From: Theodore Ts'o tytso@mit.edu
[ Upstream commit 8ecb790ea8c3fc69e77bace57f14cf0d7c177bd8 ]
Unlike other strings in the ext4 superblock, we rely on tune2fs to make sure s_mount_opts is NUL terminated. Harden parse_apply_sb_mount_options() by treating s_mount_opts as a potential __nonstring.
Cc: stable@vger.kernel.org Fixes: 8b67f04ab9de ("ext4: Add mount options in superblock") Reviewed-by: Jan Kara jack@suse.cz Reviewed-by: Darrick J. Wong djwong@kernel.org Signed-off-by: Theodore Ts'o tytso@mit.edu Message-ID: 20250916-tune2fs-v2-1-d594dc7486f0@mit.edu Signed-off-by: Theodore Ts'o tytso@mit.edu [ applied to ext4_fill_super() instead of parse_apply_sb_mount_options() ] Signed-off-by: Sasha Levin sashal@kernel.org --- fs/ext4/super.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/fs/ext4/super.c b/fs/ext4/super.c index ff681888a123f..0c7aedcb39ea4 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -3882,18 +3882,16 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent) }
if (sbi->s_es->s_mount_opts[0]) { - char *s_mount_opts = kstrndup(sbi->s_es->s_mount_opts, - sizeof(sbi->s_es->s_mount_opts), - GFP_KERNEL); - if (!s_mount_opts) - goto failed_mount; + char s_mount_opts[65]; + + strscpy_pad(s_mount_opts, sbi->s_es->s_mount_opts, + sizeof(s_mount_opts)); if (!parse_options(s_mount_opts, sb, &journal_devnum, &journal_ioprio, 0)) { ext4_msg(sb, KERN_WARNING, "failed to parse options in superblock: %s", s_mount_opts); } - kfree(s_mount_opts); } sbi->s_def_mount_opt = sbi->s_mount_opt; if (!parse_options((char *) data, sb, &journal_devnum,