subject: [GIT PULL] 9p fixes for 6.1-rc7
The following changes since commit f0c4d9fc9cc9462659728d168387191387e903cc:
Linux 6.1-rc4 (2022-11-06 15:07:11 -0800)
are available in the Git repository at:
https://github.com/martinetd/linux tags/9p-for-6.1-rc7
for you to fetch changes up to 391c18cf776eb4569ecda1f7794f360fe0a45a26:
9p/xen: check logical size for buffer size (2022-11-23 14:01:27 +0900)
(yes, that's just now -- sorry, I just noticed a whitespace problem as I
prepared this mail, there's no code change with what was tested and in
-next for a few days)
----------------------------------------------------------------
9p-for-6.1-rc7
Two fixes:
- 9p now uses a variable size for its recv buffer, but every place
hadn't been updated properly to use it and some buffer overflows
have been found and needed fixing.
There's still one place where msize is incorrectly used in a safety
check (p9_check_errors), but all paths leading to it should already
be avoiding overflows and that patch took a bit more time to get
right for zero-copy requests so I'll send it for 6.2
- yet another race condition in p9_conn_cancel introduced by a
fix of a syzbot report in the same place, maybe at some point
we'll get it right without burning it all down...
----------------------------------------------------------------
Dominique Martinet (1):
9p/xen: check logical size for buffer size
GUO Zihua (2):
9p/fd: Fix write overflow in p9_read_work
9p/fd: Use P9_HDRSZ for header size
Zhengchao Shao (1):
9p/fd: fix issue of list_del corruption in p9_fd_cancel()
net/9p/trans_fd.c | 24 +++++++++++++-----------
net/9p/trans_xen.c | 9 +++++++++
2 files changed, 22 insertions(+), 11 deletions(-)
9 files changed, 254 insertions(+), 28 deletions(-)
--
Dominique
Powered by blists - more mailing lists