Re: [REGRESSION 6.1.70] system calls with CIFS mounts failing with "Resource temporarily unavailable"

On Mon, Jan 08, 2024 at 12:18:26PM +0100, Jan Čermák wrote:

Hi,

I confirm Leonardo's findings about 6.1.70 introducing this regression, this issue manifested in Home Assistant OS [1] which was recently bumped to that version. I bisected the issue between 6.1.69 and 6.1.70 which pointed me to this bad commit:

---

commit bef4315f19ba6f434054f58b958c0cf058c7a43f (refs/bisect/bad) Author: Paulo Alcantara pc@manguebit.com Date: Wed Dec 13 12:25:57 2023 -0300

smb: client: fix OOB in SMB2_query_info_init()

commit 33eae65c6f49770fec7a662935d4eb4a6406d24b upstream.

A small CIFS buffer (448 bytes) isn't big enough to hold
SMB2_QUERY_INFO request along with user's input data from
CIFS_QUERY_INFO ioctl.  That is, if the user passed an input buffer >
344 bytes, the client will memcpy() off the end of @req->Buffer in
SMB2_query_info_init() thus causing the following KASAN splat:

(snip...)

Reverting this change on 6.1.y makes the error go away.

That's interesting, there's a different cifs report that says a different commit was the issue: https://lore.kernel.org/r/ZZhrpNJ3zxMR8wcU@eldamar.lan

is that the same as this one?

thanks,

greg k-h