[v5,13/20] ksmbd: remove ksmbd_verify_smb_message()

Message ID	20211001120421.327245-14-slow@samba.org (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-cifs-owner@kernel.org> From: Ralph Boehme <slow@samba.org> To: linux-cifs@vger.kernel.org Cc: Ralph Boehme <slow@samba.org>, Namjae Jeon <linkinjeon@kernel.org>, Tom Talpey <tom@talpey.com>, Ronnie Sahlberg <ronniesahlberg@gmail.com>, Steve French <smfrench@gmail.com>, Hyunchul Lee <hyc.lee@gmail.com> Subject: [PATCH v5 13/20] ksmbd: remove ksmbd_verify_smb_message() Date: Fri, 1 Oct 2021 14:04:14 +0200 Message-Id: <20211001120421.327245-14-slow@samba.org> In-Reply-To: <20211001120421.327245-1-slow@samba.org> References: <20211001120421.327245-1-slow@samba.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	Buffer validation patches \| expand [v5,00/20] Buffer validation patches [v5,01/20] ksmbd: add the check to vaildate if stream protocol length exceeds maximum value [v5,02/20] ksmbd: add validation in smb2_ioctl [v5,03/20] ksmbd: use correct basic info level in set_file_basic_info() [v5,04/20] ksmbd: add request buffer validation in smb2_set_info [v5,05/20] ksmbd: check strictly data area in ksmbd_smb2_check_message() [v5,06/20] ksmbd: add validation in smb2 negotiate [v5,07/20] ksmbd: add buffer validation for SMB2_CREATE_CONTEXT [v5,08/20] ksmbd: remove the leftover of smb2.0 dialect support [v5,09/20] ksmbd: remove NTLMv1 authentication [v5,10/20] ksmbd: fix transform header validation [v5,11/20] ksmbd: use ksmbd_req_buf_next() in ksmbd_smb2_check_message() [v5,12/20] ksmbd: use ksmbd_req_buf_next() in ksmbd_verify_smb_message() [v5,13/20] ksmbd: remove ksmbd_verify_smb_message() [v5,14/20] ksmbd: add ksmbd_smb2_cur_pdu_buflen() [v5,15/20] ksmbd: use ksmbd_smb2_cur_pdu_buflen() in ksmbd_smb2_check_message() [v5,16/20] ksmbd: check PDU len is at least header plus body size in ksmbd_smb2_check_message() [v5,17/20] ksmdb: use cmd helper variable in smb2_get_ksmbd_tcon() [v5,18/20] ksmdb: make smb2_get_ksmbd_tcon() callable with chained PDUs [v5,19/20] ksmbd: make smb2_check_user_session() callabe for compound PDUs [v5,20/20] ksmdb: move session and tcon validation to ksmbd_smb2_check_message()

Message ID

20211001120421.327245-14-slow@samba.org (mailing list archive)

State

New, archived

Headers

From: Ralph Boehme <slow@samba.org>
To: linux-cifs@vger.kernel.org
Cc: Ralph Boehme <slow@samba.org>, Namjae Jeon <linkinjeon@kernel.org>,
        Tom Talpey <tom@talpey.com>,
        Ronnie Sahlberg <ronniesahlberg@gmail.com>,
        Steve French <smfrench@gmail.com>,
        Hyunchul Lee <hyc.lee@gmail.com>
Subject: [PATCH v5 13/20] ksmbd: remove ksmbd_verify_smb_message()
Date: Fri,  1 Oct 2021 14:04:14 +0200
Message-Id: <20211001120421.327245-14-slow@samba.org>
In-Reply-To: <20211001120421.327245-1-slow@samba.org>
References: <20211001120421.327245-1-slow@samba.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Precedence: bulk

Series

Buffer validation patches | expand

Commit Message

Ralph Boehme Oct. 1, 2021, 12:04 p.m. UTC

Another leftover from SMB1 support. Remove it and use ksmbd_verify_smb_message()
directly in __process_request().

Cc: Namjae Jeon <linkinjeon@kernel.org>
Cc: Tom Talpey <tom@talpey.com>
Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com>
Cc: Steve French <smfrench@gmail.com>
Cc: Hyunchul Lee <hyc.lee@gmail.com>
Signed-off-by: Ralph Boehme <slow@samba.org>
---
 fs/ksmbd/server.c     |  2 +-
 fs/ksmbd/smb_common.c | 24 ------------------------
 fs/ksmbd/smb_common.h |  1 -
 3 files changed, 1 insertion(+), 26 deletions(-)

