[OpenAFS-devel] Kernel BUG on Linux 6.5.3

MS Vitale mvitale@sinenomine.net
Fri, 15 Sep 2023 22:11:46 -0400 

Hi Michael,

Just a quick note to let you know that we were able to duplicate this.
The root cause is an interaction between Linux 6.5 CONFIG_FORTIFY_SOURCE=3D=
y string helpers and
a recent change in OpenAFS 1.8.10 to use strlcpy, which is now fortified in=
 your kernel.
=20
OpenAFS has always managed the name string for directory entries in a very =
quirky but
ultimately memory-safe way.  However, due to the new interaction described =
above,
Fortify now sees any directory entry name longer that 16 chars as a buffer =
overrun.
In your case, this is triggered during cache manager initialization by the =
first cell
in CellServDB with a cell name longer than 16 characters.

I have fixed the specific kernel BUG you reported, and was able to bring up=
 a
working cell.  However, there are several additional paths where similar is=
sues in "long"
directory entry names are still present.  Therefore, I'm still working on f=
inding and fixing those.
I'll let you know when I think I've fixed them all and have something in ge=
rrit for you to try.

Regards,
--
Mark Vitale
OpenAFS Release Team


> On Sep 14, 2023, at 4:19 PM, Michael La=C3=9F <lass@mail.upb.de> wrote:
>=20
> Hi Mark,
>=20
> Am Donnerstag, dem 14.09.2023 um 16:06 -0400 schrieb MS Vitale:
>>=20
>> I didn't look closely, but I doubt you are missing anything.
>> Instead, this might be an edge case provoked by site-specific
>> contents of dynroot.
>> Could you please supply a list of all your cell names from CellServDB
>> and any aliases from CellAlias?
>=20
> My CellServDB is the one currently shipped in src/afsd [1], extended by
> the following entry:
>=20
>> fritz.box              #Test cell
> 192.168.178.230         #afs.fritz.box
>=20
> But since two other users reported the issue today, I don't think it's
> related to that additional entry.
>=20
> I don't have any CellAlias file set up.
>=20
> Best regards,
> Michael
>=20
> [1] https://github.com/openafs/openafs/blob/538f450033a67e251b473ff92238b=
3124b85fc72/src/afsd/CellServDB