Add missing patch for Linux 6.5

See: https://gerrit.openafs.org/15573

8 files changed, 207 insertions, 18 deletions

diff --git a/.SRCINFO b/.SRCINFO
index 8df324bba6e4..2b1b804239ff 100644
--- a/.SRCINFO
+++ b/.SRCINFO
@@ -1,7 +1,7 @@
 pkgbase = openafs-modules-dkms
 	pkgdesc = Kernel module for OpenAFS (dkms)
 	pkgver = 1.8.10
-	pkgrel = 3
+	pkgrel = 4
 	url = http://www.openafs.org
 	arch = i686
 	arch = x86_64
@@ -22,12 +22,14 @@ pkgbase = openafs-modules-dkms
 	source = 0003-Linux-6.5-Use-register_sysctl.patch
 	source = 0004-hcrypto-rename-abort-to-_afscrypto_abort.patch
 	source = 0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch
+	source = 0006-dir-Introduce-struct-DirEntryMax.patch
 	sha256sums = 9fec11364623549e8db7374072f5c8f01b841f6bfe7e85673cbce35ff43ffb07
 	sha256sums = 5ea5e184f9b44f5ed45817d2b5a10149d15c8c54f49e0b5b4b773652673cb9b0
-	sha256sums = 81f3cf88040eee89ed180d683ba1a42107ea4a6c7057fd3dac679be9a9a9ab01
-	sha256sums = 873c2b3816eed95e1799954d299e4411aa8079f267077dc1a3a3c564d3e2524c
-	sha256sums = da4b625e6885ae9bccc7428b1556751ea134510540e59fa4e8170cfba4d454dc
-	sha256sums = 42d2363ac0bcd5e87afc60ac656bb1ead8ab885d0deca6b0f8318b9bbf191b67
-	sha256sums = 05a52fcc975b940cf15ba78ec2f76c00580f2db939bea32bcd99ef4c1dfdad1b
+	sha256sums = e27ff48ca676ac8d4dc95209bd3b84fe13bb14861aa4a0e0776f3dfe7559ffab
+	sha256sums = 4e71ad2009125187632cdb48b2d5eccc9bcaa8ab0733751fed432cfe661ea86e
+	sha256sums = daaa1361d5db967bd8b72fff4038cfc933a7027e3c70d10ef6ff673a5d176cb6
+	sha256sums = 40e50688a2d4d85eb9b971aaa8563e577db15550aa56c44eab8fe2a688d3f013
+	sha256sums = c0792690ed273ce464966b22e36ca431196a913ded6f0def4a46154076fd0eff
+	sha256sums = be7e1b0304ff61ed899286fdd18ebdbe71cbbe3eb20f6ac38c5799083b339a4a
 
 pkgname = openafs-modules-dkms
diff --git a/0001-Linux-6.5-Replace-generic_file_splice_read.patch b/0001-Linux-6.5-Replace-generic_file_splice_read.patch
index 2e71324ff79c..53f352b403e6 100644
--- a/0001-Linux-6.5-Replace-generic_file_splice_read.patch
+++ b/0001-Linux-6.5-Replace-generic_file_splice_read.patch
@@ -1,7 +1,7 @@
 From 04083bc9a31156e34782b689993737f7c9def427 Mon Sep 17 00:00:00 2001
 From: Cheyenne Wills <cwills@sinenomine.net>
 Date: Sun, 9 Jul 2023 18:52:23 -0600
-Subject: [PATCH 1/5] Linux 6.5: Replace generic_file_splice_read
+Subject: [PATCH 1/6] Linux 6.5: Replace generic_file_splice_read
 