Comments

Namjae Jeon Oct. 2, 2021, 5:46 a.m. UTC | #1

2021-10-01 21:04 GMT+09:00, Ralph Boehme <slow@samba.org>:
> Another leftover from SMB1 support. Remove it and use
> ksmbd_verify_smb_message()
> directly in __process_request().
>
> Cc: Namjae Jeon <linkinjeon@kernel.org>
> Cc: Tom Talpey <tom@talpey.com>
> Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com>
> Cc: Steve French <smfrench@gmail.com>
> Cc: Hyunchul Lee <hyc.lee@gmail.com>
> Signed-off-by: Ralph Boehme <slow@samba.org>
> ---
>  fs/ksmbd/server.c     |  2 +-
>  fs/ksmbd/smb_common.c | 24 ------------------------
>  fs/ksmbd/smb_common.h |  1 -
>  3 files changed, 1 insertion(+), 26 deletions(-)
>
> diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
> index 2a2b2135bfde..328c4225cec1 100644
> --- a/fs/ksmbd/server.c
> +++ b/fs/ksmbd/server.c
> @@ -114,7 +114,7 @@ static int __process_request(struct ksmbd_work *work,
> struct ksmbd_conn *conn,
>  	if (check_conn_state(work))
>  		return SERVER_HANDLER_CONTINUE;
>
> -	if (ksmbd_verify_smb_message(work))
> +	if (ksmbd_smb2_check_message(work))
>  		return SERVER_HANDLER_ABORT;
>
>  	command = conn->ops->get_cmd_val(work);
> diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
> index e1e5a071678e..4a283cd6d6e1 100644
> --- a/fs/ksmbd/smb_common.c
> +++ b/fs/ksmbd/smb_common.c
> @@ -122,30 +122,6 @@ int ksmbd_lookup_protocol_idx(char *str)
>  	return -1;
>  }
>
> -/**
> - * ksmbd_verify_smb_message() - check for valid smb2 request header
> - * @work:	smb work
> - *
> - * check for valid smb signature and packet direction(request/response)
> - *
> - * Return:      0 on success, otherwise -EINVAL
> - */
> -int ksmbd_verify_smb_message(struct ksmbd_work *work)
> -{
> -	struct smb2_hdr *smb2_hdr = ksmbd_req_buf_next(work);
> -	struct smb_hdr *hdr;
> -
> -	if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
> -		return ksmbd_smb2_check_message(work);
> -
> -	hdr = work->request_buf;
> -	if (*(__le32 *)hdr->Protocol == SMB1_PROTO_NUMBER &&
> -	    hdr->Command == SMB_COM_NEGOTIATE)
> -		return 0;
smb1 negotiate is needed for windows connection. Have you tested with
windows client ?

> -
> -	return -EINVAL;
> -}
> -
>  /**
>   * ksmbd_smb_request() - check for valid smb request type
>   * @conn:	connection instance
> diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
> index 6e79e7577f6b..782c06292020 100644
> --- a/fs/ksmbd/smb_common.h
> +++ b/fs/ksmbd/smb_common.h
> @@ -488,7 +488,6 @@ int ksmbd_max_protocol(void);
>
>  int ksmbd_lookup_protocol_idx(char *str);
>
> -int ksmbd_verify_smb_message(struct ksmbd_work *work);
>  bool ksmbd_smb_request(struct ksmbd_conn *conn);
>
>  int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16
> dialects_count);
> --
> 2.31.1
>
>

Ralph Boehme Oct. 2, 2021, 12:05 p.m. UTC | #2

Am 02.10.21 um 07:46 schrieb Namjae Jeon:
> 2021-10-01 21:04 GMT+09:00, Ralph Boehme <slow@samba.org>:
>> Another leftover from SMB1 support. Remove it and use
>> ksmbd_verify_smb_message()
>> directly in __process_request().
>>
>> Cc: Namjae Jeon <linkinjeon@kernel.org>
>> Cc: Tom Talpey <tom@talpey.com>
>> Cc: Ronnie Sahlberg <ronniesahlberg@gmail.com>
>> Cc: Steve French <smfrench@gmail.com>
>> Cc: Hyunchul Lee <hyc.lee@gmail.com>
>> Signed-off-by: Ralph Boehme <slow@samba.org>
>> ---
>>   fs/ksmbd/server.c     |  2 +-
>>   fs/ksmbd/smb_common.c | 24 ------------------------
>>   fs/ksmbd/smb_common.h |  1 -
>>   3 files changed, 1 insertion(+), 26 deletions(-)
>>
>> diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
>> index 2a2b2135bfde..328c4225cec1 100644
>> --- a/fs/ksmbd/server.c
>> +++ b/fs/ksmbd/server.c
>> @@ -114,7 +114,7 @@ static int __process_request(struct ksmbd_work *work,
>> struct ksmbd_conn *conn,
>>   	if (check_conn_state(work))
>>   		return SERVER_HANDLER_CONTINUE;
>>
>> -	if (ksmbd_verify_smb_message(work))
>> +	if (ksmbd_smb2_check_message(work))
>>   		return SERVER_HANDLER_ABORT;
>>
>>   	command = conn->ops->get_cmd_val(work);
>> diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
>> index e1e5a071678e..4a283cd6d6e1 100644
>> --- a/fs/ksmbd/smb_common.c
>> +++ b/fs/ksmbd/smb_common.c
>> @@ -122,30 +122,6 @@ int ksmbd_lookup_protocol_idx(char *str)
>>   	return -1;
>>   }
>>
>> -/**
>> - * ksmbd_verify_smb_message() - check for valid smb2 request header
>> - * @work:	smb work
>> - *
>> - * check for valid smb signature and packet direction(request/response)
>> - *
>> - * Return:      0 on success, otherwise -EINVAL
>> - */
>> -int ksmbd_verify_smb_message(struct ksmbd_work *work)
>> -{
>> -	struct smb2_hdr *smb2_hdr = ksmbd_req_buf_next(work);
>> -	struct smb_hdr *hdr;
>> -
>> -	if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
>> -		return ksmbd_smb2_check_message(work);
>> -
>> -	hdr = work->request_buf;
>> -	if (*(__le32 *)hdr->Protocol == SMB1_PROTO_NUMBER &&
>> -	    hdr->Command == SMB_COM_NEGOTIATE)
>> -		return 0;
> smb1 negotiate is needed for windows connection. Have you tested with
> windows client ?

