)]}'
{
  "commit": "dcc7013aa87a32bfa53ae80dfd1d6a23558d57be",
  "tree": "e52382ffe6a0eff289a192d411457afaf506f232",
  "parents": [
    "d7c2e55be4e9ef2783d01ad062ef8c65521a3411"
  ],
  "author": {
    "name": "Christoph Hellwig",
    "email": "hch@lst.de",
    "time": "Tue Apr 30 06:07:55 2024 +0200"
  },
  "committer": {
    "name": "COS Cherry Picker",
    "email": "cloud-image-release@prod.google.com",
    "time": "Fri Aug 09 15:38:23 2024 -0700"
  },
  "message": "xfs: fix log recovery buffer allocation for the legacy h_size fixup\n\n[ Upstream commit 45cf976008ddef4a9c9a30310c9b4fb2a9a6602a ]\n\nNote: The upstream commit was adjusted to use kmem_free instead of\nkvfree since kmem_free was used in xfs_log_recover.c until commit\n49292576136f (xfs: convert kmem_free() for kvmalloc users to\nkvfree()), and the remainder of the file still uses kmem_free.\n\nCommit a70f9fe52daa (\"xfs: detect and handle invalid iclog size set by\nmkfs\") added a fixup for incorrect h_size values used for the initial\numount record in old xfsprogs versions.  Later commit 0c771b99d6c9\n(\"xfs: clean up calculation of LR header blocks\") cleaned up the log\nreover buffer calculation, but stoped using the fixed up h_size value\nto size the log recovery buffer, which can lead to an out of bounds\naccess when the incorrect h_size does not come from the old mkfs\ntool, but a fuzzer.\n\nFix this by open coding xlog_logrec_hblks and taking the fixed h_size\ninto account for this calculation.\n\nBUG\u003db/352003129\nTEST\u003dpresubmit, xfstests on stable kernel\nRELEASE_NOTE\u003dFixed CVE-2024-39472 in the linux kernel\n\ncos-patch: security-moderate\nFixes: 0c771b99d6c9 (\"xfs: clean up calculation of LR header blocks\")\nReported-by: Sam Sun \u003csamsun1006219@gmail.com\u003e\nChange-Id: I1fc6411763005d2d199f98ed78bb64983fb0e99a\nSigned-off-by: Christoph Hellwig \u003chch@lst.de\u003e\nReviewed-by: Brian Foster \u003cbfoster@redhat.com\u003e\nReviewed-by: \"Darrick J. Wong\" \u003cdjwong@kernel.org\u003e\nSigned-off-by: Chandan Babu R \u003cchandanbabu@kernel.org\u003e\nReviewed-on: https://cos-review.googlesource.com/c/third_party/kernel/+/78480\nReviewed-by: Oleksandr Tymoshenko \u003covt@google.com\u003e\nMain-Branch-Verified: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\nTested-by: Cusky Presubmit Bot \u003cpresubmit@cos-infra-prod.iam.gserviceaccount.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "3d844a250b710b338024e1fdbce2e09521a13de6",
      "old_mode": 33188,
      "old_path": "fs/xfs/xfs_log_recover.c",
      "new_id": "705cd5a60fbc9379948a7bee3e72b201fa881b69",
      "new_mode": 33188,
      "new_path": "fs/xfs/xfs_log_recover.c"
    }
  ]
}