 The Linux 6.5 commit:
     'splice: Remove generic_file_splice_read()' (c6585011bc)
diff --git a/0002-LINUX-Make-sysctl-definitions-more-concise.patch b/0002-LINUX-Make-sysctl-definitions-more-concise.patch
index 9fbe6a757b80..926818ad8fbb 100644
--- a/0002-LINUX-Make-sysctl-definitions-more-concise.patch
+++ b/0002-LINUX-Make-sysctl-definitions-more-concise.patch
@@ -1,7 +1,7 @@
 From 48e0bd7d929fac0cd415c7e8f7886782dcd324ef Mon Sep 17 00:00:00 2001
 From: Andrew Deason <adeason@sinenomine.net>
 Date: Thu, 18 Jul 2019 22:56:48 -0500
-Subject: [PATCH 2/5] LINUX: Make sysctl definitions more concise
+Subject: [PATCH 2/6] LINUX: Make sysctl definitions more concise
 
 Our sysctl definitions are quite verbose, and adding new ones involves
 copying a bunch of lines. Make these a little easier to specify, by
diff --git a/0003-Linux-6.5-Use-register_sysctl.patch b/0003-Linux-6.5-Use-register_sysctl.patch
index aa718cf774c6..aa269d22a9f3 100644
--- a/0003-Linux-6.5-Use-register_sysctl.patch
+++ b/0003-Linux-6.5-Use-register_sysctl.patch
@@ -1,7 +1,7 @@
 From aef0016df74fcd3da0f6cb6622d73cd9ceb77358 Mon Sep 17 00:00:00 2001
 From: Cheyenne Wills <cwills@sinenomine.net>
 Date: Thu, 13 Jul 2023 10:54:22 -0600
-Subject: [PATCH 3/5] Linux 6.5: Use register_sysctl()
+Subject: [PATCH 3/6] Linux 6.5: Use register_sysctl()
 
 The linux 6.5 commit:
     "sysctl: Remove register_sysctl_table" (b8cbc0855a)
diff --git a/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch b/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch
index c7f9c109b887..02be188f3b30 100644
--- a/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch
+++ b/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch
@@ -1,7 +1,7 @@
 From 01d7316f6773591186f606de5e3b12de28bb0cd9 Mon Sep 17 00:00:00 2001
 From: Cheyenne Wills <cwills@sinenomine.net>
 Date: Sun, 9 Jul 2023 18:45:15 -0600
-Subject: [PATCH 4/5] hcrypto: rename abort to _afscrypto_abort
+Subject: [PATCH 4/6] hcrypto: rename abort to _afscrypto_abort
 MIME-Version: 1.0
 Content-Type: text/plain; charset=UTF-8
 Content-Transfer-Encoding: 8bit
diff --git a/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch b/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch
index 97b367583db3..07350c17a2e2 100644
--- a/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch
+++ b/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch
@@ -1,7 +1,7 @@
 From fea2bd506b40543d6d9ec862acafb6622fb97ff8 Mon Sep 17 00:00:00 2001
 From: Cheyenne Wills <cwills@sinenomine.net>
 Date: Tue, 29 Aug 2023 14:58:10 -0600
-Subject: [PATCH 5/5] linux: Replace fop iterate with fop iterate_shared
+Subject: [PATCH 5/6] linux: Replace fop iterate with fop iterate_shared
 