d'oh! You're right. Guess I got in a frenzy to remove more SMB1 stuff. :)

-slow

Jeremy Allison Oct. 3, 2021, 11:37 p.m. UTC | #3

On Sat, Oct 02, 2021 at 02:46:16PM +0900, Namjae Jeon wrote:

>smb1 negotiate is needed for windows connection. Have you tested with
>windows client ?

Isn't this only needed for Win7 upgrading a connection from
SMB1 -> SMB2 on initial connect. I don't think Win8 and above
need this.

Is this as far back as we want to support ?

Namjae Jeon Oct. 4, 2021, 12:47 a.m. UTC | #4

2021-10-04 8:37 GMT+09:00, Jeremy Allison <jra@samba.org>:
> On Sat, Oct 02, 2021 at 02:46:16PM +0900, Namjae Jeon wrote:
>
>>smb1 negotiate is needed for windows connection. Have you tested with
>>windows client ?
>
Hi Jeremy,
> Isn't this only needed for Win7 upgrading a connection from
> SMB1 -> SMB2 on initial connect. I don't think Win8 and above
> need this.
>
> Is this as far back as we want to support ?
Win10 still send smb1 negotiate request for auto negotiation.

Thanks!
>

diff --git a/fs/ksmbd/server.c b/fs/ksmbd/server.c
index 2a2b2135bfde..328c4225cec1 100644
--- a/fs/ksmbd/server.c
+++ b/fs/ksmbd/server.c
@@ -114,7 +114,7 @@  static int __process_request(struct ksmbd_work *work, struct ksmbd_conn *conn,
 	if (check_conn_state(work))
 		return SERVER_HANDLER_CONTINUE;
 
-	if (ksmbd_verify_smb_message(work))
+	if (ksmbd_smb2_check_message(work))
 		return SERVER_HANDLER_ABORT;
 
 	command = conn->ops->get_cmd_val(work);
diff --git a/fs/ksmbd/smb_common.c b/fs/ksmbd/smb_common.c
index e1e5a071678e..4a283cd6d6e1 100644
--- a/fs/ksmbd/smb_common.c
+++ b/fs/ksmbd/smb_common.c
@@ -122,30 +122,6 @@  int ksmbd_lookup_protocol_idx(char *str)
 	return -1;
 }
 
-/**
- * ksmbd_verify_smb_message() - check for valid smb2 request header
- * @work:	smb work
- *
- * check for valid smb signature and packet direction(request/response)
- *
- * Return:      0 on success, otherwise -EINVAL
- */
-int ksmbd_verify_smb_message(struct ksmbd_work *work)
-{
-	struct smb2_hdr *smb2_hdr = ksmbd_req_buf_next(work);
-	struct smb_hdr *hdr;
-
-	if (smb2_hdr->ProtocolId == SMB2_PROTO_NUMBER)
-		return ksmbd_smb2_check_message(work);
-
-	hdr = work->request_buf;
-	if (*(__le32 *)hdr->Protocol == SMB1_PROTO_NUMBER &&
-	    hdr->Command == SMB_COM_NEGOTIATE)
-		return 0;
-
-	return -EINVAL;
-}
-
 /**
  * ksmbd_smb_request() - check for valid smb request type
  * @conn:	connection instance
diff --git a/fs/ksmbd/smb_common.h b/fs/ksmbd/smb_common.h
index 6e79e7577f6b..782c06292020 100644
--- a/fs/ksmbd/smb_common.h
+++ b/fs/ksmbd/smb_common.h
@@ -488,7 +488,6 @@  int ksmbd_max_protocol(void);
 
 int ksmbd_lookup_protocol_idx(char *str);
 
-int ksmbd_verify_smb_message(struct ksmbd_work *work);
 bool ksmbd_smb_request(struct ksmbd_conn *conn);
 
 int ksmbd_lookup_dialect_by_id(__le16 *cli_dialects, __le16 dialects_count);

[v5,13/20] ksmbd: remove ksmbd_verify_smb_message()

Commit Message

Comments

Patch