Hi ZhaoLong,
+CC Kovalev, Mohamed (who also worked on this issue)
On 07/02/24 5:17 pm, ZhaoLong Wang wrote:
After backporting the mainline commit 33eae65c6f49 ("smb: client: fix OOB in SMB2_query_info_init()") to the linux-5.10.y stable branch, an issue arose where the cifs statfs system call failed, resulting in:
$ df /mnt df: /mnt: Resource temporarily unavailable
This is true but there are other backporting efforts on this and 5.15.y
The latest is to backport eb3e28c1e89b ("smb3: Replace smb2pdu 1-element arrays with flex-arrays") to 5.15.y and pull out a similar one liner fix out of the stable-queue from 5.15.-stable queue and 5.10.stable-queue
Reference threads: 1. https://lore.kernel.org/all/7903fc0a-d0c5-20bf-20cc-d9f092e5c498@basealt.ru/
2. https://lore.kernel.org/all/20240206161111.454699-1-kovalev@altlinux.org/
Applying Kovalev's recent backport[2] most likely will fix this issue.
Thanks, Harshit
KASAN also reported a stack-out-of-bounds error as follows:
================================================================== BUG: KASAN: stack-out-of-bounds in smb2_set_next_command+0x247/0x280 [cifs] Write of size 8 at addr ffff8881073ef830 by task df/533