 The Linux 6.5 commit:
   'vfs: get rid of old '->iterate' directory operation' (3e32715496)
diff --git a/0006-dir-Introduce-struct-DirEntryMax.patch b/0006-dir-Introduce-struct-DirEntryMax.patch
new file mode 100644
index 000000000000..3f989fedeef7
--- /dev/null
+++ b/0006-dir-Introduce-struct-DirEntryMax.patch
@@ -0,0 +1,184 @@
+From ffd16089036e05a9db4065eb4d5ae8a217811a78 Mon Sep 17 00:00:00 2001
+From: Mark Vitale <mvitale@sinenomine.net>
+Date: Fri, 15 Sep 2023 15:01:56 -0400
+Subject: [PATCH 6/6] dir: Introduce struct DirEntryMax
+
+Since the introduction of AFS3, the directory package has allocated
+space for each directory entry by allocating a DirEntry struct followed
+by 0-8 contiguous DirEntryX structs, as needed. This is implemented by:
+
+ - afs_dir_NameBlobs    calculates the number of blocks needed
+ - FindBlobs		allocates and returns index of entry
+ - afs_dir_GetBlob	returns pointer to 1st DirEntry struct
+
+After this, we populate DirEntry (and any contiguous DirEntryX blocks)
+with open code.  Most existing code write the entry's name via a string
+copy operation to DirEntry->name, which is only 16 bytes long.  The
+maximum supported directory name is AFSNAMEMAX 256 (+1 for the required
+terminating nul).  Therefore, for dir entry names that are 16 bytes or
+longer, OpenAFS routinely does string copies that look like buffer
+overruns, but are "safe" (barring undefined behavior) due to the
+guaranteed presence of sufficient additional DirEntryX blocks.
+
+Recent changes in the OpenAFS build chain have made this approach no
+longer viable:
+
+1)
+Linux 6.3 commit 439a1bcac648fe9b59210cde8991fb2acf37bdab 'fortify: Use
+__builtin_dynamic_object_size() when available' modified the hardening
+of several kernel string operations when running with
+CONFIG_FORTIFY_SOURCE=y.
+
+2)
+gcc 13 commit 79a89108dd352cd9288f5de35481b1280c7588a5
+'__builtin_dynamic_object_size: Recognize builtin' provides some
+enhancements to _builtin_object_size.  The Linux commit above will now
+use these when the kernel is built with gcc 13.
+
+When OpenAFS is built under Linux 6.3 or higher and gcc 13 or higher,
+the hardened strlcpy will BUG for directory entry names longer than 16
+characters.
+
+Since there are multiple places where OpenAFS writes directory names,
+there are several symptoms that may manifest.  However, the first one is
+usually a kernel BUG at cache manager initialization if running with
+afsd -dynroot _and_ there are any cell names 15 characters or longer in
+the client CellServDB.  (A 15-character cellname reaches the 16
+character limit when -dyrnoot adds the RW mountpoint ".<cellname>".)
+
+Create a new overlay struct - DirEntryMax - with a name size of
+AFSNAMEMAX + 1.  Whenever we write a directory name, cast the existing
+DirEntry pointer to DirEntryMax so that any hardening will be satisfied
+that there is sufficient space for the name.  However, the actual
+guarantee that this is true is still provided by the OpenAFS directory
+routines mentioned above - all of these remain unchanged.
+
+Change-Id: I6da5c6c295f051be90017084e5b3a3ef24d1271f
+---
+ src/afs/LINUX/osi_vnodeops.c |  4 ++--
+ src/afs/afs_dynroot.c        |  4 ++--
+ src/dir/dir.c                |  4 ++--
+ src/dir/dir.h                | 34 +++++++++++++++++++++++++++++++++-
