Message ID | CAH2r5muwc3pMTSyvw1eMjh++CvhY0yN7ONxgF0Md-1S_F_0Yvw@mail.gmail.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Hi Steve, On 3/11/18 8:05 PM, Steve French wrote: > Attached backport version of my "validate negotiate must always be > signed" patch for 4.9 ran into another problem (oops in the signing > code) - so we may be missing more than one patch in the 4.9 backport > (more generally for signing). > This patch looks just like the one I had posted in my very first mail on that other thread, so I suspect that the oops is also the same as the one I had reported in that same email: https://lkml.org/lkml/2018/1/3/892 Following that, I had tried backporting other patches to 4.4 and 4.9 based on suggestions from Aurelien, but unfortunately that hadn't worked out either, as reported here: https://lkml.org/lkml/2018/1/29/1009 Regards, Srivatsa > > > 0001-kernel-v4.9-version-of-SMB3-Validate-negotiate-request-must-always-be-signe.patch > > > From 453d6e152e5b63d7dbde6116771e1648757b6a53 Mon Sep 17 00:00:00 2001 > From: Steve French <smfrench@gmail.com> > Date: Sun, 11 Mar 2018 20:00:27 -0700 > Subject: [PATCH] SMB3: Validate negotiate request must always be signed > > According to MS-SMB2 3.2.55 validate_negotiate request must > always be signed. Some Windows can fail the request if you send it unsigned > > See kernel bugzilla bug 197311 > > [Patch fixed up for kernel version 4.9] > > CC: Stable <stable@vger.kernel.org> > Acked-by: Ronnie Sahlberg <lsahlber.redhat.com> > Signed-off-by: Steve French <smfrench@gmail.com> > --- > fs/cifs/smb2pdu.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c > index 94c4c1901222..4c2eaf05a6a4 100644 > --- a/fs/cifs/smb2pdu.c > +++ b/fs/cifs/smb2pdu.c > @@ -1712,6 +1712,9 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, > } else > iov[0].iov_len = get_rfc1002_length(req) + 4; > > + /* validate negotiate request must be signed - see MS-SMB2 3.2.5.5 */ > + if (opcode == FSCTL_VALIDATE_NEGOTIATE_INFO) > + req->hdr.Flags |= SMB2_FLAGS_SIGNED; > > rc = SendReceive2(xid, ses, iov, num_iovecs, &resp_buftype, 0); > rsp = (struct smb2_ioctl_rsp *)iov[0].iov_base; > -- 2.14.1 > -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
From 453d6e152e5b63d7dbde6116771e1648757b6a53 Mon Sep 17 00:00:00 2001 From: Steve French <smfrench@gmail.com> Date: Sun, 11 Mar 2018 20:00:27 -0700 Subject: [PATCH] SMB3: Validate negotiate request must always be signed According to MS-SMB2 3.2.55 validate_negotiate request must always be signed. Some Windows can fail the request if you send it unsigned See kernel bugzilla bug 197311 [Patch fixed up for kernel version 4.9] CC: Stable <stable@vger.kernel.org> Acked-by: Ronnie Sahlberg <lsahlber.redhat.com> Signed-off-by: Steve French <smfrench@gmail.com> --- fs/cifs/smb2pdu.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/fs/cifs/smb2pdu.c b/fs/cifs/smb2pdu.c index 94c4c1901222..4c2eaf05a6a4 100644 --- a/fs/cifs/smb2pdu.c +++ b/fs/cifs/smb2pdu.c @@ -1712,6 +1712,9 @@ SMB2_ioctl(const unsigned int xid, struct cifs_tcon *tcon, u64 persistent_fid, } else iov[0].iov_len = get_rfc1002_length(req) + 4; + /* validate negotiate request must be signed - see MS-SMB2 3.2.5.5 */ + if (opcode == FSCTL_VALIDATE_NEGOTIATE_INFO) + req->hdr.Flags |= SMB2_FLAGS_SIGNED; rc = SendReceive2(xid, ses, iov, num_iovecs, &resp_buftype, 0); rsp = (struct smb2_ioctl_rsp *)iov[0].iov_base; -- 2.14.1