nrubsig.kpaste.net RSS- From b850ea10692f8eb7c39b7015b42009c22d4868e1 Mon Sep 17 00:00:00 2001
- From: Roland Mainz <roland.mainz@nrubsig.org>
- Date: Fri, 15 Dec 2023 12:39:30 +0100
- Subject: [PATCH] mount,sys/nfs41_driver: Unaligned mount data can lead to
- mount failure
- Make sure |FILE_FULL_EA_INFORMATION| data is properly longword-aligned,
- (as mandated by
- https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/wdm/ns-wdm-_file_full_ea_information)
- Previously the alignment was only 32bit (|ULONG| for 32bit platform)
- aligned, which lead to random mount failures on 64bit platforms
- (where |ULONG| is a 64bit datatype).
- The patch also adds |IoCheckEaBufferValidity()| to
- |nfs41_MountConfig_ParseOptions()|, to make sure we validate the
- mount data and get a proper error code if they are not valid.
- Reported-by: Cedric Blancher <cedric.blancher@gmail.com>
- Signed-off-by: Cedric Blancher <cedric.blancher@gmail.com>
- ---
- mount/options.c | 2 +-
- sys/nfs41_driver.c | 17 +++++++++++++++++
- 2 files changed, 18 insertions(+), 1 deletion(-)
- diff --git a/mount/options.c b/mount/options.c
- index 73649cc..f254d6d 100644
- --- a/mount/options.c
- +++ b/mount/options.c
- @@ -86,7 +86,7 @@ static FORCEINLINE ULONG EaBufferSize(
- + NameSize + ValueSize + sizeof(TCHAR);
- /* extended attributes require ULONG alignment;
- * see documentation for IoCheckEaBufferValidity() */
- - return ( (Size + 3) / sizeof(ULONG) ) * sizeof(ULONG);
- + return ( (Size + (sizeof(ULONG)-1)) / sizeof(ULONG) ) * sizeof(ULONG);
- }
- static FORCEINLINE ULONG EaBufferNextOffset(
- diff --git a/sys/nfs41_driver.c b/sys/nfs41_driver.c
- index e2919b9..457ce03 100644
- --- a/sys/nfs41_driver.c
- +++ b/sys/nfs41_driver.c
- @@ -2760,6 +2760,17 @@ NTSTATUS nfs41_MountConfig_ParseOptions(
- LPWSTR Name;
- size_t NameLen;
- UNICODE_STRING usValue;
- + ULONG error_offset;
- +
- + status = IoCheckEaBufferValidity(EaBuffer, EaLength, &error_offset);
- + if (status) {
- + DbgP("status(=%d)=IoCheckEaBufferValidity"
- + "(eainfo=%p, buflen=%lu, &(error_offset=%d)) failed\n",
- + (int)status, (void *)EaBuffer, EaLength,
- + (int)error_offset);
- + goto out;
- + }
- +
- Option = EaBuffer;
- while (status == STATUS_SUCCESS) {
- DbgP("Option=%p\n", (void *)Option);
- @@ -2857,6 +2868,7 @@ NTSTATUS nfs41_MountConfig_ParseOptions(
- ((PBYTE)Option + Option->NextEntryOffset);
- }
- +out:
- DbgP("<-- nfs41_MountConfig_ParseOptions, status=%ld\n", (long)status);
- return status;
- }
- @@ -4797,6 +4809,11 @@ NTSTATUS nfs41_SetEaInformation(
- entry->u.SetEa.mode = 0;
- status = IoCheckEaBufferValidity(eainfo, buflen, &error_offset);
- if (status) {
- + DbgP("nfs41_SetEaInformation: "
- + "status(=%d)=IoCheckEaBufferValidity"
- + "(eainfo=%p, buflen=%lu, &(error_offset=%d))\n",
- + (int)status, (void *)eainfo, buflen,
- + (int)error_offset);
- RxFreePool(entry);
- goto out;
- }
- --
- 2.42.1
0001-mount-sys-nfs41_driver-Unaligned-mount-data-can-lead.patch
Posted by Anonymous on Fri 15th Dec 2023 16:13
raw | new post
Submit a correction or amendment below (click here to make a fresh posting)
After submitting an amendment, you'll be able to view the differences between the old and new posts easily.