+ 4 files changed, 39 insertions(+), 7 deletions(-)
+
+diff --git a/src/afs/LINUX/osi_vnodeops.c b/src/afs/LINUX/osi_vnodeops.c
+index fb62752e6..4e33a189e 100644
+--- a/src/afs/LINUX/osi_vnodeops.c
++++ b/src/afs/LINUX/osi_vnodeops.c
+@@ -426,7 +426,7 @@ afs_linux_readdir(struct file *fp, void *dirbuf, filldir_t filldir)
+     int code;
+     int offset;
+     afs_int32 dirpos;
+-    struct DirEntry *de;
++    struct DirEntryMax *de;
+     struct DirBuffer entry;
+     ino_t ino;
+     int len;
+@@ -531,7 +531,7 @@ afs_linux_readdir(struct file *fp, void *dirbuf, filldir_t filldir)
+ 	    goto unlock_out;
+         }
+ 
+-	de = (struct DirEntry *)entry.data;
++	de = entry.data;
+ 	ino = afs_calc_inum (avc->f.fid.Cell, avc->f.fid.Fid.Volume,
+ 			     ntohl(de->fid.vnode));
+ 	len = strlen(de->name);
+diff --git a/src/afs/afs_dynroot.c b/src/afs/afs_dynroot.c
+index 281b168eb..79f5d9254 100644
+--- a/src/afs/afs_dynroot.c
++++ b/src/afs/afs_dynroot.c
+@@ -228,7 +228,7 @@ afs_dynroot_addDirEnt(struct DirHeader *dirHeader, int *curPageP,
+ {
+     char *dirBase = (char *)dirHeader;
+     struct PageHeader *pageHeader;
+-    struct DirEntry *dirEntry;
++    struct DirEntryMax *dirEntry;
+     int sizeOfEntry, i, t1, t2;
+     int curPage = *curPageP;
+     int curChunk = *curChunkP;
+@@ -257,7 +257,7 @@ afs_dynroot_addDirEnt(struct DirHeader *dirHeader, int *curPageP,
+ 	dirHeader->alloMap[curPage] = EPP - 1;
+     }
+ 
+-    dirEntry = (struct DirEntry *)(pageHeader + curChunk);
++    dirEntry = (struct DirEntryMax *)(pageHeader + curChunk);
+     dirEntry->flag = 1;
+     dirEntry->length = 0;
+     dirEntry->next = 0;
+diff --git a/src/dir/dir.c b/src/dir/dir.c
+index bc5bb046d..b31a9ac46 100644
+--- a/src/dir/dir.c
++++ b/src/dir/dir.c
+@@ -99,7 +99,7 @@ afs_dir_Create(dir_file_t dir, char *entry, void *voidfid)
+     int blobs, firstelt;
+     int i;
+     struct DirBuffer entrybuf, prevbuf, headerbuf;
+-    struct DirEntry *ep;
++    struct DirEntryMax *ep;
+     struct DirHeader *dhp;
+     int code;
+     size_t rlen;
+@@ -127,7 +127,7 @@ afs_dir_Create(dir_file_t dir, char *entry, void *voidfid)
+     /* First, we fill in the directory entry. */
+     if (afs_dir_GetBlob(dir, firstelt, &entrybuf) != 0)
+ 	return EIO;
+-    ep = (struct DirEntry *)entrybuf.data;
++    ep = entrybuf.data;
+ 
+     ep->flag = FFIRST;
+     ep->fid.vnode = htonl(vfid[1]);
+diff --git a/src/dir/dir.h b/src/dir/dir.h
+index f5c8eef42..a26dab0c0 100644
+--- a/src/dir/dir.h
++++ b/src/dir/dir.h
+@@ -11,6 +11,8 @@
+ 
+ #define __AFS_DIR_H
+ 
++#include <afs/afsint.h>
++
+ #define AFS_PAGESIZE 2048	/* bytes per page */
+ #define NHASHENT 128		/* entries in the hash tbl */
+ #define MAXPAGES 128		/* max pages in a dir */
+@@ -51,7 +53,37 @@ struct DirHeader {
+     unsigned short hashTable[NHASHENT];
+ };
+ 
+-struct DirEntry {
++/*
++ * This struct is just a copy of DirEntry with the maximum supported name
++ * length.  It provides a more logical view of a maximum directory entry name
++ * which consists of a DirEntry struct followed by 8 consecutive DirEntryX
++ * structs.
++ *
++ * Using this helps us convince safety-minded string functions (e.g.
++ * CONFIG_FORTIFY_SOURCE) that an OpenAFS directory entry name really does fit
