From b088a60fb9c5b11e61e4dff46048b904cd03a218 Mon Sep 17 00:00:00 2001
From: Blazej Kucman <blazej.kucman@intel.com>
Date: Fri, 3 Dec 2021 15:31:15 +0100
Subject: [PATCH 1/2] mdadm: block creation with long names

This fixes buffer overflows in create_mddev(). It prohibits
creation with not supported names for DDF and native. For IMSM,
mdadm will do silent cut to 16 later.

Conflict:NA
Reference:https://git.kernel.org/pub/scm/utils/mdadm/mdadm.git//commit?id=ced5fa8b170ad448f4076e24a10c731b5cfb36ce

Signed-off-by: Mariusz Tkaczyk <mariusz.tkaczyk@linux.intel.com>
Signed-off-by: Blazej Kucman <blazej.kucman@intel.com>
Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
 mdadm.8.in | 5 +++++
 mdadm.c    | 9 ++++++++-
 mdadm.h    | 5 +++++
 3 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/mdadm.8.in b/mdadm.8.in
index 9aec9f4..58614fd 100644
--- a/mdadm.8.in
+++ b/mdadm.8.in
@@ -2129,6 +2129,11 @@ is run, but will be created by
 .I udev
 once the array becomes active.
 
+The max length md-device name is limited to 32 characters.
+Different metadata types have more strict limitation
+(like IMSM where only 16 characters are allowed).
+For that reason, long name could be truncated or rejected, it depends on metadata policy.
+
 As devices are added, they are checked to see if they contain RAID
 superblocks or filesystems.  They are also checked to see if the variance in
 device size exceeds 1%.
diff --git a/mdadm.c b/mdadm.c
index 25a1abd..cb45b59 100644
--- a/mdadm.c
+++ b/mdadm.c
@@ -1354,9 +1354,16 @@ int main(int argc, char *argv[])
 			mdfd = open_mddev(devlist->devname, 1);
 			if (mdfd < 0)
 				exit(1);
-		} else
+		} else {
+			char *bname = basename(devlist->devname);
+
+			if (strlen(bname) > MD_NAME_MAX) {
+				pr_err("Name %s is too long.\n", devlist->devname);
+				exit(1);
+			}
 			/* non-existent device is OK */
 			mdfd = open_mddev(devlist->devname, 0);
+		}
 		if (mdfd == -2) {
 			pr_err("device %s exists but is not an md array.\n", devlist->devname);
 			exit(1);
diff --git a/mdadm.h b/mdadm.h
index 387e681..e25d8a2 100644
--- a/mdadm.h
+++ b/mdadm.h
@@ -1793,3 +1793,8 @@ char *xstrdup(const char *str);
 #define INVALID_SECTORS 1
 /* And another special number needed for --data_offset=variable */
 #define VARIABLE_OFFSET 3
+
+/**
+ * This is true for native and DDF, IMSM allows 16.
+ */
+#define MD_NAME_MAX 32
-- 
1.8.3.1