APPLIED Re: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-2269

[Timo Aaltonen]

Yuxuan Luo kirjoitti 29.7.2023 klo 2.17:
> [Impact]
> A denial of service problem was found, due to a possible recursive
> locking scenario, resulting in a deadlock in table_clear in
> drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing
> sub-component.
> 
> [Backport]
> Clean cherry pick.
> 
> [Test]
> Tested against the following script to verify that the verity
> functionality is not broken and ioctl is still working as intended:
> 
> ```bash
> IMG_SIZE=50M
> VERITY_DEV=''
> HASH_DEV=''
> TARGET_DIR=/mnt/dmtest
> ROOT_HASH=''
> PARAM=''
> 
> # Prepare two loop devices
> truncate -s $IMG_SIZE verity.img hash.img
> 
> losetup -f verity.img
> VERITY_DEV=$(sudo losetup -j verity.img | awk -F: '{print $1}')
> losetup -f hash.img
> HASH_DEV=$(sudo losetup -j hash.img | awk -F: '{print $1}')
> 
> # Create the verity device
> ROOT_HASH=`veritysetup format $VERITY_DEV $HASH_DEV
>            | tail -n 1
>            | awk '{print $3}'`
> veritysetup create vroot $VERITY_DEV $HASH_DEV $ROOT_HASH
> 
> # Reload the verity device
> PARAM=$(sudo dmsetup table | awk '{ret = $2 " " $3; print ret}')
> dmsetup suspend vroot
> 
> # Expect this command to fail
> dmsetup reload vroot --table "$PARAM linear $VERITY_DEV 0"
> ```
> 
> [Potential Regression]
> Expect low regression potential.
> 
> Mike Snitzer (1):
>    dm ioctl: fix nested locking in table_clear() to remove deadlock
>      concern
> 
>   drivers/md/dm-ioctl.c | 7 ++++---
>   1 file changed, 4 insertions(+), 3 deletions(-)
> 

applied to oem-5.17, -6.0, thanks

-- 
t