++ * in the allotted space, and thus avoid undefined behavior.
++ *
++ * NOTE: The size of name[] should be considered an upper bound for the current
++ * users of the directory package. (The directory package limit for an entry
++ * are actually much higher; up to an entire directory page.)  However, the
++ * actual amount of space available/allocated for a given directory entry name
++ * may often be smaller.
++ */
++struct DirEntryMax {
++    /* A directory entry - the biggest. */
++    char flag;
++    char length;
++    unsigned short next;
++    struct MKFid fid;
++    char name[AFSNAMEMAX + 1];	/* max possible plus terminating NUL */
++};
++
++/*
++ * This struct formerly described the format of directory entries in AFS2.
++ * Since the introduction of DirEntryX in AFS3, DirEntry merely describes the
++ * minimum possible directory entry.
++*/
++ struct DirEntry {
+     /* A directory entry */
+     char flag;
+     char length;		/* currently unused */
+-- 
+2.42.0
+
diff --git a/PKGBUILD b/PKGBUILD
index b5483b6b779b..4c3f403459a7 100644
--- a/PKGBUILD
+++ b/PKGBUILD
@@ -7,7 +7,7 @@
 pkgname=openafs-modules-dkms
 _srcname=openafs
 pkgver=1.8.10
-pkgrel=3
+pkgrel=4
 pkgdesc="Kernel module for OpenAFS (dkms)"
 arch=('i686' 'x86_64' 'armv7h')
 url="http://www.openafs.org"
@@ -22,14 +22,16 @@ source=(http://openafs.org/dl/openafs/${pkgver}/${_srcname}-${pkgver}-src.tar.bz
         0002-LINUX-Make-sysctl-definitions-more-concise.patch
         0003-Linux-6.5-Use-register_sysctl.patch
         0004-hcrypto-rename-abort-to-_afscrypto_abort.patch
-        0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch)
+        0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch
+        0006-dir-Introduce-struct-DirEntryMax.patch)
 sha256sums=('9fec11364623549e8db7374072f5c8f01b841f6bfe7e85673cbce35ff43ffb07'
             '5ea5e184f9b44f5ed45817d2b5a10149d15c8c54f49e0b5b4b773652673cb9b0'
-            '81f3cf88040eee89ed180d683ba1a42107ea4a6c7057fd3dac679be9a9a9ab01'
-            '873c2b3816eed95e1799954d299e4411aa8079f267077dc1a3a3c564d3e2524c'
-            'da4b625e6885ae9bccc7428b1556751ea134510540e59fa4e8170cfba4d454dc'
-            '42d2363ac0bcd5e87afc60ac656bb1ead8ab885d0deca6b0f8318b9bbf191b67'
-            '05a52fcc975b940cf15ba78ec2f76c00580f2db939bea32bcd99ef4c1dfdad1b')
+            'e27ff48ca676ac8d4dc95209bd3b84fe13bb14861aa4a0e0776f3dfe7559ffab'
+            '4e71ad2009125187632cdb48b2d5eccc9bcaa8ab0733751fed432cfe661ea86e'
+            'daaa1361d5db967bd8b72fff4038cfc933a7027e3c70d10ef6ff673a5d176cb6'
+            '40e50688a2d4d85eb9b971aaa8563e577db15550aa56c44eab8fe2a688d3f013'
+            'c0792690ed273ce464966b22e36ca431196a913ded6f0def4a46154076fd0eff'
+            'be7e1b0304ff61ed899286fdd18ebdbe71cbbe3eb20f6ac38c5799083b339a4a')
 
 prepare() {
   cd "${srcdir}/${_srcname}-${pkgver}"
@@ -40,6 +42,7 @@ prepare() {
   patch -p1 < "${srcdir}"/0003-Linux-6.5-Use-register_sysctl.patch
   patch -p1 < "${srcdir}"/0004-hcrypto-rename-abort-to-_afscrypto_abort.patch
   patch -p1 < "${srcdir}"/0005-linux-Replace-fop-iterate-with-fop-iterate_shared.patch
+  patch -p1 < "${srcdir}"/0006-dir-Introduce-struct-DirEntryMax.patch
 
   # Only needed when changes to configure were made
   ./regen.sh -q