[OpenAFS] A seemingly 1.8.8 issue solved with 1.8.9

Tue, 25 Apr 2023 08:43:05 -0700

This was going to be a "help" email, but it seems that 1.8.9 has fixed our problem, but FYI ...
Today we spotted that running "cmdebug localhost" on an Ubuntu Focal AFS client, running 5.15.0-69-generic kernel and OpenAFS 1.8.8, caused a kernel BUG: 

[377108.332077] detected buffer overflow in strcpy
[377108.334393] ------------[ cut here ]------------
[377108.336586] kernel BUG at lib/string.c:1165!
[377108.338662] invalid opcode: 0000 [#1] SMP PTI

[377108.340754] CPU: 0 PID: 5192 Comm: afs_callback Tainted: P 
OE     5.15.0-69-generic #76~20.04.1-Ubuntu

[377108.342605] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011
[377108.342605] RIP: 0010:fortify_panic+0x13/0x15
...
[377108.342605] Call Trace:
[377108.342605]  <TASK>
[377108.342605]  SRXAFSCB_GetLock.cold+0xc/0x37 [openafs]
[377108.342605]  RXAFSCB_ExecuteRequest+0x200/0xb60 [openafs]
...


which left the machine unusable. Worse than that, it could be triggered 
remotely by "cmdebug <vulnerable machine>".


However, upgrading to 1.8.9 seems to have fixed things.

Thanks,

Neil


FFYI, these were our version numbers before and after. I'm not responsible 
for the rebuilding, but I believe we just take the Ubuntu shipped Source 
packages, and rebuild them as is in our environment.


1.8.8

libafsauthent2/focal,now 1.8.8.1-3.inf amd64
libafsrpc2/focal,now 1.8.8.1-3.inf amd64
libkopenafs2/focal,now 1.8.8.1-3.inf amd64
openafs-client/focal,now 1.8.8.1-3.inf amd64
openafs-doc/focal,focal,now 1.8.8.1-3.inf all
openafs-krb5/focal,now 1.8.8.1-3.inf amd64
openafs-modules-5.15.0-69-generic/focal,now 1.8.8.1 amd64

1.8.9

libafsauthent2/focal,now 1.8.9-0.inf amd64
libafsrpc2/focal,now 1.8.9-0.inf amd64
libkopenafs2/focal,now 1.8.9-0.inf amd64
openafs-client/focal,now 1.8.9-0.inf amd64
openafs-doc/focal,now 1.8.9-0.inf all
openafs-krb5/focal,now 1.8.9-0.inf amd64
openafs-modules-5.15.0-69-generic/focal,now 1.8.9 amd64


Our SL7 machines running the same 1.8.8 on a 3.10.0-1160.83.1 kernel were 
unaffected.


--
 Neil Brown - Computing Officer - Appleton Tower 7.12a | Neil.Brown @ ed. ac.uk
 School of Informatics, University of Edinburgh        | Tel: +44 131 6504422
_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info






















					Reply via email to